From 9912f9ebe8e54af29df350340195f2700194d5b2 Mon Sep 17 00:00:00 2001
From: mbauman <154641+mbauman@users.noreply.github.com>
Date: Tue, 25 Nov 2025 22:36:34 +0000
Subject: [PATCH] [create-pull-request] automated change
---
.../2025/JLSEC-0000-mntnau9wr-41927t.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnau9y2-133zvj4.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnau9y9-dexmqp.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnau9ye-4o8ov2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnau9yo-1pqt5zn.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnau9yu-v8coah.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnau9za-19xp4h.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaua71-1czsp8j.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaua7j-1ua1z51.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaua7l-1pfz8g2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaua7s-110pp98.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauacs-49zyk7.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauadf-hgrf0u.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauaea-prcajb.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauaeb-13qcgyj.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauaeb-z3esbs.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauaed-luh44l.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauaes-rv20dr.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauaf1-1jjy124.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauafq-fr0e1g.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauafu-15qk5f2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauag4-ab8p0j.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauagw-rbukai.md | 27 ++++++++++++++++
.../2025/JLSEC-0000-mntnaubjs-19bp5ge.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubkn-1w3njgg.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubm2-9cmhb2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubmx-hsp15f.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubmy-lft4j0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubn0-gxrjrz.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubn3-1adwq16.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubn3-1dicws5.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubs8-tblutc.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubs9-1cc3ndh.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsa-1qjrkft.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsa-je55b.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsb-ri2mx7.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsc-v6brpj.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsd-zg6xip.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubse-ruoori.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsf-qaghmx.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsf-zwpf0a.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsk-jhbxaj.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsm-sbs7ak.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubso-18ppupu.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsq-1lxey7s.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubss-1i820jj.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsu-vtutt6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsw-nyzhvn.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubsy-1dhhnca.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubt1-15ez9r7.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubt2-px2em5.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubt5-3974pj.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubt8-7m9t6v.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubtd-10lb9ei.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubth-1psj8ru.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubtm-bjc0j5.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubtm-ywhmz5.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubto-189ujur.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubtx-ed6zzk.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubu0-l5cm3x.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubu2-1qfc1rl.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubu3-jri9s3.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubuj-14nyomy.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubuk-5s39m9.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubum-1nsuxmq.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubun-1yxmy6h.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubuq-8eclgy.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubur-g9x7b2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubur-oob6k0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubus-1ket9xp.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubut-1a4r4tb.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubuv-1nkvbb2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubuv-ezl6ek.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubuw-1n90dw4.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubux-9msnvf.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubuy-12ypc3j.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubuy-167zg2c.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubuz-r9iwku.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv0-2zf7mg.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv1-1bdc40s.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv2-1rd61et.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv3-1phy484.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv3-bvjxph.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv4-18fsilw.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv5-1jn0st6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv5-kyuw0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv6-r5urib.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv7-1mcwv13.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv8-1849342.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubv9-1uattin.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx1-798vl9.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx2-1mgp6nh.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx3-tc7esl.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx4-84lnos.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx4-k72t66.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx5-196f2fb.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx6-1xtdavt.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx7-yejcdp.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx8-jw8wit.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx9-4hg4lu.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubx9-qfpgjr.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubxa-w6ln4n.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubxb-dbg8gb.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubxc-1tb5iqo.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauby2-1j6ttz9.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauby4-9f6ttn.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauby5-1y5e02g.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyd-qqjpru.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubye-dlhmd0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyf-dksdxu.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyg-1kjwxs0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyh-18u0xy1.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyh-7ktpnn.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyi-v3vacv.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyj-1rpomu6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyk-elqh9f.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyk-wshuns.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyl-la3uzx.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubym-1ykw4ft.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubym-5xcdr5.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyn-i7pi0c.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyo-1jh00bl.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyp-1ha103b.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyp-1qa47ox.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyq-153ln30.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyr-1jzbto6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubys-sv1066.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubys-ypjs0z.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyt-1f4afof.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyu-191zfk8.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyu-z8qu2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyv-1u1cwq5.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyx-17c6n97.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyx-1vjno0t.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyy-oupega.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaubyz-4fa346.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc3q-1bgc8ry.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4a-v80kis.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4b-1x5fjit.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4d-1qjjios.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4e-7st53t.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4g-16ta0p2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4h-1r9x5kd.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4h-npecoy.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4i-19miawr.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4j-iq1qu1.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4k-k2b3nu.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4k-pvrdtf.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4l-1x95q8m.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4m-13jncxa.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4n-9lbacg.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4o-1o7oxl4.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4o-mk91ie.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4p-12csq5y.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4q-18k4ntn.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4r-zbxivy.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4s-178k772.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4s-ccs9ur.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4t-1bl9svq.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4u-1ze8xd.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4v-832ph.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4v-8ywp.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4w-1yzt394.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4x-ulv6s9.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc4y-1m8en5o.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc50-muremm.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc51-yj070o.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc52-3xq9rn.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc52-p4jspo.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc53-13e97uh.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc56-2vy63z.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc57-f05eb7.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc58-s5coyu.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc59-1ixbi1r.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5a-xtyvkp.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5a-ye9eqz.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5b-4ph2k6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5c-1ra6ve5.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5d-1dojumd.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5d-1j0sm.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5e-ppzmmj.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5f-ci7in.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5g-4bw6h3.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5h-1jvgzn8.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5h-1ts5fso.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5i-vadhp3.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5j-rci8v0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5k-1ta0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5l-1aro2hc.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5l-wz9cwf.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5m-7oeo16.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5n-975dr8.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5o-1rarqp0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5p-1fq7ocz.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5p-5tjcx3.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5q-1g08ek2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5r-byxzck.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5s-1dbi2y0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5s-m8rm9m.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc5t-5zd950.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc68-3dzdgv.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc6q-6vancm.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc6s-hhl77h.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc6u-bdjj52.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc6v-1ngji1w.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc6w-1vei0mp.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc7s-bi2cap.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc8u-lhz2av.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauc9n-sqo9y2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucaf-id1te6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucba-abt0ct.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucc2-185w093.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauccw-z32g9g.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucdt-1xx5xjg.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucel-10xlwxj.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucfe-11bydaz.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucg8-1syr9y5.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucgg-yrfh56.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauche-ofj8ek.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauchf-1lpqqpu.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucif-1p10ark.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauciu-1iey9cx.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauciv-1dsaq70.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauciw-1jbghny.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauciw-vvcnpl.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucka-16fxnw0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucl5-jpnfn0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucm4-ka79mm.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucmx-8y8tr.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucnj-5stwam.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucnk-ilq839.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucoc-1s5mnd3.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucp5-1vgc3i1.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucpz-xzrfu1.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucq1-gfr7sf.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucq4-ahc2y8.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucq6-14iewpm.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucr5-1ta8mm2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucr6-1vg105k.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucrj-fyc8vb.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucrr-1m3jaq8.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauctq-1ep8v0r.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauctq-1xmsbez.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauctr-1rc0y2d.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucty-1jd9pih.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauctz-162swwq.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucu7-13rpmr7.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucu8-rxxs2j.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucu9-pcsubc.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucub-1y26d8h.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucuc-vhe0bq.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucue-zt9ggz.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucuh-1501x12.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucul-1cleaje.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucuu-1k83cbb.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucuv-rmuxpm.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucuw-2sypee.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvc-6nz6wv.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvd-1jkcahp.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvl-12yfp84.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvm-fznskv.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvn-17nd8ve.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvp-cx2oi3.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvr-1r44mxt.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvs-n4icah.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvt-iq6lvx.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvu-1rn5ipv.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvu-2wka8v.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvv-11yv9q.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucvz-1f3dnxp.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucw4-10mk0dz.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucw5-112dos5.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucw7-oazmhf.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucw8-6mz6uz.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucw9-1cu1gmc.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwa-z2h3fk.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwb-1tb032i.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwc-13unsn6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwe-zhag3q.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwf-1ivb7hb.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwg-1k4hb3z.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwi-59rp7s.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwj-1ij7l5p.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwk-1fj3k0r.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwl-xjosup.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwn-1kpjfpe.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwn-1s573y0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwp-1lhcpbz.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwq-usk2ev.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwr-1hy8gyg.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwt-fhg9tj.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwu-xzihmb.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwv-11wy6y4.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucww-1f5qrfh.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwy-1pahkby.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucwz-j9sq3.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucx0-bgy176.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucx1-vuu4wt.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucx3-1gu5y5l.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucx4-t0qhd9.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucx5-19b7y3k.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucx7-7gf2y6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucx8-b6zc42.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucx9-15jfevc.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxa-11ij78.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxb-b9v9up.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxc-1mzwdgz.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxd-1qvkbbn.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxe-1h4x6go.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxf-1phpil6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxg-146tt6v.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxh-t5y2p2.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxi-1i4ex8p.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxj-1ggxdev.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxk-1vqryty.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxk-g9p8oq.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxl-d7x6os.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxm-1wmzh6k.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxo-945um6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxp-o91u18.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxq-11tzcm0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxs-spomyh.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxt-6bdfj6.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxu-jjx497.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxv-p04tmh.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxx-1axzvd9.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxy-827pmq.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucxz-wvoymb.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucy0-yd4gl.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucy1-1b113c8.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucy3-yocbv4.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucy5-tebbwa.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucy6-1llfi74.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucy7-hvr2ik.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucy8-1mjn1uf.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucy8-1n9cmae.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucy9-mpdy18.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucya-ygjyzd.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucyb-acy24b.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucyc-1xavi1x.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucyd-1y6sspc.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucye-m5qln.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucyg-13o6e41.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucyh-15nu0hi.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaucyh-16nf3ty.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudj5-2ensoq.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudj6-9vlv3b.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudj8-yhyzhy.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudja-1oq2d5a.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudja-x4aihm.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudjb-6klffg.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudjd-1kkvoq8.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudje-1geiyqp.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudjf-2m13ls.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudjh-1toobe0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudji-13ufxax.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudjw-18pjp8m.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudjy-8yn8fq.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnauduv-14rmdt0.md | 24 ++++++++++++++
.../2025/JLSEC-0000-mntnaudw4-1nkwpgl.md | 32 +++++++++++++++++++
.../2025/JLSEC-0000-mntnaudwp-lkvz8k.md | 32 +++++++++++++++++++
advisories/published/2025/JLSEC-2025-9.md | 2 +-
362 files changed, 8684 insertions(+), 1 deletion(-)
create mode 100644 advisories/published/2025/JLSEC-0000-mntnau9wr-41927t.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnau9y2-133zvj4.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnau9y9-dexmqp.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnau9ye-4o8ov2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnau9yo-1pqt5zn.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnau9yu-v8coah.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnau9za-19xp4h.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaua71-1czsp8j.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaua7j-1ua1z51.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaua7l-1pfz8g2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaua7s-110pp98.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauacs-49zyk7.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauadf-hgrf0u.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauaea-prcajb.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauaeb-13qcgyj.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauaeb-z3esbs.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauaed-luh44l.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauaes-rv20dr.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauaf1-1jjy124.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauafq-fr0e1g.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauafu-15qk5f2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauag4-ab8p0j.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauagw-rbukai.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubjs-19bp5ge.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubkn-1w3njgg.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubm2-9cmhb2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubmx-hsp15f.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubmy-lft4j0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubn0-gxrjrz.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubn3-1adwq16.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubn3-1dicws5.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubs8-tblutc.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubs9-1cc3ndh.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsa-1qjrkft.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsa-je55b.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsb-ri2mx7.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsc-v6brpj.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsd-zg6xip.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubse-ruoori.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsf-qaghmx.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsf-zwpf0a.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsk-jhbxaj.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsm-sbs7ak.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubso-18ppupu.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsq-1lxey7s.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubss-1i820jj.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsu-vtutt6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsw-nyzhvn.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubsy-1dhhnca.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubt1-15ez9r7.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubt2-px2em5.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubt5-3974pj.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubt8-7m9t6v.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubtd-10lb9ei.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubth-1psj8ru.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubtm-bjc0j5.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubtm-ywhmz5.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubto-189ujur.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubtx-ed6zzk.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubu0-l5cm3x.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubu2-1qfc1rl.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubu3-jri9s3.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubuj-14nyomy.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubuk-5s39m9.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubum-1nsuxmq.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubun-1yxmy6h.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubuq-8eclgy.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubur-g9x7b2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubur-oob6k0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubus-1ket9xp.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubut-1a4r4tb.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubuv-1nkvbb2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubuv-ezl6ek.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubuw-1n90dw4.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubux-9msnvf.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubuy-12ypc3j.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubuy-167zg2c.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubuz-r9iwku.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv0-2zf7mg.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv1-1bdc40s.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv2-1rd61et.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv3-1phy484.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv3-bvjxph.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv4-18fsilw.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv5-1jn0st6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv5-kyuw0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv6-r5urib.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv7-1mcwv13.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv8-1849342.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubv9-1uattin.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx1-798vl9.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx2-1mgp6nh.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx3-tc7esl.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx4-84lnos.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx4-k72t66.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx5-196f2fb.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx6-1xtdavt.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx7-yejcdp.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx8-jw8wit.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx9-4hg4lu.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubx9-qfpgjr.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubxa-w6ln4n.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubxb-dbg8gb.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubxc-1tb5iqo.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauby2-1j6ttz9.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauby4-9f6ttn.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauby5-1y5e02g.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyd-qqjpru.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubye-dlhmd0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyf-dksdxu.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyg-1kjwxs0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyh-18u0xy1.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyh-7ktpnn.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyi-v3vacv.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyj-1rpomu6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyk-elqh9f.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyk-wshuns.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyl-la3uzx.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubym-1ykw4ft.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubym-5xcdr5.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyn-i7pi0c.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyo-1jh00bl.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyp-1ha103b.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyp-1qa47ox.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyq-153ln30.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyr-1jzbto6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubys-sv1066.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubys-ypjs0z.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyt-1f4afof.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyu-191zfk8.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyu-z8qu2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyv-1u1cwq5.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyx-17c6n97.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyx-1vjno0t.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyy-oupega.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaubyz-4fa346.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc3q-1bgc8ry.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4a-v80kis.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4b-1x5fjit.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4d-1qjjios.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4e-7st53t.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4g-16ta0p2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4h-1r9x5kd.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4h-npecoy.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4i-19miawr.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4j-iq1qu1.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4k-k2b3nu.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4k-pvrdtf.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4l-1x95q8m.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4m-13jncxa.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4n-9lbacg.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4o-1o7oxl4.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4o-mk91ie.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4p-12csq5y.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4q-18k4ntn.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4r-zbxivy.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4s-178k772.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4s-ccs9ur.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4t-1bl9svq.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4u-1ze8xd.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4v-832ph.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4v-8ywp.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4w-1yzt394.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4x-ulv6s9.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc4y-1m8en5o.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc50-muremm.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc51-yj070o.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc52-3xq9rn.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc52-p4jspo.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc53-13e97uh.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc56-2vy63z.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc57-f05eb7.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc58-s5coyu.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc59-1ixbi1r.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5a-xtyvkp.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5a-ye9eqz.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5b-4ph2k6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5c-1ra6ve5.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5d-1dojumd.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5d-1j0sm.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5e-ppzmmj.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5f-ci7in.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5g-4bw6h3.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5h-1jvgzn8.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5h-1ts5fso.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5i-vadhp3.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5j-rci8v0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5k-1ta0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5l-1aro2hc.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5l-wz9cwf.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5m-7oeo16.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5n-975dr8.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5o-1rarqp0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5p-1fq7ocz.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5p-5tjcx3.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5q-1g08ek2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5r-byxzck.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5s-1dbi2y0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5s-m8rm9m.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc5t-5zd950.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc68-3dzdgv.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc6q-6vancm.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc6s-hhl77h.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc6u-bdjj52.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc6v-1ngji1w.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc6w-1vei0mp.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc7s-bi2cap.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc8u-lhz2av.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauc9n-sqo9y2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucaf-id1te6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucba-abt0ct.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucc2-185w093.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauccw-z32g9g.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucdt-1xx5xjg.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucel-10xlwxj.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucfe-11bydaz.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucg8-1syr9y5.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucgg-yrfh56.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauche-ofj8ek.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauchf-1lpqqpu.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucif-1p10ark.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauciu-1iey9cx.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauciv-1dsaq70.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauciw-1jbghny.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauciw-vvcnpl.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucka-16fxnw0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucl5-jpnfn0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucm4-ka79mm.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucmx-8y8tr.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucnj-5stwam.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucnk-ilq839.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucoc-1s5mnd3.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucp5-1vgc3i1.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucpz-xzrfu1.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucq1-gfr7sf.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucq4-ahc2y8.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucq6-14iewpm.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucr5-1ta8mm2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucr6-1vg105k.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucrj-fyc8vb.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucrr-1m3jaq8.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauctq-1ep8v0r.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauctq-1xmsbez.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauctr-1rc0y2d.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucty-1jd9pih.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauctz-162swwq.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucu7-13rpmr7.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucu8-rxxs2j.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucu9-pcsubc.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucub-1y26d8h.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucuc-vhe0bq.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucue-zt9ggz.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucuh-1501x12.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucul-1cleaje.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucuu-1k83cbb.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucuv-rmuxpm.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucuw-2sypee.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvc-6nz6wv.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvd-1jkcahp.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvl-12yfp84.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvm-fznskv.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvn-17nd8ve.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvp-cx2oi3.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvr-1r44mxt.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvs-n4icah.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvt-iq6lvx.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvu-1rn5ipv.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvu-2wka8v.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvv-11yv9q.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucvz-1f3dnxp.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucw4-10mk0dz.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucw5-112dos5.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucw7-oazmhf.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucw8-6mz6uz.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucw9-1cu1gmc.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwa-z2h3fk.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwb-1tb032i.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwc-13unsn6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwe-zhag3q.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwf-1ivb7hb.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwg-1k4hb3z.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwi-59rp7s.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwj-1ij7l5p.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwk-1fj3k0r.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwl-xjosup.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwn-1kpjfpe.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwn-1s573y0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwp-1lhcpbz.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwq-usk2ev.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwr-1hy8gyg.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwt-fhg9tj.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwu-xzihmb.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwv-11wy6y4.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucww-1f5qrfh.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwy-1pahkby.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucwz-j9sq3.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucx0-bgy176.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucx1-vuu4wt.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucx3-1gu5y5l.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucx4-t0qhd9.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucx5-19b7y3k.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucx7-7gf2y6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucx8-b6zc42.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucx9-15jfevc.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxa-11ij78.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxb-b9v9up.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxc-1mzwdgz.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxd-1qvkbbn.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxe-1h4x6go.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxf-1phpil6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxg-146tt6v.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxh-t5y2p2.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxi-1i4ex8p.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxj-1ggxdev.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxk-1vqryty.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxk-g9p8oq.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxl-d7x6os.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxm-1wmzh6k.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxo-945um6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxp-o91u18.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxq-11tzcm0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxs-spomyh.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxt-6bdfj6.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxu-jjx497.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxv-p04tmh.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxx-1axzvd9.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxy-827pmq.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucxz-wvoymb.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucy0-yd4gl.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucy1-1b113c8.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucy3-yocbv4.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucy5-tebbwa.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucy6-1llfi74.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucy7-hvr2ik.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucy8-1mjn1uf.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucy8-1n9cmae.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucy9-mpdy18.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucya-ygjyzd.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucyb-acy24b.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucyc-1xavi1x.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucyd-1y6sspc.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucye-m5qln.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucyg-13o6e41.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucyh-15nu0hi.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaucyh-16nf3ty.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudj5-2ensoq.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudj6-9vlv3b.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudj8-yhyzhy.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudja-1oq2d5a.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudja-x4aihm.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudjb-6klffg.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudjd-1kkvoq8.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudje-1geiyqp.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudjf-2m13ls.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudjh-1toobe0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudji-13ufxax.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudjw-18pjp8m.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudjy-8yn8fq.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnauduv-14rmdt0.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudw4-1nkwpgl.md
create mode 100644 advisories/published/2025/JLSEC-0000-mntnaudwp-lkvz8k.md
diff --git a/advisories/published/2025/JLSEC-0000-mntnau9wr-41927t.md b/advisories/published/2025/JLSEC-0000-mntnau9wr-41927t.md
new file mode 100644
index 00000000..15c33637
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnau9wr-41927t.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnau9wr-41927t"
+modified = 2025-11-25T22:35:56.715Z
+upstream = ["CVE-2003-0555"]
+references = ["http://marc.info/?l=bugtraq&m=105820576111599&w=2", "http://marc.info/?l=bugtraq&m=105820576111599&w=2"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2003-0555"
+imported = 2025-11-25T22:35:56.688Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2003-08-18T04:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2003-0555"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2003-0555"
+```
+
+# ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly e...
