Dirk Lemstra

25 exploits Active since Mar 2017
CVE-2026-27799 WRITEUP MEDIUM WRITEUP
ImageMagick <7.1.2-15/6.9.13-40 - Buffer Overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride (row size) for pixel buffer allocation. The stride calculation overflows a 32-bit signed integer, resulting in an out-of-bounds memory reads. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
CVSS 4.0
CVE-2026-25576 WRITEUP MEDIUM WRITEUP
ImageMagick <7.1.2-15/6.9.13-40 - Buffer Overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larger than -size dimensions, causing out-of-bounds memory reads from a heap-allocated buffer. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
CVSS 5.1
CVE-2026-25637 WRITEUP MEDIUM WRITEUP
ImageMagick <7.1.2-15 - Memory Corruption
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak in the ASHLAR image writer allows an attacker to exhaust process memory by providing a crafted image that results in small objects that are allocated but never freed. Version 7.1.2-15 contains a patch.
CVSS 5.3
CVE-2017-11447 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.0.6-0 - Resource Leak
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
CVSS 6.5
CVE-2017-17499 WRITEUP CRITICAL WRITEUP
Imagemagick < 7.0.7-12 - Use After Free
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
CVSS 9.8
CVE-2017-5507 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.7-3 - Resource Leak
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
CVSS 7.5
CVE-2017-5508 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.7-2 - Memory Corruption
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVSS 5.5
CVE-2017-5511 WRITEUP CRITICAL WRITEUP
Imagemagick < 6.9.7-3 - Memory Corruption
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
CVSS 9.8
CVE-2017-6497 WRITEUP HIGH WRITEUP
Imagemagick - NULL Pointer Dereference
An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).
CVSS 7.5
CVE-2017-6499 WRITEUP MEDIUM WRITEUP
Imagemagick - Resource Leak
An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).
CVSS 5.5
CVE-2017-6502 WRITEUP MEDIUM WRITEUP
Imagemagick - Memory Corruption
An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
CVSS 5.5
CVE-2017-9141 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.5-7 - Buffer Overflow
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
CVSS 6.5
CVE-2017-9142 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.5-7 - Buffer Overflow
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
CVSS 6.5
CVE-2017-9143 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.5-5 - DoS
In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
CVSS 6.5
CVE-2017-9499 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.5-7 - DoS
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-9501 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.5-7 - DoS
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2018-1000041 WRITEUP HIGH WRITEUP
GNOME librsvg before 2.41.2 - Information Disclosure
GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.
CVSS 8.8
CVE-2018-16641 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-6 - Memory Corruption
ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.
CVSS 6.5
CVE-2021-39212 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.12-22 - Race Condition
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded by a `module` policy in `policy.xml`. ex. <policy domain="module" rights="none" pattern="PS" />. The issue has been resolved in ImageMagick 7.1.0-7 and in 6.9.12-22. Fortunately, in the wild, few users utilize the `module` policy and instead use the `coder` policy that is also our workaround recommendation: <policy domain="coder" rights="none" pattern="{PS,EPI,EPS,EPSF,EPSI}" />.
CVSS 4.4
CVE-2021-3962 WRITEUP HIGH WRITEUP
Imagemagick - Use After Free
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVSS 7.8
CVE-2023-39978 WRITEUP LOW WRITEUP
Imagemagick < 6.9.12-91 - Memory Leak
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.
CVSS 3.3
CVE-2025-43965 WRITEUP LOW WRITEUP
ImageMagick <7.1.1-44 - Info Disclosure
In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.
CVSS 2.9
CVE-2025-62171 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.13-32 - Integer Overflow
ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c when calculating the extent value by multiplying image columns by bits per pixel. On 32-bit systems with size_t of 4 bytes, a malicious BMP file with specific dimensions can cause this multiplication to overflow and wrap to zero. The overflow check added to address CVE-2025-57803 is placed after the overflow occurs, making it ineffective. A specially crafted 58-byte BMP file with width set to 536,870,912 and 32 bits per pixel can trigger this overflow, causing the bytes_per_line calculation to become zero. This vulnerability only affects 32-bit builds of ImageMagick where default resource limits for width, height, and area have been manually increased beyond their defaults. 64-bit systems with size_t of 8 bytes are not vulnerable, and systems using default ImageMagick resource limits are not vulnerable. The vulnerability is fixed in versions 7.1.2-7 and 6.9.13-32.
CVSS 5.9
CVE-2026-22770 WRITEUP MEDIUM WRITEUP
ImageMagick <7.1.2-13 - Memory Corruption
ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initialized. This will result in a release of an invalid pointer inside DestroyBilateralTLS when the memory allocation fails. Version 7.1.2-13 contains a patch for the issue.
CVSS 6.5
CVE-2026-23876 WRITEUP HIGH WRITEUP
ImageMagick <7.1.2-13 & <6.9.13-38 - Buffer Overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer overflow vulnerability in the XBM image decoder (ReadXBMImage) allows an attacker to write controlled data past the allocated heap buffer when processing a maliciously crafted image file. Any operation that reads or identifies an image can trigger the overflow, making it exploitable via common image upload and processing pipelines. Versions 7.1.2-13 and 6.9.13-38 fix the issue.
CVSS 8.1