+
+ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnau9y2-133zvj4.md b/advisories/published/2025/JLSEC-0000-mntnau9y2-133zvj4.md
new file mode 100644
index 00000000..9004c633
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnau9y2-133zvj4.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnau9y2-133zvj4"
+modified = 2025-11-25T22:35:56.762Z
+upstream = ["CVE-2004-0827"]
+references = ["http://secunia.com/advisories/28800", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1", "http://www.debian.org/security/2004/dsa-547", "http://www.redhat.com/support/errata/RHSA-2004-480.html", "http://www.redhat.com/support/errata/RHSA-2004-494.html", "http://www.vupen.com/english/advisories/2008/0412", "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123", "http://secunia.com/advisories/28800", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1", "http://www.debian.org/security/2004/dsa-547", "http://www.redhat.com/support/errata/RHSA-2004-480.html", "http://www.redhat.com/support/errata/RHSA-2004-494.html", "http://www.vupen.com/english/advisories/2008/0412", "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2004-0827"
+imported = 2025-11-25T22:35:56.762Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2004-09-16T04:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2004-0827"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2004-0827"
+```
+
+# Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6...
+
+Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnau9y9-dexmqp.md b/advisories/published/2025/JLSEC-0000-mntnau9y9-dexmqp.md
new file mode 100644
index 00000000..78bd9abc
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnau9y9-dexmqp.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnau9y9-dexmqp"
+modified = 2025-11-25T22:35:56.769Z
+upstream = ["CVE-2004-0802"]
+references = ["http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup", "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1", "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml", "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089", "http://www.securityfocus.com/bid/11084", "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183", "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup", "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1", "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml", "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089", "http://www.securityfocus.com/bid/11084", "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2004-0802"
+imported = 2025-11-25T22:35:56.769Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2004-12-31T05:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2004-0802"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2004-0802"
+```
+
+# Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrar...
+
+Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnau9ye-4o8ov2.md b/advisories/published/2025/JLSEC-0000-mntnau9ye-4o8ov2.md
new file mode 100644
index 00000000..32e6e465
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnau9ye-4o8ov2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnau9ye-4o8ov2"
+modified = 2025-11-25T22:35:56.774Z
+upstream = ["CVE-2004-0817"]
+references = ["http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1", "http://www.debian.org/security/2004/dsa-548", "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml", "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089", "http://www.redhat.com/support/errata/RHSA-2004-465.html", "http://www.securityfocus.com/bid/11084", "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843", "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1", "http://www.debian.org/security/2004/dsa-548", "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml", "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089", "http://www.redhat.com/support/errata/RHSA-2004-465.html", "http://www.securityfocus.com/bid/11084", "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2004-0817"
+imported = 2025-11-25T22:35:56.774Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2004-12-31T05:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2004-0817"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2004-0817"
+```
+
+# Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execut...
+
+Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnau9yo-1pqt5zn.md b/advisories/published/2025/JLSEC-0000-mntnau9yo-1pqt5zn.md
new file mode 100644
index 00000000..347a9332
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnau9yo-1pqt5zn.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnau9yo-1pqt5zn"
+modified = 2025-11-25T22:35:56.784Z
+upstream = ["CVE-2004-0981"]
+references = ["http://secunia.com/advisories/12995/", "http://security.gentoo.org/glsa/glsa-200411-11.xml", "http://www.imagemagick.org/www/Changelog.html", "http://www.securityfocus.org/bid/11548", "https://exchange.xforce.ibmcloud.com/vulnerabilities/17903", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10472", "https://www.ubuntu.com/usn/usn-7-1/", "http://secunia.com/advisories/12995/", "http://security.gentoo.org/glsa/glsa-200411-11.xml", "http://www.imagemagick.org/www/Changelog.html", "http://www.securityfocus.org/bid/11548", "https://exchange.xforce.ibmcloud.com/vulnerabilities/17903", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10472", "https://www.ubuntu.com/usn/usn-7-1/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2004-0981"
+imported = 2025-11-25T22:35:56.784Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-02-09T05:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2004-0981"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2004-0981"
+```
+
+# Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to e...
+
+Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnau9yu-v8coah.md b/advisories/published/2025/JLSEC-0000-mntnau9yu-v8coah.md
new file mode 100644
index 00000000..229cfe62
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnau9yu-v8coah.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnau9yu-v8coah"
+modified = 2025-11-25T22:35:56.790Z
+upstream = ["CVE-2005-0759"]
+references = ["http://securitytracker.com/id?1013550", "http://www.debian.org/security/2005/dsa-702", "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html", "http://www.securityfocus.com/bid/12875", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11022", "https://rhn.redhat.com/errata/RHSA-2005-070.html", "http://securitytracker.com/id?1013550", "http://www.debian.org/security/2005/dsa-702", "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html", "http://www.securityfocus.com/bid/12875", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11022", "https://rhn.redhat.com/errata/RHSA-2005-070.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2005-0759"
+imported = 2025-11-25T22:35:56.790Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-03-23T05:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2005-0759"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2005-0759"
+```
+
+# ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via ...
+
+ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnau9za-19xp4h.md b/advisories/published/2025/JLSEC-0000-mntnau9za-19xp4h.md
new file mode 100644
index 00000000..fb53183b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnau9za-19xp4h.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnau9za-19xp4h"
+modified = 2025-11-25T22:35:56.806Z
+upstream = ["CVE-2005-0761"]
+references = ["http://rhn.redhat.com/errata/RHSA-2005-070.html", "http://securitytracker.com/id?1013550", "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html", "http://www.securityfocus.com/bid/12876", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11150", "http://rhn.redhat.com/errata/RHSA-2005-070.html", "http://securitytracker.com/id?1013550", "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html", "http://www.securityfocus.com/bid/12876", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11150"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2005-0761"
+imported = 2025-11-25T22:35:56.806Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-03-23T05:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2005-0761"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2005-0761"
+```
+
+# Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of servi...
+
+Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaua71-1czsp8j.md b/advisories/published/2025/JLSEC-0000-mntnaua71-1czsp8j.md
new file mode 100644
index 00000000..9b22abb5
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaua71-1czsp8j.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaua71-1czsp8j"
+modified = 2025-11-25T22:35:57.085Z
+upstream = ["CVE-2005-1275"]
+references = ["http://bugs.gentoo.org/show_bug.cgi?id=90423", "http://seclists.org/lists/bugtraq/2005/Apr/0407.html", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107", "http://www.overflow.pl/adv/imheapoverflow.txt", "http://www.redhat.com/support/errata/RHSA-2005-413.html", "http://www.securityfocus.com/bid/13351", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10003", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A711", "http://bugs.gentoo.org/show_bug.cgi?id=90423", "http://seclists.org/lists/bugtraq/2005/Apr/0407.html", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107", "http://www.overflow.pl/adv/imheapoverflow.txt", "http://www.redhat.com/support/errata/RHSA-2005-413.html", "http://www.securityfocus.com/bid/13351", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10003", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A711"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2005-1275"
+imported = 2025-11-25T22:35:57.085Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-04-25T04:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2005-1275"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2005-1275"
+```
+
+# Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier a...
+
+Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaua7j-1ua1z51.md b/advisories/published/2025/JLSEC-0000-mntnaua7j-1ua1z51.md
new file mode 100644
index 00000000..2a48a060
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaua7j-1ua1z51.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaua7j-1ua1z51"
+modified = 2025-11-25T22:35:57.103Z
+upstream = ["CVE-2005-0005"]
+references = ["http://marc.info/?l=bugtraq&m=110608222117215&w=2", "http://www.debian.org/security/2005/dsa-646", "http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml", "http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities", "http://www.redhat.com/support/errata/RHSA-2005-070.html", "http://www.redhat.com/support/errata/RHSA-2005-071.html", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925", "http://marc.info/?l=bugtraq&m=110608222117215&w=2", "http://www.debian.org/security/2005/dsa-646", "http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml", "http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities", "http://www.redhat.com/support/errata/RHSA-2005-070.html", "http://www.redhat.com/support/errata/RHSA-2005-071.html", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2005-0005"
+imported = 2025-11-25T22:35:57.103Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-05-02T04:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2005-0005"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2005-0005"
+```
+
+# Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allo...
+
+Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaua7l-1pfz8g2.md b/advisories/published/2025/JLSEC-0000-mntnaua7l-1pfz8g2.md
new file mode 100644
index 00000000..1c850819
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaua7l-1pfz8g2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaua7l-1pfz8g2"
+modified = 2025-11-25T22:35:57.105Z
+upstream = ["CVE-2005-0397"]
+references = ["http://bugs.gentoo.org/show_bug.cgi?id=83542", "http://marc.info/?l=bugtraq&m=110987256010857&w=2", "http://www.debian.org/security/2005/dsa-702", "http://www.gentoo.org/security/en/glsa/glsa-200503-11.xml", "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html", "http://www.redhat.com/support/errata/RHSA-2005-070.html", "http://www.redhat.com/support/errata/RHSA-2005-320.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/19586", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10302", "http://bugs.gentoo.org/show_bug.cgi?id=83542", "http://marc.info/?l=bugtraq&m=110987256010857&w=2", "http://www.debian.org/security/2005/dsa-702", "http://www.gentoo.org/security/en/glsa/glsa-200503-11.xml", "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html", "http://www.redhat.com/support/errata/RHSA-2005-070.html", "http://www.redhat.com/support/errata/RHSA-2005-320.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/19586", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10302"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2005-0397"
+imported = 2025-11-25T22:35:57.105Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-05-02T04:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2005-0397"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2005-0397"
+```
+
+# Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 m...
+
+Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaua7s-110pp98.md b/advisories/published/2025/JLSEC-0000-mntnaua7s-110pp98.md
new file mode 100644
index 00000000..205a8340
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaua7s-110pp98.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaua7s-110pp98"
+modified = 2025-11-25T22:35:57.112Z
+upstream = ["CVE-2005-0760"]
+references = ["http://securitytracker.com/id?1013550", "http://www.debian.org/security/2005/dsa-702", "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11184", "https://rhn.redhat.com/errata/RHSA-2005-070.html", "http://securitytracker.com/id?1013550", "http://www.debian.org/security/2005/dsa-702", "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11184", "https://rhn.redhat.com/errata/RHSA-2005-070.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2005-0760"
+imported = 2025-11-25T22:35:57.112Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-05-02T04:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2005-0760"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2005-0760"
+```
+
+# The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (cra...
+
+The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauacs-49zyk7.md b/advisories/published/2025/JLSEC-0000-mntnauacs-49zyk7.md
new file mode 100644
index 00000000..1d87087f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauacs-49zyk7.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauacs-49zyk7"
+modified = 2025-11-25T22:35:57.292Z
+upstream = ["CVE-2005-0762"]
+references = ["http://rhn.redhat.com/errata/RHSA-2005-070.html", "http://securitytracker.com/id?1013550", "http://www.debian.org/security/2005/dsa-702", "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9736", "http://rhn.redhat.com/errata/RHSA-2005-070.html", "http://securitytracker.com/id?1013550", "http://www.debian.org/security/2005/dsa-702", "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9736"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2005-0762"
+imported = 2025-11-25T22:35:57.292Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-05-02T04:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2005-0762"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2005-0762"
+```
+
+# Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to ex...
+
+Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauadf-hgrf0u.md b/advisories/published/2025/JLSEC-0000-mntnauadf-hgrf0u.md
new file mode 100644
index 00000000..e7df15fb
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauadf-hgrf0u.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauadf-hgrf0u"
+modified = 2025-11-25T22:35:57.315Z
+upstream = ["CVE-2005-1739"]
+references = ["http://bugs.gentoo.org/show_bug.cgi?id=90423", "http://secunia.com/advisories/15429", "http://secunia.com/advisories/15446", "http://secunia.com/advisories/15453", "http://security.gentoo.org/glsa/glsa-200505-16.xml", "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107", "http://www.osvdb.org/16774", "http://www.osvdb.org/16775", "http://www.redhat.com/support/errata/RHSA-2005-480.html", "http://www.securityfocus.com/bid/13705", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960", "https://usn.ubuntu.com/132-1/", "http://bugs.gentoo.org/show_bug.cgi?id=90423", "http://secunia.com/advisories/15429", "http://secunia.com/advisories/15446", "http://secunia.com/advisories/15453", "http://security.gentoo.org/glsa/glsa-200505-16.xml", "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107", "http://www.osvdb.org/16774", "http://www.osvdb.org/16775", "http://www.redhat.com/support/errata/RHSA-2005-480.html", "http://www.securityfocus.com/bid/13705", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960", "https://usn.ubuntu.com/132-1/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2005-1739"
+imported = 2025-11-25T22:35:57.315Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-05-24T04:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2005-1739"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2005-1739"
+```
+
+# The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote att...
+
+The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauaea-prcajb.md b/advisories/published/2025/JLSEC-0000-mntnauaea-prcajb.md
new file mode 100644
index 00000000..de1f054a
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauaea-prcajb.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauaea-prcajb"
+modified = 2025-11-25T22:35:57.346Z
+upstream = ["CVE-2005-3582"]
+references = ["http://secunia.com/advisories/17427/", "http://www.gentoo.org/security/en/glsa/glsa-200511-02.xml", "http://www.osvdb.org/20528", "http://www.securityfocus.com/bid/15120", "http://www.vupen.com/english/advisories/2005/2281", "http://secunia.com/advisories/17427/", "http://www.gentoo.org/security/en/glsa/glsa-200511-02.xml", "http://www.osvdb.org/20528", "http://www.securityfocus.com/bid/15120", "http://www.vupen.com/english/advisories/2005/2281"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2005-3582"
+imported = 2025-11-25T22:35:57.346Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-11-16T07:42:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2005-3582"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2005-3582"
+```
+
+# ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a s...
+
+ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauaeb-13qcgyj.md b/advisories/published/2025/JLSEC-0000-mntnauaeb-13qcgyj.md
new file mode 100644
index 00000000..35ba10d0
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauaeb-13qcgyj.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauaeb-13qcgyj"
+modified = 2025-11-25T22:35:57.347Z
+upstream = ["CVE-2005-4601"]
+references = ["ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345238", "http://rhn.redhat.com/errata/RHSA-2006-0178.html", "http://secunia.com/advisories/18261", "http://secunia.com/advisories/18607", "http://secunia.com/advisories/18631", "http://secunia.com/advisories/18871", "http://secunia.com/advisories/19183", "http://secunia.com/advisories/19408", "http://secunia.com/advisories/23090", "http://secunia.com/advisories/28800", "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.341682", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1", "http://www.debian.org/security/2006/dsa-957", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:024", "http://www.novell.com/linux/security/advisories/2006_06_sr.html", "http://www.osvdb.org/22121", "http://www.securityfocus.com/archive/1/452718/100/100/threaded", "http://www.securityfocus.com/bid/16093", "http://www.ubuntu.com/usn/usn-246-1", "http://www.vupen.com/english/advisories/2008/0412", "https://exchange.xforce.ibmcloud.com/vulnerabilities/23927", "https://issues.rpath.com/browse/RPL-389", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10353", "ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345238", "http://rhn.redhat.com/errata/RHSA-2006-0178.html", "http://secunia.com/advisories/18261", "http://secunia.com/advisories/18607", "http://secunia.com/advisories/18631", "http://secunia.com/advisories/18871", "http://secunia.com/advisories/19183", "http://secunia.com/advisories/19408", "http://secunia.com/advisories/23090", "http://secunia.com/advisories/28800", "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.341682", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1", "http://www.debian.org/security/2006/dsa-957", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:024", "http://www.novell.com/linux/security/advisories/2006_06_sr.html", "http://www.osvdb.org/22121", "http://www.securityfocus.com/archive/1/452718/100/100/threaded", "http://www.securityfocus.com/bid/16093", "http://www.ubuntu.com/usn/usn-246-1", "http://www.vupen.com/english/advisories/2008/0412", "https://exchange.xforce.ibmcloud.com/vulnerabilities/23927", "https://issues.rpath.com/browse/RPL-389", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10353"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2005-4601"
+imported = 2025-11-25T22:35:57.347Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2005-12-31T05:00:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2005-4601"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2005-4601"
+```
+
+# The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands v...
+
+The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauaeb-z3esbs.md b/advisories/published/2025/JLSEC-0000-mntnauaeb-z3esbs.md
new file mode 100644
index 00000000..e8db29a4
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauaeb-z3esbs.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauaeb-z3esbs"
+modified = 2025-11-25T22:35:57.347Z
+upstream = ["CVE-2006-0082"]
+references = ["ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876", "http://rhn.redhat.com/errata/RHSA-2006-0178.html", "http://secunia.com/advisories/18261", "http://secunia.com/advisories/18607", "http://secunia.com/advisories/18851", "http://secunia.com/advisories/18871", "http://secunia.com/advisories/19030", "http://secunia.com/advisories/19183", "http://secunia.com/advisories/19408", "http://secunia.com/advisories/22998", "http://secunia.com/advisories/23090", "http://secunia.com/advisories/28800", "http://securityreason.com/securityalert/500", "http://securitytracker.com/id?1015623", "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.341682", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1", "http://www.debian.org/security/2006/dsa-1213", "http://www.gentoo.org/security/en/glsa/glsa-200602-06.xml", "http://www.gentoo.org/security/en/glsa/glsa-200602-13.xml", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:024", "http://www.novell.com/linux/security/advisories/2006_06_sr.html", "http://www.securityfocus.com/archive/1/452718/100/100/threaded", "http://www.securityfocus.com/bid/12717", "http://www.ubuntu.com/usn/usn-246-1", "http://www.vupen.com/english/advisories/2008/0412", "https://issues.rpath.com/browse/RPL-389", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10717", "ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876", "http://rhn.redhat.com/errata/RHSA-2006-0178.html", "http://secunia.com/advisories/18261", "http://secunia.com/advisories/18607", "http://secunia.com/advisories/18851", "http://secunia.com/advisories/18871", "http://secunia.com/advisories/19030", "http://secunia.com/advisories/19183", "http://secunia.com/advisories/19408", "http://secunia.com/advisories/22998", "http://secunia.com/advisories/23090", "http://secunia.com/advisories/28800", "http://securityreason.com/securityalert/500", "http://securitytracker.com/id?1015623", "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.341682", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1", "http://www.debian.org/security/2006/dsa-1213", "http://www.gentoo.org/security/en/glsa/glsa-200602-06.xml", "http://www.gentoo.org/security/en/glsa/glsa-200602-13.xml", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:024", "http://www.novell.com/linux/security/advisories/2006_06_sr.html", "http://www.securityfocus.com/archive/1/452718/100/100/threaded", "http://www.securityfocus.com/bid/12717", "http://www.ubuntu.com/usn/usn-246-1", "http://www.vupen.com/english/advisories/2008/0412", "https://issues.rpath.com/browse/RPL-389", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10717"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2006-0082"
+imported = 2025-11-25T22:35:57.347Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2006-01-04T23:03:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2006-0082"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2006-0082"
+```
+
+# Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other ...
+
+Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauaed-luh44l.md b/advisories/published/2025/JLSEC-0000-mntnauaed-luh44l.md
new file mode 100644
index 00000000..cbf93f86
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauaed-luh44l.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauaed-luh44l"
+modified = 2025-11-25T22:35:57.349Z
+upstream = ["CVE-2006-2440"]
+references = ["ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595", "http://secunia.com/advisories/21719", "http://secunia.com/advisories/24186", "http://secunia.com/advisories/24284", "http://www.debian.org/security/2006/dsa-1168", "http://www.redhat.com/support/errata/RHSA-2007-0015.html", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481", "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595", "http://secunia.com/advisories/21719", "http://secunia.com/advisories/24186", "http://secunia.com/advisories/24284", "http://www.debian.org/security/2006/dsa-1168", "http://www.redhat.com/support/errata/RHSA-2007-0015.html", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2006-2440"
+imported = 2025-11-25T22:35:57.349Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2006-05-18T10:02:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2006-2440"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2006-2440"
+```
+
+# Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers t...
+
+Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauaes-rv20dr.md b/advisories/published/2025/JLSEC-0000-mntnauaes-rv20dr.md
new file mode 100644
index 00000000..38e54f85
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauaes-rv20dr.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauaes-rv20dr"
+modified = 2025-11-25T22:35:57.364Z
+upstream = ["CVE-2006-4144"]
+references = ["ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc", "http://secunia.com/advisories/21462", "http://secunia.com/advisories/21525", "http://secunia.com/advisories/21621", "http://secunia.com/advisories/21671", "http://secunia.com/advisories/21679", "http://secunia.com/advisories/21832", "http://secunia.com/advisories/22036", "http://secunia.com/advisories/22096", "http://secunia.com/advisories/22998", "http://security.gentoo.org/glsa/glsa-200609-14.xml", "http://securityreason.com/securityalert/1385", "http://securitytracker.com/id?1016699", "http://www.debian.org/security/2006/dsa-1213", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155", "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html", "http://www.overflow.pl/adv/imsgiheap.txt", "http://www.redhat.com/support/errata/RHSA-2006-0633.html", "http://www.securityfocus.com/archive/1/443208/100/0/threaded", "http://www.securityfocus.com/archive/1/443362/100/0/threaded", "http://www.securityfocus.com/bid/19507", "http://www.ubuntu.com/usn/usn-337-1", "https://exchange.xforce.ibmcloud.com/vulnerabilities/28372", "https://issues.rpath.com/browse/RPL-605", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129", "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc", "http://secunia.com/advisories/21462", "http://secunia.com/advisories/21525", "http://secunia.com/advisories/21621", "http://secunia.com/advisories/21671", "http://secunia.com/advisories/21679", "http://secunia.com/advisories/21832", "http://secunia.com/advisories/22036", "http://secunia.com/advisories/22096", "http://secunia.com/advisories/22998", "http://security.gentoo.org/glsa/glsa-200609-14.xml", "http://securityreason.com/securityalert/1385", "http://securitytracker.com/id?1016699", "http://www.debian.org/security/2006/dsa-1213", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155", "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html", "http://www.overflow.pl/adv/imsgiheap.txt", "http://www.redhat.com/support/errata/RHSA-2006-0633.html", "http://www.securityfocus.com/archive/1/443208/100/0/threaded", "http://www.securityfocus.com/archive/1/443362/100/0/threaded", "http://www.securityfocus.com/bid/19507", "http://www.ubuntu.com/usn/usn-337-1", "https://exchange.xforce.ibmcloud.com/vulnerabilities/28372", "https://issues.rpath.com/browse/RPL-605", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2006-4144"
+imported = 2025-11-25T22:35:57.364Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2006-08-15T23:04:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2006-4144"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2006-4144"
+```
+
+# Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assis...
+
+Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauaf1-1jjy124.md b/advisories/published/2025/JLSEC-0000-mntnauaf1-1jjy124.md
new file mode 100644
index 00000000..34b14977
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauaf1-1jjy124.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauaf1-1jjy124"
+modified = 2025-11-25T22:35:57.373Z
+upstream = ["CVE-2006-3743"]
+references = ["ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc", "http://bugs.gentoo.org/show_bug.cgi?id=144854", "http://secunia.com/advisories/21615", "http://secunia.com/advisories/21621", "http://secunia.com/advisories/21671", "http://secunia.com/advisories/21679", "http://secunia.com/advisories/21719", "http://secunia.com/advisories/21780", "http://secunia.com/advisories/21832", "http://secunia.com/advisories/22036", "http://secunia.com/advisories/22096", "http://security.gentoo.org/glsa/glsa-200609-14.xml", "http://securitytracker.com/id?1016749", "http://www.debian.org/security/2006/dsa-1168", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155", "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html", "http://www.osvdb.org/28205", "http://www.redhat.com/support/errata/RHSA-2006-0633.html", "http://www.securityfocus.com/bid/19697", "http://www.ubuntu.com/usn/usn-340-1", "http://www.vupen.com/english/advisories/2006/3375", "https://exchange.xforce.ibmcloud.com/vulnerabilities/28575", "https://issues.rpath.com/browse/RPL-605", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9895", "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc", "http://bugs.gentoo.org/show_bug.cgi?id=144854", "http://secunia.com/advisories/21615", "http://secunia.com/advisories/21621", "http://secunia.com/advisories/21671", "http://secunia.com/advisories/21679", "http://secunia.com/advisories/21719", "http://secunia.com/advisories/21780", "http://secunia.com/advisories/21832", "http://secunia.com/advisories/22036", "http://secunia.com/advisories/22096", "http://security.gentoo.org/glsa/glsa-200609-14.xml", "http://securitytracker.com/id?1016749", "http://www.debian.org/security/2006/dsa-1168", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155", "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html", "http://www.osvdb.org/28205", "http://www.redhat.com/support/errata/RHSA-2006-0633.html", "http://www.securityfocus.com/bid/19697", "http://www.ubuntu.com/usn/usn-340-1", "http://www.vupen.com/english/advisories/2006/3375", "https://exchange.xforce.ibmcloud.com/vulnerabilities/28575", "https://issues.rpath.com/browse/RPL-605", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9895"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2006-3743"
+imported = 2025-11-25T22:35:57.373Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2006-08-25T01:04:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2006-3743"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2006-3743"
+```
+
+# Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbit...
+
+Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauafq-fr0e1g.md b/advisories/published/2025/JLSEC-0000-mntnauafq-fr0e1g.md
new file mode 100644
index 00000000..c2a78ed7
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauafq-fr0e1g.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauafq-fr0e1g"
+modified = 2025-11-25T22:35:57.398Z
+upstream = ["CVE-2006-3744"]
+references = ["ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc", "http://bugs.gentoo.org/show_bug.cgi?id=144854", "http://secunia.com/advisories/21615", "http://secunia.com/advisories/21621", "http://secunia.com/advisories/21671", "http://secunia.com/advisories/21679", "http://secunia.com/advisories/21719", "http://secunia.com/advisories/21780", "http://secunia.com/advisories/21832", "http://secunia.com/advisories/22036", "http://secunia.com/advisories/22096", "http://security.gentoo.org/glsa/glsa-200609-14.xml", "http://securitytracker.com/id?1016749", "http://www.debian.org/security/2006/dsa-1168", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155", "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html", "http://www.osvdb.org/28204", "http://www.redhat.com/support/errata/RHSA-2006-0633.html", "http://www.securityfocus.com/bid/19699", "http://www.ubuntu.com/usn/usn-340-1", "http://www.vupen.com/english/advisories/2006/3375", "https://exchange.xforce.ibmcloud.com/vulnerabilities/28574", "https://issues.rpath.com/browse/RPL-605", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11486", "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc", "http://bugs.gentoo.org/show_bug.cgi?id=144854", "http://secunia.com/advisories/21615", "http://secunia.com/advisories/21621", "http://secunia.com/advisories/21671", "http://secunia.com/advisories/21679", "http://secunia.com/advisories/21719", "http://secunia.com/advisories/21780", "http://secunia.com/advisories/21832", "http://secunia.com/advisories/22036", "http://secunia.com/advisories/22096", "http://security.gentoo.org/glsa/glsa-200609-14.xml", "http://securitytracker.com/id?1016749", "http://www.debian.org/security/2006/dsa-1168", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155", "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html", "http://www.osvdb.org/28204", "http://www.redhat.com/support/errata/RHSA-2006-0633.html", "http://www.securityfocus.com/bid/19699", "http://www.ubuntu.com/usn/usn-340-1", "http://www.vupen.com/english/advisories/2006/3375", "https://exchange.xforce.ibmcloud.com/vulnerabilities/28574", "https://issues.rpath.com/browse/RPL-605", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11486"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2006-3744"
+imported = 2025-11-25T22:35:57.398Z
+modified = 2025-04-03T01:03:51.193Z
+published = 2006-08-25T01:04:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2006-3744"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2006-3744"
+```
+
+# Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arb...
+
+Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauafu-15qk5f2.md b/advisories/published/2025/JLSEC-0000-mntnauafu-15qk5f2.md
new file mode 100644
index 00000000..53182bfe
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauafu-15qk5f2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauafu-15qk5f2"
+modified = 2025-11-25T22:35:57.402Z
+upstream = ["CVE-2006-5456"]
+references = ["ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc", "http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9", "http://secunia.com/advisories/22569", "http://secunia.com/advisories/22572", "http://secunia.com/advisories/22601", "http://secunia.com/advisories/22604", "http://secunia.com/advisories/22819", "http://secunia.com/advisories/22834", "http://secunia.com/advisories/22998", "http://secunia.com/advisories/23090", "http://secunia.com/advisories/23121", "http://secunia.com/advisories/24186", "http://secunia.com/advisories/24196", "http://secunia.com/advisories/24284", "http://secunia.com/advisories/24458", "http://security.gentoo.org/glsa/glsa-200611-07.xml", "http://security.gentoo.org/glsa/glsa-200611-19.xml", "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092", "http://www.debian.org/security/2006/dsa-1213", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:193", "http://www.mandriva.com/security/advisories?name=MDKSA-2007:041", "http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html", "http://www.novell.com/linux/security/advisories/2007_3_sr.html", "http://www.osvdb.org/29990", "http://www.redhat.com/support/errata/RHSA-2007-0015.html", "http://www.securityfocus.com/archive/1/452718/100/100/threaded", "http://www.securityfocus.com/archive/1/459507/100/0/threaded", "http://www.securityfocus.com/bid/20707", "http://www.ubuntu.com/usn/usn-372-1", "http://www.ubuntu.com/usn/usn-422-1", "http://www.vupen.com/english/advisories/2006/4170", "http://www.vupen.com/english/advisories/2006/4171", "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921", "https://exchange.xforce.ibmcloud.com/vulnerabilities/29816", "https://issues.rpath.com/browse/RPL-1034", "https://issues.rpath.com/browse/RPL-811", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765", "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc", "http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9", "http://secunia.com/advisories/22569", "http://secunia.com/advisories/22572", "http://secunia.com/advisories/22601", "http://secunia.com/advisories/22604", "http://secunia.com/advisories/22819", "http://secunia.com/advisories/22834", "http://secunia.com/advisories/22998", "http://secunia.com/advisories/23090", "http://secunia.com/advisories/23121", "http://secunia.com/advisories/24186", "http://secunia.com/advisories/24196", "http://secunia.com/advisories/24284", "http://secunia.com/advisories/24458", "http://security.gentoo.org/glsa/glsa-200611-07.xml", "http://security.gentoo.org/glsa/glsa-200611-19.xml", "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092", "http://www.debian.org/security/2006/dsa-1213", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:193", "http://www.mandriva.com/security/advisories?name=MDKSA-2007:041", "http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html", "http://www.novell.com/linux/security/advisories/2007_3_sr.html", "http://www.osvdb.org/29990", "http://www.redhat.com/support/errata/RHSA-2007-0015.html", "http://www.securityfocus.com/archive/1/452718/100/100/threaded", "http://www.securityfocus.com/archive/1/459507/100/0/threaded", "http://www.securityfocus.com/bid/20707", "http://www.ubuntu.com/usn/usn-372-1", "http://www.ubuntu.com/usn/usn-422-1", "http://www.vupen.com/english/advisories/2006/4170", "http://www.vupen.com/english/advisories/2006/4171", "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921", "https://exchange.xforce.ibmcloud.com/vulnerabilities/29816", "https://issues.rpath.com/browse/RPL-1034", "https://issues.rpath.com/browse/RPL-811", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2006-5456"
+imported = 2025-11-25T22:35:57.402Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2006-10-23T17:07:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2006-5456"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2006-5456"
+```
+
+# Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted a...
+
+Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauag4-ab8p0j.md b/advisories/published/2025/JLSEC-0000-mntnauag4-ab8p0j.md
new file mode 100644
index 00000000..01c57eb6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauag4-ab8p0j.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauag4-ab8p0j"
+modified = 2025-11-25T22:35:57.412Z
+upstream = ["CVE-2006-5868"]
+references = ["ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc", "http://secunia.com/advisories/22998", "http://secunia.com/advisories/23101", "http://secunia.com/advisories/23219", "http://secunia.com/advisories/24186", "http://secunia.com/advisories/24284", "http://www.debian.org/security/2006/dsa-1213", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:223", "http://www.redhat.com/support/errata/RHSA-2007-0015.html", "http://www.securityfocus.com/bid/21185", "http://www.ubuntu.com/usn/usn-386-1", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10612", "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc", "http://secunia.com/advisories/22998", "http://secunia.com/advisories/23101", "http://secunia.com/advisories/23219", "http://secunia.com/advisories/24186", "http://secunia.com/advisories/24284", "http://www.debian.org/security/2006/dsa-1213", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:223", "http://www.redhat.com/support/errata/RHSA-2007-0015.html", "http://www.securityfocus.com/bid/21185", "http://www.ubuntu.com/usn/usn-386-1", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10612"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2006-5868"
+imported = 2025-11-25T22:35:57.412Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2006-11-22T01:07:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2006-5868"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2006-5868"
+```
+
+# Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown imp...
+
+Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauagw-rbukai.md b/advisories/published/2025/JLSEC-0000-mntnauagw-rbukai.md
new file mode 100644
index 00000000..3c3877bb
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauagw-rbukai.md
@@ -0,0 +1,27 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauagw-rbukai"
+modified = 2025-11-25T22:35:57.440Z
+upstream = ["CVE-2007-0770"]
+references = ["http://secunia.com/advisories/24167", "http://secunia.com/advisories/24196", "http://www.debian.org/security/2007/dsa-1260", "http://www.mandriva.com/security/advisories?name=MDKSA-2007:041", "http://www.novell.com/linux/security/advisories/2007_3_sr.html", "http://www.osvdb.org/31911", "http://www.securityfocus.com/archive/1/459507/100/0/threaded", "http://www.ubuntu.com/usn/usn-422-1", "https://issues.rpath.com/browse/RPL-1034", "http://secunia.com/advisories/24167", "http://secunia.com/advisories/24196", "http://www.debian.org/security/2007/dsa-1260", "http://www.mandriva.com/security/advisories?name=MDKSA-2007:041", "http://www.novell.com/linux/security/advisories/2007_3_sr.html", "http://www.osvdb.org/31911", "http://www.securityfocus.com/archive/1/459507/100/0/threaded", "http://www.ubuntu.com/usn/usn-422-1", "https://issues.rpath.com/browse/RPL-1034"]
+
+[[affected]]
+pkg = "GraphicsMagick_jll"
+ranges = ["*"]
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2007-0770"
+imported = 2025-11-25T22:35:57.440Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2007-02-12T20:28:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2007-0770"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2007-0770"
+```
+
+# Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a d...
+
+Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubjs-19bp5ge.md b/advisories/published/2025/JLSEC-0000-mntnaubjs-19bp5ge.md
new file mode 100644
index 00000000..8c73f127
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubjs-19bp5ge.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubjs-19bp5ge"
+modified = 2025-11-25T22:35:58.840Z
+upstream = ["CVE-2007-1797"]
+references = ["http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496", "http://secunia.com/advisories/24721", "http://secunia.com/advisories/24739", "http://secunia.com/advisories/25072", "http://secunia.com/advisories/25206", "http://secunia.com/advisories/25992", "http://secunia.com/advisories/26177", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/29857", "http://secunia.com/advisories/36260", "http://security.gentoo.org/glsa/glsa-200705-13.xml", "http://www.debian.org/security/2009/dsa-1858", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147", "http://www.novell.com/linux/security/advisories/2007_8_sr.html", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.redhat.com/support/errata/RHSA-2008-0165.html", "http://www.securityfocus.com/bid/23252", "http://www.securityfocus.com/bid/23347", "http://www.securitytracker.com/id?1017839", "http://www.ubuntu.com/usn/usn-481-1", "http://www.vupen.com/english/advisories/2007/1200", "https://exchange.xforce.ibmcloud.com/vulnerabilities/33376", "https://exchange.xforce.ibmcloud.com/vulnerabilities/33377", "https://issues.foresightlinux.org/browse/FL-222", "https://issues.rpath.com/browse/RPL-1205", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9254", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496", "http://secunia.com/advisories/24721", "http://secunia.com/advisories/24739", "http://secunia.com/advisories/25072", "http://secunia.com/advisories/25206", "http://secunia.com/advisories/25992", "http://secunia.com/advisories/26177", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/29857", "http://secunia.com/advisories/36260", "http://security.gentoo.org/glsa/glsa-200705-13.xml", "http://www.debian.org/security/2009/dsa-1858", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147", "http://www.novell.com/linux/security/advisories/2007_8_sr.html", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.redhat.com/support/errata/RHSA-2008-0165.html", "http://www.securityfocus.com/bid/23252", "http://www.securityfocus.com/bid/23347", "http://www.securitytracker.com/id?1017839", "http://www.ubuntu.com/usn/usn-481-1", "http://www.vupen.com/english/advisories/2007/1200", "https://exchange.xforce.ibmcloud.com/vulnerabilities/33376", "https://exchange.xforce.ibmcloud.com/vulnerabilities/33377", "https://issues.foresightlinux.org/browse/FL-222", "https://issues.rpath.com/browse/RPL-1205", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9254"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2007-1797"
+imported = 2025-11-25T22:35:58.840Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2007-04-02T22:19:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2007-1797"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2007-1797"
+```
+
+# Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary...
+
+Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubkn-1w3njgg.md b/advisories/published/2025/JLSEC-0000-mntnaubkn-1w3njgg.md
new file mode 100644
index 00000000..8a3e8708
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubkn-1w3njgg.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubkn-1w3njgg"
+modified = 2025-11-25T22:35:58.871Z
+upstream = ["CVE-2007-4985"]
+references = ["http://bugs.gentoo.org/show_bug.cgi?id=186030", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596", "http://secunia.com/advisories/26926", "http://secunia.com/advisories/27048", "http://secunia.com/advisories/27309", "http://secunia.com/advisories/27364", "http://secunia.com/advisories/27439", "http://secunia.com/advisories/28721", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/29857", "http://secunia.com/advisories/36260", "http://security.gentoo.org/glsa/glsa-200710-27.xml", "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html", "http://www.debian.org/security/2009/dsa-1858", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035", "http://www.novell.com/linux/security/advisories/2007_23_sr.html", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.redhat.com/support/errata/RHSA-2008-0165.html", "http://www.securityfocus.com/archive/1/483572/100/0/threaded", "http://www.securityfocus.com/bid/25764", "http://www.securitytracker.com/id?1018729", "http://www.ubuntu.com/usn/usn-523-1", "http://www.vupen.com/english/advisories/2007/3245", "https://exchange.xforce.ibmcloud.com/vulnerabilities/36740", "https://issues.rpath.com/browse/RPL-1743", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10869", "http://bugs.gentoo.org/show_bug.cgi?id=186030", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596", "http://secunia.com/advisories/26926", "http://secunia.com/advisories/27048", "http://secunia.com/advisories/27309", "http://secunia.com/advisories/27364", "http://secunia.com/advisories/27439", "http://secunia.com/advisories/28721", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/29857", "http://secunia.com/advisories/36260", "http://security.gentoo.org/glsa/glsa-200710-27.xml", "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html", "http://www.debian.org/security/2009/dsa-1858", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035", "http://www.novell.com/linux/security/advisories/2007_23_sr.html", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.redhat.com/support/errata/RHSA-2008-0165.html", "http://www.securityfocus.com/archive/1/483572/100/0/threaded", "http://www.securityfocus.com/bid/25764", "http://www.securitytracker.com/id?1018729", "http://www.ubuntu.com/usn/usn-523-1", "http://www.vupen.com/english/advisories/2007/3245", "https://exchange.xforce.ibmcloud.com/vulnerabilities/36740", "https://issues.rpath.com/browse/RPL-1743", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10869"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2007-4985"
+imported = 2025-11-25T22:35:58.871Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2007-09-24T22:17:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2007-4985"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2007-4985"
+```
+
+# ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a cra...
+
+ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubm2-9cmhb2.md b/advisories/published/2025/JLSEC-0000-mntnaubm2-9cmhb2.md
new file mode 100644
index 00000000..6098e284
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubm2-9cmhb2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubm2-9cmhb2"
+modified = 2025-11-25T22:35:58.922Z
+upstream = ["CVE-2007-4986"]
+references = ["http://bugs.gentoo.org/show_bug.cgi?id=186030", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594", "http://secunia.com/advisories/26926", "http://secunia.com/advisories/27048", "http://secunia.com/advisories/27309", "http://secunia.com/advisories/27364", "http://secunia.com/advisories/27439", "http://secunia.com/advisories/28721", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/29857", "http://secunia.com/advisories/35316", "http://secunia.com/advisories/36260", "http://security.gentoo.org/glsa/glsa-200710-27.xml", "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html", "http://www.debian.org/security/2009/dsa-1858", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035", "http://www.novell.com/linux/security/advisories/2007_23_sr.html", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.redhat.com/support/errata/RHSA-2008-0165.html", "http://www.securityfocus.com/archive/1/483572/100/0/threaded", "http://www.securityfocus.com/bid/25763", "http://www.securitytracker.com/id?1018729", "http://www.ubuntu.com/usn/usn-523-1", "http://www.vupen.com/english/advisories/2007/3245", "https://exchange.xforce.ibmcloud.com/vulnerabilities/36738", "https://issues.rpath.com/browse/RPL-1743", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963", "http://bugs.gentoo.org/show_bug.cgi?id=186030", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594", "http://secunia.com/advisories/26926", "http://secunia.com/advisories/27048", "http://secunia.com/advisories/27309", "http://secunia.com/advisories/27364", "http://secunia.com/advisories/27439", "http://secunia.com/advisories/28721", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/29857", "http://secunia.com/advisories/35316", "http://secunia.com/advisories/36260", "http://security.gentoo.org/glsa/glsa-200710-27.xml", "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html", "http://www.debian.org/security/2009/dsa-1858", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035", "http://www.novell.com/linux/security/advisories/2007_23_sr.html", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.redhat.com/support/errata/RHSA-2008-0165.html", "http://www.securityfocus.com/archive/1/483572/100/0/threaded", "http://www.securityfocus.com/bid/25763", "http://www.securitytracker.com/id?1018729", "http://www.ubuntu.com/usn/usn-523-1", "http://www.vupen.com/english/advisories/2007/3245", "https://exchange.xforce.ibmcloud.com/vulnerabilities/36738", "https://issues.rpath.com/browse/RPL-1743", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2007-4986"
+imported = 2025-11-25T22:35:58.922Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2007-09-24T22:17:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2007-4986"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2007-4986"
+```
+
+# Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execut...
+
+Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubmx-hsp15f.md b/advisories/published/2025/JLSEC-0000-mntnaubmx-hsp15f.md
new file mode 100644
index 00000000..2e19c3e0
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubmx-hsp15f.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubmx-hsp15f"
+modified = 2025-11-25T22:35:58.953Z
+upstream = ["CVE-2007-4987"]
+references = ["http://bugs.gentoo.org/show_bug.cgi?id=186030", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=595", "http://secunia.com/advisories/26926", "http://secunia.com/advisories/27048", "http://secunia.com/advisories/27309", "http://secunia.com/advisories/27364", "http://secunia.com/advisories/27439", "http://secunia.com/advisories/28721", "http://secunia.com/advisories/36260", "http://security.gentoo.org/glsa/glsa-200710-27.xml", "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html", "http://www.debian.org/security/2009/dsa-1858", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035", "http://www.novell.com/linux/security/advisories/2007_23_sr.html", "http://www.securityfocus.com/archive/1/483572/100/0/threaded", "http://www.securityfocus.com/bid/25766", "http://www.securitytracker.com/id?1018729", "http://www.ubuntu.com/usn/usn-523-1", "http://www.vupen.com/english/advisories/2007/3245", "https://exchange.xforce.ibmcloud.com/vulnerabilities/36739", "https://issues.rpath.com/browse/RPL-1743", "http://bugs.gentoo.org/show_bug.cgi?id=186030", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=595", "http://secunia.com/advisories/26926", "http://secunia.com/advisories/27048", "http://secunia.com/advisories/27309", "http://secunia.com/advisories/27364", "http://secunia.com/advisories/27439", "http://secunia.com/advisories/28721", "http://secunia.com/advisories/36260", "http://security.gentoo.org/glsa/glsa-200710-27.xml", "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html", "http://www.debian.org/security/2009/dsa-1858", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035", "http://www.novell.com/linux/security/advisories/2007_23_sr.html", "http://www.securityfocus.com/archive/1/483572/100/0/threaded", "http://www.securityfocus.com/bid/25766", "http://www.securitytracker.com/id?1018729", "http://www.ubuntu.com/usn/usn-523-1", "http://www.vupen.com/english/advisories/2007/3245", "https://exchange.xforce.ibmcloud.com/vulnerabilities/36739", "https://issues.rpath.com/browse/RPL-1743"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2007-4987"
+imported = 2025-11-25T22:35:58.953Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2007-09-24T22:17:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2007-4987"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2007-4987"
+```
+
+# Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows conte...
+
+Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubmy-lft4j0.md b/advisories/published/2025/JLSEC-0000-mntnaubmy-lft4j0.md
new file mode 100644
index 00000000..e6d35051
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubmy-lft4j0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubmy-lft4j0"
+modified = 2025-11-25T22:35:58.954Z
+upstream = ["CVE-2007-4988"]
+references = ["http://bugs.gentoo.org/show_bug.cgi?id=186030", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=597", "http://secunia.com/advisories/26926", "http://secunia.com/advisories/27048", "http://secunia.com/advisories/27309", "http://secunia.com/advisories/27364", "http://secunia.com/advisories/27439", "http://secunia.com/advisories/28721", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/36260", "http://security.gentoo.org/glsa/glsa-200710-27.xml", "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html", "http://www.debian.org/security/2009/dsa-1858", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035", "http://www.novell.com/linux/security/advisories/2007_23_sr.html", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.securityfocus.com/archive/1/483572/100/0/threaded", "http://www.securityfocus.com/bid/25765", "http://www.securitytracker.com/id?1018729", "http://www.ubuntu.com/usn/usn-523-1", "http://www.vupen.com/english/advisories/2007/3245", "https://exchange.xforce.ibmcloud.com/vulnerabilities/36737", "https://issues.rpath.com/browse/RPL-1743", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9656", "http://bugs.gentoo.org/show_bug.cgi?id=186030", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=597", "http://secunia.com/advisories/26926", "http://secunia.com/advisories/27048", "http://secunia.com/advisories/27309", "http://secunia.com/advisories/27364", "http://secunia.com/advisories/27439", "http://secunia.com/advisories/28721", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/36260", "http://security.gentoo.org/glsa/glsa-200710-27.xml", "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html", "http://www.debian.org/security/2009/dsa-1858", "http://www.imagemagick.org/script/changelog.php", "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035", "http://www.novell.com/linux/security/advisories/2007_23_sr.html", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.securityfocus.com/archive/1/483572/100/0/threaded", "http://www.securityfocus.com/bid/25765", "http://www.securitytracker.com/id?1018729", "http://www.ubuntu.com/usn/usn-523-1", "http://www.vupen.com/english/advisories/2007/3245", "https://exchange.xforce.ibmcloud.com/vulnerabilities/36737", "https://issues.rpath.com/browse/RPL-1743", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9656"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2007-4988"
+imported = 2025-11-25T22:35:58.954Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2007-09-24T22:17:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2007-4988"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2007-4988"
+```
+
+# Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-depen...
+
+Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubn0-gxrjrz.md b/advisories/published/2025/JLSEC-0000-mntnaubn0-gxrjrz.md
new file mode 100644
index 00000000..259ca102
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubn0-gxrjrz.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubn0-gxrjrz"
+modified = 2025-11-25T22:35:58.956Z
+upstream = ["CVE-2008-1096"]
+references = ["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414370", "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html", "http://osvdb.org/43212", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/30967", "http://secunia.com/advisories/32945", "http://secunia.com/advisories/36260", "http://www.debian.org/security/2009/dsa-1858", "http://www.mandriva.com/security/advisories?name=MDVSA-2008:099", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.securityfocus.com/bid/28821", "http://www.securitytracker.com/id?1019880", "http://www.ubuntu.com/usn/USN-681-1", "https://bugzilla.redhat.com/show_bug.cgi?id=286411", "https://exchange.xforce.ibmcloud.com/vulnerabilities/41194", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10843", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414370", "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html", "http://osvdb.org/43212", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/30967", "http://secunia.com/advisories/32945", "http://secunia.com/advisories/36260", "http://www.debian.org/security/2009/dsa-1858", "http://www.mandriva.com/security/advisories?name=MDVSA-2008:099", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.securityfocus.com/bid/28821", "http://www.securitytracker.com/id?1019880", "http://www.ubuntu.com/usn/USN-681-1", "https://bugzilla.redhat.com/show_bug.cgi?id=286411", "https://exchange.xforce.ibmcloud.com/vulnerabilities/41194", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10843"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2008-1096"
+imported = 2025-11-25T22:35:58.956Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2008-03-05T20:44:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2008-1096"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2008-1096"
+```
+
+# The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsM...
+
+The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubn3-1adwq16.md b/advisories/published/2025/JLSEC-0000-mntnaubn3-1adwq16.md
new file mode 100644
index 00000000..666777d5
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubn3-1adwq16.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubn3-1adwq16"
+modified = 2025-11-25T22:35:58.959Z
+upstream = ["CVE-2008-1097"]
+references = ["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034", "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html", "http://osvdb.org/43213", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/29857", "http://secunia.com/advisories/30967", "http://secunia.com/advisories/36260", "http://secunia.com/advisories/55721", "http://security.gentoo.org/glsa/glsa-201311-10.xml", "http://www.debian.org/security/2009/dsa-1858", "http://www.mandriva.com/security/advisories?name=MDVSA-2008:099", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.redhat.com/support/errata/RHSA-2008-0165.html", "http://www.securityfocus.com/bid/28822", "http://www.securitytracker.com/id?1019881", "https://bugzilla.redhat.com/show_bug.cgi?id=285861", "https://exchange.xforce.ibmcloud.com/vulnerabilities/41193", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11237", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034", "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html", "http://osvdb.org/43213", "http://secunia.com/advisories/29786", "http://secunia.com/advisories/29857", "http://secunia.com/advisories/30967", "http://secunia.com/advisories/36260", "http://secunia.com/advisories/55721", "http://security.gentoo.org/glsa/glsa-201311-10.xml", "http://www.debian.org/security/2009/dsa-1858", "http://www.mandriva.com/security/advisories?name=MDVSA-2008:099", "http://www.redhat.com/support/errata/RHSA-2008-0145.html", "http://www.redhat.com/support/errata/RHSA-2008-0165.html", "http://www.securityfocus.com/bid/28822", "http://www.securitytracker.com/id?1019881", "https://bugzilla.redhat.com/show_bug.cgi?id=285861", "https://exchange.xforce.ibmcloud.com/vulnerabilities/41193", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11237"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2008-1097"
+imported = 2025-11-25T22:35:58.959Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2008-03-05T20:44:00.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2008-1097"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2008-1097"
+```
+
+# Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) Imag...
+
+Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubn3-1dicws5.md b/advisories/published/2025/JLSEC-0000-mntnaubn3-1dicws5.md
new file mode 100644
index 00000000..0025d174
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubn3-1dicws5.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubn3-1dicws5"
+modified = 2025-11-25T22:35:58.959Z
+upstream = ["CVE-2009-1882"]
+references = ["http://imagemagick.org/script/changelog.php", "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033766.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033833.html", "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "http://mirror1.smudge-it.co.uk/imagemagick/www/changelog.html", "http://osvdb.org/54729", "http://secunia.com/advisories/35216", "http://secunia.com/advisories/35382", "http://secunia.com/advisories/35685", "http://secunia.com/advisories/36260", "http://secunia.com/advisories/37959", "http://secunia.com/advisories/55721", "http://security.gentoo.org/glsa/glsa-201311-10.xml", "http://wiki.rpath.com/Advisories:rPSA-2010-0074", "http://www.debian.org/security/2009/dsa-1858", "http://www.openwall.com/lists/oss-security/2009/06/08/1", "http://www.securityfocus.com/archive/1/514516/100/0/threaded", "http://www.securityfocus.com/bid/35111", "http://www.vupen.com/english/advisories/2009/1449", "https://usn.ubuntu.com/784-1/", "http://imagemagick.org/script/changelog.php", "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033766.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033833.html", "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "http://mirror1.smudge-it.co.uk/imagemagick/www/changelog.html", "http://osvdb.org/54729", "http://secunia.com/advisories/35216", "http://secunia.com/advisories/35382", "http://secunia.com/advisories/35685", "http://secunia.com/advisories/36260", "http://secunia.com/advisories/37959", "http://secunia.com/advisories/55721", "http://security.gentoo.org/glsa/glsa-201311-10.xml", "http://wiki.rpath.com/Advisories:rPSA-2010-0074", "http://www.debian.org/security/2009/dsa-1858", "http://www.openwall.com/lists/oss-security/2009/06/08/1", "http://www.securityfocus.com/archive/1/514516/100/0/threaded", "http://www.securityfocus.com/bid/35111", "http://www.vupen.com/english/advisories/2009/1449", "https://usn.ubuntu.com/784-1/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2009-1882"
+imported = 2025-11-25T22:35:58.959Z
+modified = 2025-04-09T00:30:58.490Z
+published = 2009-06-02T15:30:00.360Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2009-1882"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2009-1882"
+```
+
+# Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and Graphics...
+
+Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are obtained from third party information.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubs8-tblutc.md b/advisories/published/2025/JLSEC-0000-mntnaubs8-tblutc.md
new file mode 100644
index 00000000..e450affe
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubs8-tblutc.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubs8-tblutc"
+modified = 2025-11-25T22:35:59.144Z
+upstream = ["CVE-2010-4167"]
+references = ["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052515.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052599.html", "http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://secunia.com/advisories/42497", "http://secunia.com/advisories/42744", "http://secunia.com/advisories/48100", "http://secunia.com/advisories/49063", "http://www.imagemagick.org/script/changelog.php", "http://www.openwall.com/lists/oss-security/2010/11/13/1", "http://www.openwall.com/lists/oss-security/2010/11/15/3", "http://www.securityfocus.com/bid/45044", "http://www.ubuntu.com/usn/USN-1028-1", "http://www.vupen.com/english/advisories/2010/3150", "http://www.vupen.com/english/advisories/2010/3322", "https://bugzilla.redhat.com/show_bug.cgi?id=652860", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052515.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052599.html", "http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://secunia.com/advisories/42497", "http://secunia.com/advisories/42744", "http://secunia.com/advisories/48100", "http://secunia.com/advisories/49063", "http://www.imagemagick.org/script/changelog.php", "http://www.openwall.com/lists/oss-security/2010/11/13/1", "http://www.openwall.com/lists/oss-security/2010/11/15/3", "http://www.securityfocus.com/bid/45044", "http://www.ubuntu.com/usn/USN-1028-1", "http://www.vupen.com/english/advisories/2010/3150", "http://www.vupen.com/english/advisories/2010/3322", "https://bugzilla.redhat.com/show_bug.cgi?id=652860"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2010-4167"
+imported = 2025-11-25T22:35:59.144Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2010-11-22T20:00:03.637Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2010-4167"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2010-4167"
+```
+
+# Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_IN...
+
+Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubs9-1cc3ndh.md b/advisories/published/2025/JLSEC-0000-mntnaubs9-1cc3ndh.md
new file mode 100644
index 00000000..e8e76f42
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubs9-1cc3ndh.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubs9-1cc3ndh"
+modified = 2025-11-25T22:35:59.145Z
+upstream = ["CVE-2012-0247"]
+references = ["http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://rhn.redhat.com/errata/RHSA-2012-0545.html", "http://secunia.com/advisories/47926", "http://secunia.com/advisories/48247", "http://secunia.com/advisories/48259", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49063", "http://secunia.com/advisories/49068", "http://ubuntu.com/usn/usn-1435-1", "http://www.cert.fi/en/reports/2012/vulnerability595210.html", "http://www.debian.org/security/2012/dsa-2427", "http://www.gentoo.org/security/en/glsa/glsa-201203-09.xml", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20286", "http://www.osvdb.org/79003", "http://www.securitytracker.com/id?1027032", "http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://rhn.redhat.com/errata/RHSA-2012-0545.html", "http://secunia.com/advisories/47926", "http://secunia.com/advisories/48247", "http://secunia.com/advisories/48259", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49063", "http://secunia.com/advisories/49068", "http://ubuntu.com/usn/usn-1435-1", "http://www.cert.fi/en/reports/2012/vulnerability595210.html", "http://www.debian.org/security/2012/dsa-2427", "http://www.gentoo.org/security/en/glsa/glsa-201203-09.xml", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20286", "http://www.osvdb.org/79003", "http://www.securitytracker.com/id?1027032"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2012-0247"
+imported = 2025-11-25T22:35:59.145Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2012-06-05T22:55:06.950Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2012-0247"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2012-0247"
+```
+
+# ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corrupt...
+
+ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsa-1qjrkft.md b/advisories/published/2025/JLSEC-0000-mntnaubsa-1qjrkft.md
new file mode 100644
index 00000000..b32e757d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsa-1qjrkft.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsa-1qjrkft"
+modified = 2025-11-25T22:35:59.146Z
+upstream = ["CVE-2012-0259"]
+references = ["http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://secunia.com/advisories/48679", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49063", "http://secunia.com/advisories/49317", "http://secunia.com/advisories/55035", "http://ubuntu.com/usn/usn-1435-1", "http://www.cert.fi/en/reports/2012/vulnerability635606.html", "http://www.debian.org/security/2012/dsa-2462", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629", "http://www.osvdb.org/81021", "http://www.securityfocus.com/bid/52898", "http://www.securitytracker.com/id?1027032", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259", "https://exchange.xforce.ibmcloud.com/vulnerabilities/74657", "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://secunia.com/advisories/48679", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49063", "http://secunia.com/advisories/49317", "http://secunia.com/advisories/55035", "http://ubuntu.com/usn/usn-1435-1", "http://www.cert.fi/en/reports/2012/vulnerability635606.html", "http://www.debian.org/security/2012/dsa-2462", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629", "http://www.osvdb.org/81021", "http://www.securityfocus.com/bid/52898", "http://www.securitytracker.com/id?1027032", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259", "https://exchange.xforce.ibmcloud.com/vulnerabilities/74657"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2012-0259"
+imported = 2025-11-25T22:35:59.146Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2012-06-05T22:55:07.733Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2012-0259"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2012-0259"
+```
+
+# The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attack...
+
+The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsa-je55b.md b/advisories/published/2025/JLSEC-0000-mntnaubsa-je55b.md
new file mode 100644
index 00000000..46ad44af
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsa-je55b.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsa-je55b"
+modified = 2025-11-25T22:35:59.146Z
+upstream = ["CVE-2012-0248"]
+references = ["http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://rhn.redhat.com/errata/RHSA-2012-0545.html", "http://secunia.com/advisories/47926", "http://secunia.com/advisories/48247", "http://secunia.com/advisories/48259", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49063", "http://secunia.com/advisories/49068", "http://ubuntu.com/usn/usn-1435-1", "http://www.cert.fi/en/reports/2012/vulnerability595210.html", "http://www.debian.org/security/2012/dsa-2427", "http://www.gentoo.org/security/en/glsa/glsa-201203-09.xml", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20286", "http://www.osvdb.org/79003", "http://www.securityfocus.com/bid/51957", "http://www.securitytracker.com/id?1027032", "http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://rhn.redhat.com/errata/RHSA-2012-0545.html", "http://secunia.com/advisories/47926", "http://secunia.com/advisories/48247", "http://secunia.com/advisories/48259", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49063", "http://secunia.com/advisories/49068", "http://ubuntu.com/usn/usn-1435-1", "http://www.cert.fi/en/reports/2012/vulnerability595210.html", "http://www.debian.org/security/2012/dsa-2427", "http://www.gentoo.org/security/en/glsa/glsa-201203-09.xml", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20286", "http://www.osvdb.org/79003", "http://www.securityfocus.com/bid/51957", "http://www.securitytracker.com/id?1027032"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2012-0248"
+imported = 2025-11-25T22:35:59.146Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2012-06-05T22:55:07.027Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2012-0248"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2012-0248"
+```
+
+# ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop ...
+
+ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsb-ri2mx7.md b/advisories/published/2025/JLSEC-0000-mntnaubsb-ri2mx7.md
new file mode 100644
index 00000000..44039c07
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsb-ri2mx7.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsb-ri2mx7"
+modified = 2025-11-25T22:35:59.147Z
+upstream = ["CVE-2012-0260"]
+references = ["http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://rhn.redhat.com/errata/RHSA-2012-0545.html", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49063", "http://secunia.com/advisories/49068", "http://secunia.com/advisories/49317", "http://secunia.com/advisories/55035", "http://secunia.com/advisories/57224", "http://www.cert.fi/en/reports/2012/vulnerability635606.html", "http://www.debian.org/security/2012/dsa-2462", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629", "http://www.osvdb.org/81022", "http://www.securityfocus.com/bid/52898", "http://www.securitytracker.com/id?1027032", "http://www.ubuntu.com/usn/USN-2132-1", "https://exchange.xforce.ibmcloud.com/vulnerabilities/74658", "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://rhn.redhat.com/errata/RHSA-2012-0545.html", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49063", "http://secunia.com/advisories/49068", "http://secunia.com/advisories/49317", "http://secunia.com/advisories/55035", "http://secunia.com/advisories/57224", "http://www.cert.fi/en/reports/2012/vulnerability635606.html", "http://www.debian.org/security/2012/dsa-2462", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629", "http://www.osvdb.org/81022", "http://www.securityfocus.com/bid/52898", "http://www.securitytracker.com/id?1027032", "http://www.ubuntu.com/usn/USN-2132-1", "https://exchange.xforce.ibmcloud.com/vulnerabilities/74658"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2012-0260"
+imported = 2025-11-25T22:35:59.147Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2012-06-05T22:55:07.793Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2012-0260"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2012-0260"
+```
+
+# The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attacke...
+
+The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsc-v6brpj.md b/advisories/published/2025/JLSEC-0000-mntnaubsc-v6brpj.md
new file mode 100644
index 00000000..a3dea556
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsc-v6brpj.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsc-v6brpj"
+modified = 2025-11-25T22:35:59.148Z
+upstream = ["CVE-2012-1185"]
+references = ["http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://secunia.com/advisories/47926", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49317", "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c", "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/property.c", "http://ubuntu.com/usn/usn-1435-1", "http://www.debian.org/security/2012/dsa-2462", "http://www.openwall.com/lists/oss-security/2012/03/19/5", "http://www.osvdb.org/80556", "http://www.securityfocus.com/bid/51957", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1185", "https://exchange.xforce.ibmcloud.com/vulnerabilities/76140", "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://secunia.com/advisories/47926", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49317", "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c", "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/property.c", "http://ubuntu.com/usn/usn-1435-1", "http://www.debian.org/security/2012/dsa-2462", "http://www.openwall.com/lists/oss-security/2012/03/19/5", "http://www.osvdb.org/80556", "http://www.securityfocus.com/bid/51957", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1185", "https://exchange.xforce.ibmcloud.com/vulnerabilities/76140"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2012-1185"
+imported = 2025-11-25T22:35:59.148Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2012-06-05T22:55:09.887Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2012-1185"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2012-1185"
+```
+
+# Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and...
+
+Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsd-zg6xip.md b/advisories/published/2025/JLSEC-0000-mntnaubsd-zg6xip.md
new file mode 100644
index 00000000..3fbd4ffe
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsd-zg6xip.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsd-zg6xip"
+modified = 2025-11-25T22:35:59.149Z
+upstream = ["CVE-2012-1186"]
+references = ["http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://secunia.com/advisories/47926", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49317", "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c", "http://ubuntu.com/usn/usn-1435-1", "http://www.debian.org/security/2012/dsa-2462", "http://www.openwall.com/lists/oss-security/2012/03/19/5", "http://www.osvdb.org/80555", "http://www.securityfocus.com/bid/51957", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1186", "https://exchange.xforce.ibmcloud.com/vulnerabilities/76139", "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://secunia.com/advisories/47926", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49317", "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c", "http://ubuntu.com/usn/usn-1435-1", "http://www.debian.org/security/2012/dsa-2462", "http://www.openwall.com/lists/oss-security/2012/03/19/5", "http://www.osvdb.org/80555", "http://www.securityfocus.com/bid/51957", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1186", "https://exchange.xforce.ibmcloud.com/vulnerabilities/76139"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2012-1186"
+imported = 2025-11-25T22:35:59.149Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2012-06-05T22:55:09.950Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2012-1186"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2012-1186"
+```
+
+# Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier a...
+
+Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubse-ruoori.md b/advisories/published/2025/JLSEC-0000-mntnaubse-ruoori.md
new file mode 100644
index 00000000..74ec4516
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubse-ruoori.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubse-ruoori"
+modified = 2025-11-25T22:35:59.150Z
+upstream = ["CVE-2012-1610"]
+references = ["http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49317", "http://secunia.com/advisories/55035", "http://ubuntu.com/usn/usn-1435-1", "http://www.debian.org/security/2012/dsa-2462", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629", "http://www.openwall.com/lists/oss-security/2012/04/04/6", "http://www.osvdb.org/81024", "http://www.securityfocus.com/bid/52898", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259", "https://exchange.xforce.ibmcloud.com/vulnerabilities/74660", "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49043", "http://secunia.com/advisories/49317", "http://secunia.com/advisories/55035", "http://ubuntu.com/usn/usn-1435-1", "http://www.debian.org/security/2012/dsa-2462", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629", "http://www.openwall.com/lists/oss-security/2012/04/04/6", "http://www.osvdb.org/81024", "http://www.securityfocus.com/bid/52898", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259", "https://exchange.xforce.ibmcloud.com/vulnerabilities/74660"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2012-1610"
+imported = 2025-11-25T22:35:59.150Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2012-06-05T22:55:10.013Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2012-1610"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2012-1610"
+```
+
+# Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 ...
+
+Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsf-qaghmx.md b/advisories/published/2025/JLSEC-0000-mntnaubsf-qaghmx.md
new file mode 100644
index 00000000..4270b72f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsf-qaghmx.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsf-qaghmx"
+modified = 2025-11-25T22:35:59.151Z
+upstream = ["CVE-2012-3437"]
+references = ["http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.html", "http://secunia.com/advisories/50091", "http://secunia.com/advisories/50398", "http://www.mandriva.com/security/advisories?name=MDVSA-2012:160", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:092", "http://www.securityfocus.com/bid/54714", "http://www.securitytracker.com/id?1027321", "http://www.ubuntu.com/usn/USN-1544-1", "https://bugzilla.redhat.com/show_bug.cgi?id=844101", "https://exchange.xforce.ibmcloud.com/vulnerabilities/77260", "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243", "http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.html", "http://secunia.com/advisories/50091", "http://secunia.com/advisories/50398", "http://www.mandriva.com/security/advisories?name=MDVSA-2012:160", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:092", "http://www.securityfocus.com/bid/54714", "http://www.securitytracker.com/id?1027321", "http://www.ubuntu.com/usn/USN-1544-1", "https://bugzilla.redhat.com/show_bug.cgi?id=844101", "https://exchange.xforce.ibmcloud.com/vulnerabilities/77260", "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2012-3437"
+imported = 2025-11-25T22:35:59.151Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2012-08-07T21:55:02.063Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2012-3437"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2012-3437"
+```
+
+# The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the pro...
+
+The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsf-zwpf0a.md b/advisories/published/2025/JLSEC-0000-mntnaubsf-zwpf0a.md
new file mode 100644
index 00000000..4ad9492c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsf-zwpf0a.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsf-zwpf0a"
+modified = 2025-11-25T22:35:59.151Z
+upstream = ["CVE-2012-1798"]
+references = ["http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49063", "http://secunia.com/advisories/49068", "http://secunia.com/advisories/49317", "http://secunia.com/advisories/55035", "http://www.debian.org/security/2012/dsa-2462", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629", "http://www.osvdb.org/81023", "http://www.securityfocus.com/bid/52898", "http://www.securitytracker.com/id?1027032", "https://exchange.xforce.ibmcloud.com/vulnerabilities/74659", "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html", "http://rhn.redhat.com/errata/RHSA-2012-0544.html", "http://secunia.com/advisories/48974", "http://secunia.com/advisories/49063", "http://secunia.com/advisories/49068", "http://secunia.com/advisories/49317", "http://secunia.com/advisories/55035", "http://www.debian.org/security/2012/dsa-2462", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629", "http://www.osvdb.org/81023", "http://www.securityfocus.com/bid/52898", "http://www.securitytracker.com/id?1027032", "https://exchange.xforce.ibmcloud.com/vulnerabilities/74659"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2012-1798"
+imported = 2025-11-25T22:35:59.151Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2012-06-05T22:55:10.060Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2012-1798"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2012-1798"
+```
+
+# The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote atta...
+
+The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsk-jhbxaj.md b/advisories/published/2025/JLSEC-0000-mntnaubsk-jhbxaj.md
new file mode 100644
index 00000000..ff3c68ec
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsk-jhbxaj.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsk-jhbxaj"
+modified = 2025-11-25T22:35:59.156Z
+upstream = ["CVE-2013-4298"]
+references = ["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721273", "http://secunia.com/advisories/54581", "http://secunia.com/advisories/54671", "http://www.debian.org/security/2013/dsa-2750", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=23921", "http://www.imagemagick.org/script/changelog.php", "http://www.ubuntu.com/usn/USN-1949-1", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1218248", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721273", "http://secunia.com/advisories/54581", "http://secunia.com/advisories/54671", "http://www.debian.org/security/2013/dsa-2750", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=23921", "http://www.imagemagick.org/script/changelog.php", "http://www.ubuntu.com/usn/USN-1949-1", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1218248"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2013-4298"
+imported = 2025-11-25T22:35:59.156Z
+modified = 2025-04-11T00:51:21.963Z
+published = 2013-09-10T19:55:11.367Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2013-4298"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2013-4298"
+```
+
+# The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to c...
+
+The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsm-sbs7ak.md b/advisories/published/2025/JLSEC-0000-mntnaubsm-sbs7ak.md
new file mode 100644
index 00000000..9004f8a7
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsm-sbs7ak.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsm-sbs7ak"
+modified = 2025-11-25T22:35:59.158Z
+upstream = ["CVE-2016-3714"]
+references = ["http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", "http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.html", "http://rhn.redhat.com/errata/RHSA-2016-0726.html", "http://www.debian.org/security/2016/dsa-3580", "http://www.debian.org/security/2016/dsa-3746", "http://www.openwall.com/lists/oss-security/2016/05/03/13", "http://www.openwall.com/lists/oss-security/2016/05/03/18", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegate", "http://www.securityfocus.com/archive/1/538378/100/0/threaded", "http://www.securityfocus.com/bid/89848", "http://www.securitytracker.com/id/1035742", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", "http://www.ubuntu.com/usn/USN-2990-1", "https://access.redhat.com/security/vulnerabilities/2296071", "https://bugzilla.redhat.com/show_bug.cgi?id=1332492", "https://imagetragick.com/", "https://security.gentoo.org/glsa/201611-21", "https://www.exploit-db.com/exploits/39767/", "https://www.exploit-db.com/exploits/39791/", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "https://www.imagemagick.org/script/changelog.php", "https://www.kb.cert.org/vuls/id/250519", "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", "http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.html", "http://rhn.redhat.com/errata/RHSA-2016-0726.html", "http://www.debian.org/security/2016/dsa-3580", "http://www.debian.org/security/2016/dsa-3746", "http://www.openwall.com/lists/oss-security/2016/05/03/13", "http://www.openwall.com/lists/oss-security/2016/05/03/18", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegate", "http://www.securityfocus.com/archive/1/538378/100/0/threaded", "http://www.securityfocus.com/bid/89848", "http://www.securitytracker.com/id/1035742", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", "http://www.ubuntu.com/usn/USN-2990-1", "https://access.redhat.com/security/vulnerabilities/2296071", "https://bugzilla.redhat.com/show_bug.cgi?id=1332492", "https://imagetragick.com/", "https://security.gentoo.org/glsa/201611-21", "https://www.exploit-db.com/exploits/39767/", "https://www.exploit-db.com/exploits/39791/", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "https://www.imagemagick.org/script/changelog.php", "https://www.kb.cert.org/vuls/id/250519", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3714"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-3714"
+imported = 2025-11-25T22:35:59.158Z
+modified = 2025-10-22T00:15:51.667Z
+published = 2016-05-05T18:59:03.273Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-3714"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-3714"
+```
+
+# The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in I...
+
+The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubso-18ppupu.md b/advisories/published/2025/JLSEC-0000-mntnaubso-18ppupu.md
new file mode 100644
index 00000000..c1990126
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubso-18ppupu.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubso-18ppupu"
+modified = 2025-11-25T22:35:59.160Z
+upstream = ["CVE-2016-3715"]
+references = ["http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", "http://rhn.redhat.com/errata/RHSA-2016-0726.html", "http://www.debian.org/security/2016/dsa-3580", "http://www.debian.org/security/2016/dsa-3746", "http://www.openwall.com/lists/oss-security/2016/05/03/18", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/archive/1/538378/100/0/threaded", "http://www.securityfocus.com/bid/89852", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", "http://www.ubuntu.com/usn/USN-2990-1", "https://security.gentoo.org/glsa/201611-21", "https://www.exploit-db.com/exploits/39767/", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "https://www.imagemagick.org/script/changelog.php", "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", "http://rhn.redhat.com/errata/RHSA-2016-0726.html", "http://www.debian.org/security/2016/dsa-3580", "http://www.debian.org/security/2016/dsa-3746", "http://www.openwall.com/lists/oss-security/2016/05/03/18", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/archive/1/538378/100/0/threaded", "http://www.securityfocus.com/bid/89852", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", "http://www.ubuntu.com/usn/USN-2990-1", "https://security.gentoo.org/glsa/201611-21", "https://www.exploit-db.com/exploits/39767/", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "https://www.imagemagick.org/script/changelog.php", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3715"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-3715"
+imported = 2025-11-25T22:35:59.160Z
+modified = 2025-10-22T00:15:51.870Z
+published = 2016-05-05T18:59:04.727Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-3715"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-3715"
+```
+
+# The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to...
+
+The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsq-1lxey7s.md b/advisories/published/2025/JLSEC-0000-mntnaubsq-1lxey7s.md
new file mode 100644
index 00000000..1338ee93
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsq-1lxey7s.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsq-1lxey7s"
+modified = 2025-11-25T22:35:59.162Z
+upstream = ["CVE-2016-3716"]
+references = ["http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", "http://rhn.redhat.com/errata/RHSA-2016-0726.html", "http://www.debian.org/security/2016/dsa-3580", "http://www.openwall.com/lists/oss-security/2016/05/03/18", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/archive/1/538378/100/0/threaded", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", "http://www.ubuntu.com/usn/USN-2990-1", "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", "https://security.gentoo.org/glsa/201611-21", "https://www.exploit-db.com/exploits/39767/", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "https://www.imagemagick.org/script/changelog.php", "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", "http://rhn.redhat.com/errata/RHSA-2016-0726.html", "http://www.debian.org/security/2016/dsa-3580", "http://www.openwall.com/lists/oss-security/2016/05/03/18", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/archive/1/538378/100/0/threaded", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", "http://www.ubuntu.com/usn/USN-2990-1", "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", "https://security.gentoo.org/glsa/201611-21", "https://www.exploit-db.com/exploits/39767/", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "https://www.imagemagick.org/script/changelog.php"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-3716"
+imported = 2025-11-25T22:35:59.162Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-05-05T18:59:06.383Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-3716"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-3716"
+```
+
+# The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move ...
+
+The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubss-1i820jj.md b/advisories/published/2025/JLSEC-0000-mntnaubss-1i820jj.md
new file mode 100644
index 00000000..2792a805
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubss-1i820jj.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubss-1i820jj"
+modified = 2025-11-25T22:35:59.164Z
+upstream = ["CVE-2016-3717"]
+references = ["http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", "http://rhn.redhat.com/errata/RHSA-2016-0726.html", "http://www.debian.org/security/2016/dsa-3580", "http://www.openwall.com/lists/oss-security/2016/05/03/18", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/archive/1/538378/100/0/threaded", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", "http://www.ubuntu.com/usn/USN-2990-1", "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", "https://security.gentoo.org/glsa/201611-21", "https://www.exploit-db.com/exploits/39767/", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "https://www.imagemagick.org/script/changelog.php", "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", "http://rhn.redhat.com/errata/RHSA-2016-0726.html", "http://www.debian.org/security/2016/dsa-3580", "http://www.openwall.com/lists/oss-security/2016/05/03/18", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/archive/1/538378/100/0/threaded", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", "http://www.ubuntu.com/usn/USN-2990-1", "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", "https://security.gentoo.org/glsa/201611-21", "https://www.exploit-db.com/exploits/39767/", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "https://www.imagemagick.org/script/changelog.php"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-3717"
+imported = 2025-11-25T22:35:59.164Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-05-05T18:59:07.663Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-3717"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-3717"
+```
+
+# The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to rea...
+
+The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsu-vtutt6.md b/advisories/published/2025/JLSEC-0000-mntnaubsu-vtutt6.md
new file mode 100644
index 00000000..ba0ee734
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsu-vtutt6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsu-vtutt6"
+modified = 2025-11-25T22:35:59.166Z
+upstream = ["CVE-2016-3718"]
+references = ["http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", "http://rhn.redhat.com/errata/RHSA-2016-0726.html", "http://www.debian.org/security/2016/dsa-3580", "http://www.openwall.com/lists/oss-security/2016/05/03/18", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/archive/1/538378/100/0/threaded", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", "http://www.ubuntu.com/usn/USN-2990-1", "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", "https://security.gentoo.org/glsa/201611-21", "https://www.exploit-db.com/exploits/39767/", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "https://www.imagemagick.org/script/changelog.php", "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html", "http://rhn.redhat.com/errata/RHSA-2016-0726.html", "http://www.debian.org/security/2016/dsa-3580", "http://www.openwall.com/lists/oss-security/2016/05/03/18", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/archive/1/538378/100/0/threaded", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568", "http://www.ubuntu.com/usn/USN-2990-1", "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html", "https://security.gentoo.org/glsa/201611-21", "https://www.exploit-db.com/exploits/39767/", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588", "https://www.imagemagick.org/script/changelog.php", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3718"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-3718"
+imported = 2025-11-25T22:35:59.166Z
+modified = 2025-10-22T00:15:52.070Z
+published = 2016-05-05T18:59:08.960Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-3718"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-3718"
+```
+
+# The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote a...
+
+The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsw-nyzhvn.md b/advisories/published/2025/JLSEC-0000-mntnaubsw-nyzhvn.md
new file mode 100644
index 00000000..b4560118
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsw-nyzhvn.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsw-nyzhvn"
+modified = 2025-11-25T22:35:59.168Z
+upstream = ["CVE-2016-4562"]
+references = ["http://www.imagemagick.org/script/changelog.php", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950", "http://www.imagemagick.org/script/changelog.php", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-4562"
+imported = 2025-11-25T22:35:59.168Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-06-04T16:59:00.140Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-4562"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-4562"
+```
+
+# The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1...
+
+The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubsy-1dhhnca.md b/advisories/published/2025/JLSEC-0000-mntnaubsy-1dhhnca.md
new file mode 100644
index 00000000..c8a365ae
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubsy-1dhhnca.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubsy-1dhhnca"
+modified = 2025-11-25T22:35:59.170Z
+upstream = ["CVE-2016-4563"]
+references = ["http://www.imagemagick.org/script/changelog.php", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950", "http://www.imagemagick.org/script/changelog.php", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-4563"
+imported = 2025-11-25T22:35:59.170Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-06-04T16:59:01.390Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-4563"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-4563"
+```
+
+# The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7....
+
+The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubt1-15ez9r7.md b/advisories/published/2025/JLSEC-0000-mntnaubt1-15ez9r7.md
new file mode 100644
index 00000000..85be7739
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubt1-15ez9r7.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubt1-15ez9r7"
+modified = 2025-11-25T22:35:59.173Z
+upstream = ["CVE-2016-4564"]
+references = ["http://www.imagemagick.org/script/changelog.php", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950", "http://www.imagemagick.org/script/changelog.php", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-4564"
+imported = 2025-11-25T22:35:59.173Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-06-04T16:59:02.563Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-4564"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-4564"
+```
+
+# The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mak...
+
+The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubt2-px2em5.md b/advisories/published/2025/JLSEC-0000-mntnaubt2-px2em5.md
new file mode 100644
index 00000000..b4dc7e26
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubt2-px2em5.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubt2-px2em5"
+modified = 2025-11-25T22:35:59.174Z
+upstream = ["CVE-2016-5118"]
+references = ["http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8", "http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLog", "http://hg.code.sf.net/p/graphicsmagick/code/rev/ae3928faa858", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00021.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00030.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00032.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00047.html", "http://www.debian.org/security/2016/dsa-3591", "http://www.debian.org/security/2016/dsa-3746", "http://www.openwall.com/lists/oss-security/2016/05/29/7", "http://www.openwall.com/lists/oss-security/2016/05/30/1", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/90938", "http://www.securitytracker.com/id/1035984", "http://www.securitytracker.com/id/1035985", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.397749", "http://www.ubuntu.com/usn/USN-2990-1", "https://access.redhat.com/errata/RHSA-2016:1237", "http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8", "http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLog", "http://hg.code.sf.net/p/graphicsmagick/code/rev/ae3928faa858", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00021.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00030.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00032.html", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00047.html", "http://www.debian.org/security/2016/dsa-3591", "http://www.debian.org/security/2016/dsa-3746", "http://www.openwall.com/lists/oss-security/2016/05/29/7", "http://www.openwall.com/lists/oss-security/2016/05/30/1", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/90938", "http://www.securitytracker.com/id/1035984", "http://www.securitytracker.com/id/1035985", "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.397749", "http://www.ubuntu.com/usn/USN-2990-1", "https://access.redhat.com/errata/RHSA-2016:1237"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-5118"
+imported = 2025-11-25T22:35:59.174Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-06-10T15:59:06.737Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-5118"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-5118"
+```
+
+# The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attack...
+
+The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubt5-3974pj.md b/advisories/published/2025/JLSEC-0000-mntnaubt5-3974pj.md
new file mode 100644
index 00000000..8ccc943e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubt5-3974pj.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubt5-3974pj"
+modified = 2025-11-25T22:35:59.177Z
+upstream = ["CVE-2016-5687"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/14/5", "http://www.openwall.com/lists/oss-security/2016/06/17/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91283", "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html", "http://www.openwall.com/lists/oss-security/2016/06/14/5", "http://www.openwall.com/lists/oss-security/2016/06/17/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91283", "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-5687"
+imported = 2025-11-25T22:35:59.177Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-12-13T15:59:00.183Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-5687"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-5687"
+```
+
+# The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 al...
+
+The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubt8-7m9t6v.md b/advisories/published/2025/JLSEC-0000-mntnaubt8-7m9t6v.md
new file mode 100644
index 00000000..d7990d8c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubt8-7m9t6v.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubt8-7m9t6v"
+modified = 2025-11-25T22:35:59.180Z
+upstream = ["CVE-2016-5688"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/14/5", "http://www.openwall.com/lists/oss-security/2016/06/17/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91283", "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html", "https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f", "https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7", "https://github.com/ImageMagick/ImageMagick/commits/6.9.4-4", "https://github.com/ImageMagick/ImageMagick/commits/7.0.1-5", "http://www.openwall.com/lists/oss-security/2016/06/14/5", "http://www.openwall.com/lists/oss-security/2016/06/17/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91283", "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html", "https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f", "https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7", "https://github.com/ImageMagick/ImageMagick/commits/6.9.4-4", "https://github.com/ImageMagick/ImageMagick/commits/7.0.1-5"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-5688"
+imported = 2025-11-25T22:35:59.180Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-12-13T15:59:01.217Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-5688"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-5688"
+```
+
+# The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, all...
+
+The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubtd-10lb9ei.md b/advisories/published/2025/JLSEC-0000-mntnaubtd-10lb9ei.md
new file mode 100644
index 00000000..de065cdf
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubtd-10lb9ei.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubtd-10lb9ei"
+modified = 2025-11-25T22:35:59.185Z
+upstream = ["CVE-2016-5689"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/14/5", "http://www.openwall.com/lists/oss-security/2016/06/17/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91283", "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html", "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog", "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d", "http://www.openwall.com/lists/oss-security/2016/06/14/5", "http://www.openwall.com/lists/oss-security/2016/06/17/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91283", "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html", "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog", "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-5689"
+imported = 2025-11-25T22:35:59.185Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-12-13T15:59:02.530Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-5689"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-5689"
+```
+
+# The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have ...
+
+The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubth-1psj8ru.md b/advisories/published/2025/JLSEC-0000-mntnaubth-1psj8ru.md
new file mode 100644
index 00000000..1cf88224
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubth-1psj8ru.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubth-1psj8ru"
+modified = 2025-11-25T22:35:59.189Z
+upstream = ["CVE-2016-5690"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/14/5", "http://www.openwall.com/lists/oss-security/2016/06/17/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91283", "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html", "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog", "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d", "http://www.openwall.com/lists/oss-security/2016/06/14/5", "http://www.openwall.com/lists/oss-security/2016/06/17/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91283", "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html", "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog", "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-5690"
+imported = 2025-11-25T22:35:59.189Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-12-13T15:59:03.873Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-5690"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-5690"
+```
+
+# The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows ...
+
+The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubtm-bjc0j5.md b/advisories/published/2025/JLSEC-0000-mntnaubtm-bjc0j5.md
new file mode 100644
index 00000000..c0ed01fd
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubtm-bjc0j5.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubtm-bjc0j5"
+modified = 2025-11-25T22:35:59.194Z
+upstream = ["CVE-2016-5841"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/23/1", "http://www.openwall.com/lists/oss-security/2016/06/25/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91394", "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b", "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1", "http://www.openwall.com/lists/oss-security/2016/06/23/1", "http://www.openwall.com/lists/oss-security/2016/06/25/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91394", "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b", "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-5841"
+imported = 2025-11-25T22:35:59.194Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-12-13T15:59:06.607Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-5841"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-5841"
+```
+
+# Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to ca...
+
+Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubtm-ywhmz5.md b/advisories/published/2025/JLSEC-0000-mntnaubtm-ywhmz5.md
new file mode 100644
index 00000000..9eda21f3
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubtm-ywhmz5.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubtm-ywhmz5"
+modified = 2025-11-25T22:35:59.194Z
+upstream = ["CVE-2016-5691"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/14/5", "http://www.openwall.com/lists/oss-security/2016/06/17/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91283", "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html", "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog", "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d", "http://www.openwall.com/lists/oss-security/2016/06/14/5", "http://www.openwall.com/lists/oss-security/2016/06/17/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91283", "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html", "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog", "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-5691"
+imported = 2025-11-25T22:35:59.194Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-12-13T15:59:04.967Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-5691"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-5691"
+```
+
+# The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have ...
+
+The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubto-189ujur.md b/advisories/published/2025/JLSEC-0000-mntnaubto-189ujur.md
new file mode 100644
index 00000000..d609babf
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubto-189ujur.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubto-189ujur"
+modified = 2025-11-25T22:35:59.196Z
+upstream = ["CVE-2016-5842"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/23/1", "http://www.openwall.com/lists/oss-security/2016/06/25/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91394", "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b", "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1", "https://security.gentoo.org/glsa/201611-21", "http://www.openwall.com/lists/oss-security/2016/06/23/1", "http://www.openwall.com/lists/oss-security/2016/06/25/3", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/91394", "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b", "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1", "https://security.gentoo.org/glsa/201611-21"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-5842"
+imported = 2025-11-25T22:35:59.196Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-12-13T15:59:07.997Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-5842"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-5842"
+```
+
+# MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memo...
+
+MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubtx-ed6zzk.md b/advisories/published/2025/JLSEC-0000-mntnaubtx-ed6zzk.md
new file mode 100644
index 00000000..5cec3de3
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubtx-ed6zzk.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubtx-ed6zzk"
+modified = 2025-11-25T22:35:59.205Z
+upstream = ["CVE-2016-6491"]
+references = ["http://www.openwall.com/lists/oss-security/2016/07/28/13", "http://www.openwall.com/lists/oss-security/2016/07/28/15", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/92186", "http://www.securitytracker.com/id/1036501", "https://github.com/ImageMagick/ImageMagick/blob/6.9.5-4/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b", "https://security.gentoo.org/glsa/201611-21", "http://www.openwall.com/lists/oss-security/2016/07/28/13", "http://www.openwall.com/lists/oss-security/2016/07/28/15", "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "http://www.securityfocus.com/bid/92186", "http://www.securitytracker.com/id/1036501", "https://github.com/ImageMagick/ImageMagick/blob/6.9.5-4/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b", "https://security.gentoo.org/glsa/201611-21"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-6491"
+imported = 2025-11-25T22:35:59.205Z
+modified = 2025-04-12T10:46:40.837Z
+published = 2016-12-13T15:59:09.217Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-6491"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-6491"
+```
+
+# Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5...
+
+Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubu0-l5cm3x.md b/advisories/published/2025/JLSEC-0000-mntnaubu0-l5cm3x.md
new file mode 100644
index 00000000..21feeacb
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubu0-l5cm3x.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubu0-l5cm3x"
+modified = 2025-11-25T22:35:59.208Z
+upstream = ["CVE-2016-6823"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/26/3", "http://www.securityfocus.com/bid/93158", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834504", "https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323", "http://www.openwall.com/lists/oss-security/2016/09/26/3", "http://www.securityfocus.com/bid/93158", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834504", "https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2016-6823"
+imported = 2025-11-25T22:35:59.208Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-01-18T17:59:00.467Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-6823"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-6823"
+```
+
+# Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a ...
+
+Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubu2-1qfc1rl.md b/advisories/published/2025/JLSEC-0000-mntnaubu2-1qfc1rl.md
new file mode 100644
index 00000000..fe450d7f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubu2-1qfc1rl.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubu2-1qfc1rl"
+modified = 2025-11-25T22:35:59.210Z
+upstream = ["CVE-2016-7101"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/26/8", "http://www.securityfocus.com/bid/93181", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776", "https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d", "https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127", "http://www.openwall.com/lists/oss-security/2016/09/26/8", "http://www.securityfocus.com/bid/93181", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776", "https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d", "https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7101"
+imported = 2025-11-25T22:35:59.210Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-01-18T17:59:00.513Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7101"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7101"
+```
+
+# The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (o...
+
+The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubu3-jri9s3.md b/advisories/published/2025/JLSEC-0000-mntnaubu3-jri9s3.md
new file mode 100644
index 00000000..be90298e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubu3-jri9s3.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubu3-jri9s3"
+modified = 2025-11-25T22:35:59.211Z
+upstream = ["CVE-2016-7799"]
+references = ["http://www.debian.org/security/2016/dsa-3726", "http://www.openwall.com/lists/oss-security/2016/10/01/4", "http://www.openwall.com/lists/oss-security/2016/10/01/6", "http://www.securityfocus.com/bid/93264", "https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa", "https://github.com/ImageMagick/ImageMagick/issues/280", "https://security.gentoo.org/glsa/201611-21", "http://www.debian.org/security/2016/dsa-3726", "http://www.openwall.com/lists/oss-security/2016/10/01/4", "http://www.openwall.com/lists/oss-security/2016/10/01/6", "http://www.securityfocus.com/bid/93264", "https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa", "https://github.com/ImageMagick/ImageMagick/issues/280", "https://security.gentoo.org/glsa/201611-21"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7799"
+imported = 2025-11-25T22:35:59.211Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-01-18T17:59:00.730Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7799"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7799"
+```
+
+# MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of serv...
+
+MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubuj-14nyomy.md b/advisories/published/2025/JLSEC-0000-mntnaubuj-14nyomy.md
new file mode 100644
index 00000000..41fccff0
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubuj-14nyomy.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubuj-14nyomy"
+modified = 2025-11-25T22:35:59.227Z
+upstream = ["CVE-2016-9298"]
+references = ["http://www.openwall.com/lists/oss-security/2016/11/13/1", "http://www.openwall.com/lists/oss-security/2016/11/14/10", "http://www.securityfocus.com/bid/94310", "https://github.com/ImageMagick/ImageMagick/commit/3cbfb163cff9e5b8cdeace8312e9bfee810ed02b", "https://github.com/ImageMagick/ImageMagick/issues/296", "https://security.gentoo.org/glsa/201702-09", "http://www.openwall.com/lists/oss-security/2016/11/13/1", "http://www.openwall.com/lists/oss-security/2016/11/14/10", "http://www.securityfocus.com/bid/94310", "https://github.com/ImageMagick/ImageMagick/commit/3cbfb163cff9e5b8cdeace8312e9bfee810ed02b", "https://github.com/ImageMagick/ImageMagick/issues/296", "https://security.gentoo.org/glsa/201702-09"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-9298"
+imported = 2025-11-25T22:35:59.227Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-01-27T22:59:01.897Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-9298"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-9298"
+```
+
+# Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 a...
+
+Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubuk-5s39m9.md b/advisories/published/2025/JLSEC-0000-mntnaubuk-5s39m9.md
new file mode 100644
index 00000000..6c83a106
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubuk-5s39m9.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubuk-5s39m9"
+modified = 2025-11-25T22:35:59.228Z
+upstream = ["CVE-2016-8862"]
+references = ["http://www.debian.org/security/2016/dsa-3726", "http://www.openwall.com/lists/oss-security/2016/10/20/2", "http://www.openwall.com/lists/oss-security/2016/10/20/3", "http://www.securityfocus.com/bid/93794", "https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/", "https://bugzilla.redhat.com/show_bug.cgi?id=1387135", "https://github.com/ImageMagick/ImageMagick/issues/271", "http://www.debian.org/security/2016/dsa-3726", "http://www.openwall.com/lists/oss-security/2016/10/20/2", "http://www.openwall.com/lists/oss-security/2016/10/20/3", "http://www.securityfocus.com/bid/93794", "https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/", "https://bugzilla.redhat.com/show_bug.cgi?id=1387135", "https://github.com/ImageMagick/ImageMagick/issues/271"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-8862"
+imported = 2025-11-25T22:35:59.228Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-02-15T19:59:00.970Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-8862"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-8862"
+```
+
+# The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote ...
+
+The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubum-1nsuxmq.md b/advisories/published/2025/JLSEC-0000-mntnaubum-1nsuxmq.md
new file mode 100644
index 00000000..1006e824
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubum-1nsuxmq.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubum-1nsuxmq"
+modified = 2025-11-25T22:35:59.230Z
+upstream = ["CVE-2016-8866"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00085.html", "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html", "http://lists.opensuse.org/opensuse-updates/2016-12/msg00141.html", "http://www.openwall.com/lists/oss-security/2016/10/20/3", "http://www.openwall.com/lists/oss-security/2016/10/21/5", "https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/", "https://bugzilla.redhat.com/show_bug.cgi?id=1388816", "https://github.com/ImageMagick/ImageMagick/issues/271", "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00085.html", "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html", "http://lists.opensuse.org/opensuse-updates/2016-12/msg00141.html", "http://www.openwall.com/lists/oss-security/2016/10/20/3", "http://www.openwall.com/lists/oss-security/2016/10/21/5", "https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/", "https://bugzilla.redhat.com/show_bug.cgi?id=1388816", "https://github.com/ImageMagick/ImageMagick/issues/271"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-8866"
+imported = 2025-11-25T22:35:59.230Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-02-15T19:59:01.017Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-8866"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-8866"
+```
+
+# The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows...
+
+The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubun-1yxmy6h.md b/advisories/published/2025/JLSEC-0000-mntnaubun-1yxmy6h.md
new file mode 100644
index 00000000..20b63536
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubun-1yxmy6h.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubun-1yxmy6h"
+modified = 2025-11-25T22:35:59.231Z
+upstream = ["CVE-2016-8677"]
+references = ["http://lists.opensuse.org/opensuse-updates/2016-10/msg00107.html", "http://www.debian.org/security/2016/dsa-3726", "http://www.openwall.com/lists/oss-security/2016/10/16/1", "http://www.securityfocus.com/bid/93598", "https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/", "https://bugzilla.redhat.com/show_bug.cgi?id=1385698", "https://github.com/ImageMagick/ImageMagick/commit/6e48aa92ff4e6e95424300ecd52a9ea453c19c60", "https://github.com/ImageMagick/ImageMagick/issues/268", "http://lists.opensuse.org/opensuse-updates/2016-10/msg00107.html", "http://www.debian.org/security/2016/dsa-3726", "http://www.openwall.com/lists/oss-security/2016/10/16/1", "http://www.securityfocus.com/bid/93598", "https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/", "https://bugzilla.redhat.com/show_bug.cgi?id=1385698", "https://github.com/ImageMagick/ImageMagick/commit/6e48aa92ff4e6e95424300ecd52a9ea453c19c60", "https://github.com/ImageMagick/ImageMagick/issues/268"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-8677"
+imported = 2025-11-25T22:35:59.231Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-02-15T21:59:00.417Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-8677"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-8677"
+```
+
+# The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remot...
+
+The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubuq-8eclgy.md b/advisories/published/2025/JLSEC-0000-mntnaubuq-8eclgy.md
new file mode 100644
index 00000000..8346c230
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubuq-8eclgy.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubuq-8eclgy"
+modified = 2025-11-25T22:35:59.234Z
+upstream = ["CVE-2015-8900"]
+references = ["http://trac.imagemagick.org/changeset/17845", "http://trac.imagemagick.org/changeset/17846", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26929", "http://www.openwall.com/lists/oss-security/2015/02/26/13", "http://www.openwall.com/lists/oss-security/2016/06/06/2", "https://bugzilla.redhat.com/show_bug.cgi?id=1195260", "https://github.com/ImageMagick/ImageMagick/commit/97aa7d7cfd2027f6ba7ce42caf8b798541b9cdc6", "http://trac.imagemagick.org/changeset/17845", "http://trac.imagemagick.org/changeset/17846", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26929", "http://www.openwall.com/lists/oss-security/2015/02/26/13", "http://www.openwall.com/lists/oss-security/2016/06/06/2", "https://bugzilla.redhat.com/show_bug.cgi?id=1195260", "https://github.com/ImageMagick/ImageMagick/commit/97aa7d7cfd2027f6ba7ce42caf8b798541b9cdc6"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8900"
+imported = 2025-11-25T22:35:59.234Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-02-27T22:59:00.167Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8900"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8900"
+```
+
+# The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to caus...
+
+The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubur-g9x7b2.md b/advisories/published/2025/JLSEC-0000-mntnaubur-g9x7b2.md
new file mode 100644
index 00000000..211882b2
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubur-g9x7b2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubur-g9x7b2"
+modified = 2025-11-25T22:35:59.235Z
+upstream = ["CVE-2015-8902"]
+references = ["http://trac.imagemagick.org/changeset/17855", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932", "http://www.openwall.com/lists/oss-security/2015/02/26/13", "http://www.openwall.com/lists/oss-security/2016/06/06/2", "https://bugzilla.redhat.com/show_bug.cgi?id=1195269", "http://trac.imagemagick.org/changeset/17855", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932", "http://www.openwall.com/lists/oss-security/2015/02/26/13", "http://www.openwall.com/lists/oss-security/2016/06/06/2", "https://bugzilla.redhat.com/show_bug.cgi?id=1195269"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8902"
+imported = 2025-11-25T22:35:59.235Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-02-27T22:59:00.260Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8902"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8902"
+```
+
+# The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attac...
+
+The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubur-oob6k0.md b/advisories/published/2025/JLSEC-0000-mntnaubur-oob6k0.md
new file mode 100644
index 00000000..b22fa6e6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubur-oob6k0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubur-oob6k0"
+modified = 2025-11-25T22:35:59.235Z
+upstream = ["CVE-2015-8901"]
+references = ["http://trac.imagemagick.org/changeset/17854", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931", "http://www.openwall.com/lists/oss-security/2015/02/26/13", "http://www.openwall.com/lists/oss-security/2016/06/06/2", "https://bugzilla.redhat.com/show_bug.cgi?id=1195265", "http://trac.imagemagick.org/changeset/17854", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931", "http://www.openwall.com/lists/oss-security/2015/02/26/13", "http://www.openwall.com/lists/oss-security/2016/06/06/2", "https://bugzilla.redhat.com/show_bug.cgi?id=1195265"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8901"
+imported = 2025-11-25T22:35:59.235Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-02-27T22:59:00.230Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8901"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8901"
+```
+
+# ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite l...
+
+ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubus-1ket9xp.md b/advisories/published/2025/JLSEC-0000-mntnaubus-1ket9xp.md
new file mode 100644
index 00000000..f88858c8
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubus-1ket9xp.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubus-1ket9xp"
+modified = 2025-11-25T22:35:59.236Z
+upstream = ["CVE-2015-8903"]
+references = ["http://trac.imagemagick.org/changeset/17856", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933", "http://www.openwall.com/lists/oss-security/2015/02/26/13", "http://www.openwall.com/lists/oss-security/2016/06/06/2", "https://bugzilla.redhat.com/show_bug.cgi?id=1195271", "http://trac.imagemagick.org/changeset/17856", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933", "http://www.openwall.com/lists/oss-security/2015/02/26/13", "http://www.openwall.com/lists/oss-security/2016/06/06/2", "https://bugzilla.redhat.com/show_bug.cgi?id=1195271"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8903"
+imported = 2025-11-25T22:35:59.236Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-02-27T22:59:00.307Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8903"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8903"
+```
+
+# The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote a...
+
+The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubut-1a4r4tb.md b/advisories/published/2025/JLSEC-0000-mntnaubut-1a4r4tb.md
new file mode 100644
index 00000000..267861a1
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubut-1a4r4tb.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubut-1a4r4tb"
+modified = 2025-11-25T22:35:59.237Z
+upstream = ["CVE-2016-9559"]
+references = ["http://www.debian.org/security/2016/dsa-3726", "http://www.openwall.com/lists/oss-security/2016/11/19/7", "http://www.openwall.com/lists/oss-security/2016/11/23/4", "http://www.securityfocus.com/bid/94489", "https://blogs.gentoo.org/ago/2016/11/19/imagemagick-null-pointer-must-never-be-null-tiff-c/", "https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b", "https://github.com/ImageMagick/ImageMagick/issues/298", "http://www.debian.org/security/2016/dsa-3726", "http://www.openwall.com/lists/oss-security/2016/11/19/7", "http://www.openwall.com/lists/oss-security/2016/11/23/4", "http://www.securityfocus.com/bid/94489", "https://blogs.gentoo.org/ago/2016/11/19/imagemagick-null-pointer-must-never-be-null-tiff-c/", "https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b", "https://github.com/ImageMagick/ImageMagick/issues/298"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-9559"
+imported = 2025-11-25T22:35:59.237Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-01T15:59:00.383Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-9559"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-9559"
+```
+
+# coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NU...
+
+coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubuv-1nkvbb2.md b/advisories/published/2025/JLSEC-0000-mntnaubuv-1nkvbb2.md
new file mode 100644
index 00000000..110a3157
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubuv-1nkvbb2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubuv-1nkvbb2"
+modified = 2025-11-25T22:35:59.239Z
+upstream = ["CVE-2016-10060"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95208", "https://bugzilla.redhat.com/show_bug.cgi?id=1410470", "https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7", "https://github.com/ImageMagick/ImageMagick/issues/196", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95208", "https://bugzilla.redhat.com/show_bug.cgi?id=1410470", "https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7", "https://github.com/ImageMagick/ImageMagick/issues/196"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10060"
+imported = 2025-11-25T22:35:59.239Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-02T21:59:00.193Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10060"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10060"
+```
+
+# The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not ch...
+
+The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubuv-ezl6ek.md b/advisories/published/2025/JLSEC-0000-mntnaubuv-ezl6ek.md
new file mode 100644
index 00000000..1ec27576
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubuv-ezl6ek.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubuv-ezl6ek"
+modified = 2025-11-25T22:35:59.239Z
+upstream = ["CVE-2016-10062"]
+references = ["http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95209", "https://bugzilla.redhat.com/show_bug.cgi?id=1410473", "https://github.com/ImageMagick/ImageMagick/issues/196", "http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95209", "https://bugzilla.redhat.com/show_bug.cgi?id=1410473", "https://github.com/ImageMagick/ImageMagick/issues/196"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10062"
+imported = 2025-11-25T22:35:59.239Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-02T21:59:00.270Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10062"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10062"
+```
+
+# The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the ...
+
+The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubuw-1n90dw4.md b/advisories/published/2025/JLSEC-0000-mntnaubuw-1n90dw4.md
new file mode 100644
index 00000000..470a81ab
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubuw-1n90dw4.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubuw-1n90dw4"
+modified = 2025-11-25T22:35:59.240Z
+upstream = ["CVE-2016-10063"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95210", "https://bugzilla.redhat.com/show_bug.cgi?id=1410476", "https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91", "https://github.com/ImageMagick/ImageMagick/commit/94936efda8aa63563211eda07a5ade92abb32f7a", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95210", "https://bugzilla.redhat.com/show_bug.cgi?id=1410476", "https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91", "https://github.com/ImageMagick/ImageMagick/commit/94936efda8aa63563211eda07a5ade92abb32f7a"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10063"
+imported = 2025-11-25T22:35:59.240Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-02T21:59:00.333Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10063"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10063"
+```
+
+# Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a de...
+
+Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubux-9msnvf.md b/advisories/published/2025/JLSEC-0000-mntnaubux-9msnvf.md
new file mode 100644
index 00000000..6aa38384
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubux-9msnvf.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubux-9msnvf"
+modified = 2025-11-25T22:35:59.241Z
+upstream = ["CVE-2016-10064"]
+references = ["http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95211", "https://bugzilla.redhat.com/show_bug.cgi?id=1410478", "https://github.com/ImageMagick/ImageMagick/commit/63302366a63602acbaad5c8223a105811b2adddd", "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95211", "https://bugzilla.redhat.com/show_bug.cgi?id=1410478", "https://github.com/ImageMagick/ImageMagick/commit/63302366a63602acbaad5c8223a105811b2adddd", "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10064"
+imported = 2025-11-25T22:35:59.241Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-02T21:59:00.380Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10064"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10064"
+```
+
+# Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a de...
+
+Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubuy-12ypc3j.md b/advisories/published/2025/JLSEC-0000-mntnaubuy-12ypc3j.md
new file mode 100644
index 00000000..d8571e6b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubuy-12ypc3j.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubuy-12ypc3j"
+modified = 2025-11-25T22:35:59.242Z
+upstream = ["CVE-2016-10068"]
+references = ["http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95219", "https://bugzilla.redhat.com/show_bug.cgi?id=1410500", "https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30797", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95219", "https://bugzilla.redhat.com/show_bug.cgi?id=1410500", "https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30797"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10068"
+imported = 2025-11-25T22:35:59.242Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-02T21:59:00.490Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10068"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10068"
+```
+
+# The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of servi...
+
+The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubuy-167zg2c.md b/advisories/published/2025/JLSEC-0000-mntnaubuy-167zg2c.md
new file mode 100644
index 00000000..f73e94f8
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubuy-167zg2c.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubuy-167zg2c"
+modified = 2025-11-25T22:35:59.242Z
+upstream = ["CVE-2016-10067"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95220", "https://bugzilla.redhat.com/show_bug.cgi?id=1410494", "https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95220", "https://bugzilla.redhat.com/show_bug.cgi?id=1410494", "https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10067"
+imported = 2025-11-25T22:35:59.242Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-02T21:59:00.443Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10067"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10067"
+```
+
+# magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (...
+
+magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubuz-r9iwku.md b/advisories/published/2025/JLSEC-0000-mntnaubuz-r9iwku.md
new file mode 100644
index 00000000..550f9cbe
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubuz-r9iwku.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubuz-r9iwku"
+modified = 2025-11-25T22:35:59.243Z
+upstream = ["CVE-2016-10069"]
+references = ["http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95216", "https://bugzilla.redhat.com/show_bug.cgi?id=1410507", "https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95216", "https://bugzilla.redhat.com/show_bug.cgi?id=1410507", "https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10069"
+imported = 2025-11-25T22:35:59.243Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-02T21:59:00.553Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10069"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10069"
+```
+
+# coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (app...
+
+coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv0-2zf7mg.md b/advisories/published/2025/JLSEC-0000-mntnaubv0-2zf7mg.md
new file mode 100644
index 00000000..49382f63
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv0-2zf7mg.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv0-2zf7mg"
+modified = 2025-11-25T22:35:59.244Z
+upstream = ["CVE-2016-10071"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95222", "https://bugzilla.redhat.com/show_bug.cgi?id=1410513", "https://github.com/ImageMagick/ImageMagick/commit/1bc1fd0ff8c555841c78829217ac81fa0598255d", "https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95222", "https://bugzilla.redhat.com/show_bug.cgi?id=1410513", "https://github.com/ImageMagick/ImageMagick/commit/1bc1fd0ff8c555841c78829217ac81fa0598255d", "https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10071"
+imported = 2025-11-25T22:35:59.244Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-02T21:59:00.600Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10071"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10071"
+```
+
+# coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out...
+
+coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv1-1bdc40s.md b/advisories/published/2025/JLSEC-0000-mntnaubv1-1bdc40s.md
new file mode 100644
index 00000000..7af21973
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv1-1bdc40s.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv1-1bdc40s"
+modified = 2025-11-25T22:35:59.245Z
+upstream = ["CVE-2016-10061"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95207", "https://bugzilla.redhat.com/show_bug.cgi?id=1410471", "https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9", "https://github.com/ImageMagick/ImageMagick/issues/196", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95207", "https://bugzilla.redhat.com/show_bug.cgi?id=1410471", "https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9", "https://github.com/ImageMagick/ImageMagick/issues/196"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10061"
+imported = 2025-11-25T22:35:59.245Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-03T17:59:00.190Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10061"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10061"
+```
+
+# The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the retu...
+
+The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv2-1rd61et.md b/advisories/published/2025/JLSEC-0000-mntnaubv2-1rd61et.md
new file mode 100644
index 00000000..1e2038a2
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv2-1rd61et.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv2-1rd61et"
+modified = 2025-11-25T22:35:59.246Z
+upstream = ["CVE-2016-10065"]
+references = ["http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95213", "https://bugzilla.redhat.com/show_bug.cgi?id=1410482", "https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05", "https://github.com/ImageMagick/ImageMagick/issues/129", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95213", "https://bugzilla.redhat.com/show_bug.cgi?id=1410482", "https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05", "https://github.com/ImageMagick/ImageMagick/issues/129"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10065"
+imported = 2025-11-25T22:35:59.246Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-03T17:59:00.253Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10065"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10065"
+```
+
+# The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to...
+
+The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv3-1phy484.md b/advisories/published/2025/JLSEC-0000-mntnaubv3-1phy484.md
new file mode 100644
index 00000000..305db098
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv3-1phy484.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv3-1phy484"
+modified = 2025-11-25T22:35:59.247Z
+upstream = ["CVE-2016-10070"]
+references = ["http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95221", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366", "https://bugzilla.redhat.com/show_bug.cgi?id=1410510", "https://github.com/ImageMagick/ImageMagick/commit/a6240a163cb787909703d9fc649cf861f60ddd7c", "https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95221", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366", "https://bugzilla.redhat.com/show_bug.cgi?id=1410510", "https://github.com/ImageMagick/ImageMagick/commit/a6240a163cb787909703d9fc649cf861f60ddd7c", "https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10070"
+imported = 2025-11-25T22:35:59.247Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-03T18:59:00.147Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10070"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10070"
+```
+
+# Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 ...
+
+Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv3-bvjxph.md b/advisories/published/2025/JLSEC-0000-mntnaubv3-bvjxph.md
new file mode 100644
index 00000000..fd571a2c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv3-bvjxph.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv3-bvjxph"
+modified = 2025-11-25T22:35:59.247Z
+upstream = ["CVE-2016-10066"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95217", "https://bugzilla.redhat.com/show_bug.cgi?id=1410491", "https://github.com/ImageMagick/ImageMagick/commit/e45e48b881038487d0bc94d92a16c1537616cc0a", "https://github.com/ImageMagick/ImageMagick/commit/f6e9d0d9955e85bdd7540b251cd50d598dacc5e6", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95217", "https://bugzilla.redhat.com/show_bug.cgi?id=1410491", "https://github.com/ImageMagick/ImageMagick/commit/e45e48b881038487d0bc94d92a16c1537616cc0a", "https://github.com/ImageMagick/ImageMagick/commit/f6e9d0d9955e85bdd7540b251cd50d598dacc5e6"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10066"
+imported = 2025-11-25T22:35:59.247Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-03T17:59:00.313Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10066"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10066"
+```
+
+# Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows ...
+
+Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv4-18fsilw.md b/advisories/published/2025/JLSEC-0000-mntnaubv4-18fsilw.md
new file mode 100644
index 00000000..e8531f52
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv4-18fsilw.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv4-18fsilw"
+modified = 2025-11-25T22:35:59.248Z
+upstream = ["CVE-2017-6497"]
+references = ["http://www.securityfocus.com/bid/96594", "https://bugs.debian.org/856882", "https://github.com/ImageMagick/ImageMagick/commit/7f2dc7a1afc067d0c89f12c82bcdec0445fb1b94", "http://www.securityfocus.com/bid/96594", "https://bugs.debian.org/856882", "https://github.com/ImageMagick/ImageMagick/commit/7f2dc7a1afc067d0c89f12c82bcdec0445fb1b94"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-6497"
+imported = 2025-11-25T22:35:59.248Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-06T02:59:00.527Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-6497"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-6497"
+```
+
+# An issue was discovered in ImageMagick 6.9.7
+
+An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv5-1jn0st6.md b/advisories/published/2025/JLSEC-0000-mntnaubv5-1jn0st6.md
new file mode 100644
index 00000000..b5dcef0b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv5-1jn0st6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv5-1jn0st6"
+modified = 2025-11-25T22:35:59.250Z
+upstream = ["CVE-2017-6499"]
+references = ["http://www.debian.org/security/2017/dsa-3808", "http://www.securityfocus.com/bid/96590", "https://bugs.debian.org/856880", "https://github.com/ImageMagick/ImageMagick/commit/3358f060fc182551822576b2c0a8850faab5d543", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=23&p=142634", "http://www.debian.org/security/2017/dsa-3808", "http://www.securityfocus.com/bid/96590", "https://bugs.debian.org/856880", "https://github.com/ImageMagick/ImageMagick/commit/3358f060fc182551822576b2c0a8850faab5d543", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=23&p=142634"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-6499"
+imported = 2025-11-25T22:35:59.249Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-06T02:59:00.587Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-6499"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-6499"
+```
+
+# An issue was discovered in Magick++ in ImageMagick 6.9.7
+
+An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv5-kyuw0.md b/advisories/published/2025/JLSEC-0000-mntnaubv5-kyuw0.md
new file mode 100644
index 00000000..a2d16b64
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv5-kyuw0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv5-kyuw0"
+modified = 2025-11-25T22:35:59.249Z
+upstream = ["CVE-2017-6498"]
+references = ["http://www.debian.org/security/2017/dsa-3808", "http://www.securityfocus.com/bid/96591", "https://bugs.debian.org/856878", "https://github.com/ImageMagick/ImageMagick/commit/65f75a32a93ae4044c528a987a68366ecd4b46b9", "https://github.com/ImageMagick/ImageMagick/pull/359", "http://www.debian.org/security/2017/dsa-3808", "http://www.securityfocus.com/bid/96591", "https://bugs.debian.org/856878", "https://github.com/ImageMagick/ImageMagick/commit/65f75a32a93ae4044c528a987a68366ecd4b46b9", "https://github.com/ImageMagick/ImageMagick/pull/359"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-6498"
+imported = 2025-11-25T22:35:59.249Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-06T02:59:00.557Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-6498"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-6498"
+```
+
+# An issue was discovered in ImageMagick 6.9.7
+
+An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv6-r5urib.md b/advisories/published/2025/JLSEC-0000-mntnaubv6-r5urib.md
new file mode 100644
index 00000000..206b15e6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv6-r5urib.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv6-r5urib"
+modified = 2025-11-25T22:35:59.250Z
+upstream = ["CVE-2017-6500"]
+references = ["http://www.debian.org/security/2017/dsa-3808", "http://www.securityfocus.com/bid/96592", "https://bugs.debian.org/856879", "https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528", "https://github.com/ImageMagick/ImageMagick/issues/375", "https://github.com/ImageMagick/ImageMagick/issues/376", "http://www.debian.org/security/2017/dsa-3808", "http://www.securityfocus.com/bid/96592", "https://bugs.debian.org/856879", "https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528", "https://github.com/ImageMagick/ImageMagick/issues/375", "https://github.com/ImageMagick/ImageMagick/issues/376"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-6500"
+imported = 2025-11-25T22:35:59.250Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-06T02:59:00.620Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-6500"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-6500"
+```
+
+# An issue was discovered in ImageMagick 6.9.7
+
+An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv7-1mcwv13.md b/advisories/published/2025/JLSEC-0000-mntnaubv7-1mcwv13.md
new file mode 100644
index 00000000..ee50c17d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv7-1mcwv13.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv7-1mcwv13"
+modified = 2025-11-25T22:35:59.251Z
+upstream = ["CVE-2017-6501"]
+references = ["http://www.securityfocus.com/bid/96589", "https://bugs.debian.org/856881", "https://github.com/ImageMagick/ImageMagick/commit/d31fec57e9dfb0516deead2053a856e3c71e9751", "http://www.securityfocus.com/bid/96589", "https://bugs.debian.org/856881", "https://github.com/ImageMagick/ImageMagick/commit/d31fec57e9dfb0516deead2053a856e3c71e9751"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-6501"
+imported = 2025-11-25T22:35:59.251Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-06T02:59:00.650Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-6501"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-6501"
+```
+
+# An issue was discovered in ImageMagick 6.9.7
+
+An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv8-1849342.md b/advisories/published/2025/JLSEC-0000-mntnaubv8-1849342.md
new file mode 100644
index 00000000..191b2603
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv8-1849342.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv8-1849342"
+modified = 2025-11-25T22:35:59.252Z
+upstream = ["CVE-2017-6502"]
+references = ["http://www.securityfocus.com/bid/96763", "https://github.com/ImageMagick/ImageMagick/commit/126c7c98ea788241922c30df4a5633ea692cf8df", "http://www.securityfocus.com/bid/96763", "https://github.com/ImageMagick/ImageMagick/commit/126c7c98ea788241922c30df4a5633ea692cf8df"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-6502"
+imported = 2025-11-25T22:35:59.252Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-06T02:59:00.683Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-6502"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-6502"
+```
+
+# An issue was discovered in ImageMagick 6.9.7
+
+An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubv9-1uattin.md b/advisories/published/2025/JLSEC-0000-mntnaubv9-1uattin.md
new file mode 100644
index 00000000..cf4a99c0
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubv9-1uattin.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubv9-1uattin"
+modified = 2025-11-25T22:35:59.253Z
+upstream = ["CVE-2016-10252"]
+references = ["http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b", "http://www.debian.org/security/2017/dsa-3808", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426", "https://github.com/Opendigitalradio/ODR-PadEnc/issues/2", "http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b", "http://www.debian.org/security/2017/dsa-3808", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426", "https://github.com/Opendigitalradio/ODR-PadEnc/issues/2"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10252"
+imported = 2025-11-25T22:35:59.253Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-14T22:59:00.603Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10252"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10252"
+```
+
+# Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as ...
+
+Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx1-798vl9.md b/advisories/published/2025/JLSEC-0000-mntnaubx1-798vl9.md
new file mode 100644
index 00000000..948d53d6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx1-798vl9.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx1-798vl9"
+modified = 2025-11-25T22:35:59.317Z
+upstream = ["CVE-2015-8895"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/91025", "https://access.redhat.com/errata/RHSA-2016:1237", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747", "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/91025", "https://access.redhat.com/errata/RHSA-2016:1237", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747", "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8895"
+imported = 2025-11-25T22:35:59.317Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-15T19:59:00.203Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8895"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8895"
+```
+
+# Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause ...
+
+Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx2-1mgp6nh.md b/advisories/published/2025/JLSEC-0000-mntnaubx2-1mgp6nh.md
new file mode 100644
index 00000000..158de601
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx2-1mgp6nh.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx2-1mgp6nh"
+modified = 2025-11-25T22:35:59.318Z
+upstream = ["CVE-2015-8896"]
+references = ["http://www.openwall.com/lists/oss-security/2015/10/07/2", "http://www.openwall.com/lists/oss-security/2015/10/08/3", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/91027", "https://access.redhat.com/errata/RHSA-2016:1237", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803", "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734", "http://www.openwall.com/lists/oss-security/2015/10/07/2", "http://www.openwall.com/lists/oss-security/2015/10/08/3", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/91027", "https://access.redhat.com/errata/RHSA-2016:1237", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803", "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8896"
+imported = 2025-11-25T22:35:59.318Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-15T19:59:00.237Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8896"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8896"
+```
+
+# Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to c...
+
+Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx3-tc7esl.md b/advisories/published/2025/JLSEC-0000-mntnaubx3-tc7esl.md
new file mode 100644
index 00000000..50f7db27
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx3-tc7esl.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx3-tc7esl"
+modified = 2025-11-25T22:35:59.319Z
+upstream = ["CVE-2015-8897"]
+references = ["http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/91030", "https://access.redhat.com/errata/RHSA-2016:1237", "https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/91030", "https://access.redhat.com/errata/RHSA-2016:1237", "https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8897"
+imported = 2025-11-25T22:35:59.319Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-15T19:59:00.283Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8897"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8897"
+```
+
+# The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attac...
+
+The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx4-84lnos.md b/advisories/published/2025/JLSEC-0000-mntnaubx4-84lnos.md
new file mode 100644
index 00000000..9b01694b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx4-84lnos.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx4-84lnos"
+modified = 2025-11-25T22:35:59.320Z
+upstream = ["CVE-2016-5239"]
+references = ["http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/91018", "https://access.redhat.com/errata/RHSA-2016:1237", "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html", "http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/91018", "https://access.redhat.com/errata/RHSA-2016:1237", "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-5239"
+imported = 2025-11-25T22:35:59.320Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-15T19:59:00.393Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-5239"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-5239"
+```
+
+# The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote at...
+
+The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx4-k72t66.md b/advisories/published/2025/JLSEC-0000-mntnaubx4-k72t66.md
new file mode 100644
index 00000000..f83f0a54
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx4-k72t66.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx4-k72t66"
+modified = 2025-11-25T22:35:59.320Z
+upstream = ["CVE-2015-8898"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/91039", "https://access.redhat.com/errata/RHSA-2016:1237", "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44", "https://github.com/ImageMagick/ImageMagick/pull/34", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/91039", "https://access.redhat.com/errata/RHSA-2016:1237", "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44", "https://github.com/ImageMagick/ImageMagick/pull/34"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8898"
+imported = 2025-11-25T22:35:59.320Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-15T19:59:00.330Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8898"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8898"
+```
+
+# The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attacker...
+
+The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx5-196f2fb.md b/advisories/published/2025/JLSEC-0000-mntnaubx5-196f2fb.md
new file mode 100644
index 00000000..72f716a4
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx5-196f2fb.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx5-196f2fb"
+modified = 2025-11-25T22:35:59.321Z
+upstream = ["CVE-2014-9852"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=37ec7d53dcb99fbd1f5c33442594d5e279630563", "https://bugzilla.redhat.com/show_bug.cgi?id=1343512", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=37ec7d53dcb99fbd1f5c33442594d5e279630563", "https://bugzilla.redhat.com/show_bug.cgi?id=1343512"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9852"
+imported = 2025-11-25T22:35:59.321Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-17T14:59:00.500Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9852"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9852"
+```
+
+# distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remot...
+
+distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx6-1xtdavt.md b/advisories/published/2025/JLSEC-0000-mntnaubx6-1xtdavt.md
new file mode 100644
index 00000000..e8c33cbb
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx6-1xtdavt.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx6-1xtdavt"
+modified = 2025-11-25T22:35:59.322Z
+upstream = ["CVE-2014-9853"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html", "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://bugzilla.redhat.com/show_bug.cgi?id=1343513", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html", "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://bugzilla.redhat.com/show_bug.cgi?id=1343513"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9853"
+imported = 2025-11-25T22:35:59.322Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-17T14:59:00.547Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9853"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9853"
+```
+
+# Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (mem...
+
+Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx7-yejcdp.md b/advisories/published/2025/JLSEC-0000-mntnaubx7-yejcdp.md
new file mode 100644
index 00000000..71b92ecf
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx7-yejcdp.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx7-yejcdp"
+modified = 2025-11-25T22:35:59.323Z
+upstream = ["CVE-2014-9854"]
+references = ["http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=5ee6f49297c8137cae527429e0267462c14ec3ed", "https://bugzilla.redhat.com/show_bug.cgi?id=1343514", "http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=5ee6f49297c8137cae527429e0267462c14ec3ed", "https://bugzilla.redhat.com/show_bug.cgi?id=1343514"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9854"
+imported = 2025-11-25T22:35:59.323Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-17T14:59:00.610Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9854"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9854"
+```
+
+# coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash...
+
+coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx8-jw8wit.md b/advisories/published/2025/JLSEC-0000-mntnaubx8-jw8wit.md
new file mode 100644
index 00000000..213974e5
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx8-jw8wit.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx8-jw8wit"
+modified = 2025-11-25T22:35:59.324Z
+upstream = ["CVE-2014-9841"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f9ef11671c41da4cf973d0d880af1cdfbd127860", "https://bugzilla.redhat.com/show_bug.cgi?id=1343499", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f9ef11671c41da4cf973d0d880af1cdfbd127860", "https://bugzilla.redhat.com/show_bug.cgi?id=1343499"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9841"
+imported = 2025-11-25T22:35:59.324Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:00.577Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9841"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9841"
+```
+
+# The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have un...
+
+The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx9-4hg4lu.md b/advisories/published/2025/JLSEC-0000-mntnaubx9-4hg4lu.md
new file mode 100644
index 00000000..0a40c842
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx9-4hg4lu.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx9-4hg4lu"
+modified = 2025-11-25T22:35:59.325Z
+upstream = ["CVE-2014-9842"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f9ef11671c41da4cf973d0d880af1cdfbd127860", "https://bugzilla.redhat.com/show_bug.cgi?id=1343500", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f9ef11671c41da4cf973d0d880af1cdfbd127860", "https://bugzilla.redhat.com/show_bug.cgi?id=1343500"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9842"
+imported = 2025-11-25T22:35:59.325Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:00.627Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9842"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9842"
+```
+
+# Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attac...
+
+Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubx9-qfpgjr.md b/advisories/published/2025/JLSEC-0000-mntnaubx9-qfpgjr.md
new file mode 100644
index 00000000..d663e6c7
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubx9-qfpgjr.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubx9-qfpgjr"
+modified = 2025-11-25T22:35:59.325Z
+upstream = ["CVE-2014-9843"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=b8df15144d91a19ed545893ea492363635a1cb29", "https://bugzilla.redhat.com/show_bug.cgi?id=1343501", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=b8df15144d91a19ed545893ea492363635a1cb29", "https://bugzilla.redhat.com/show_bug.cgi?id=1343501"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9843"
+imported = 2025-11-25T22:35:59.325Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:00.717Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9843"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9843"
+```
+
+# The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have ...
+
+The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubxa-w6ln4n.md b/advisories/published/2025/JLSEC-0000-mntnaubxa-w6ln4n.md
new file mode 100644
index 00000000..dcd6ae4c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubxa-w6ln4n.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubxa-w6ln4n"
+modified = 2025-11-25T22:35:59.326Z
+upstream = ["CVE-2014-9844"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=36ed9419a68cb1356b1843b48cc12788179cdaee", "https://bugzilla.redhat.com/show_bug.cgi?id=1343502", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=36ed9419a68cb1356b1843b48cc12788179cdaee", "https://bugzilla.redhat.com/show_bug.cgi?id=1343502"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9844"
+imported = 2025-11-25T22:35:59.326Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:00.813Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9844"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9844"
+```
+
+# The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a ...
+
+The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubxb-dbg8gb.md b/advisories/published/2025/JLSEC-0000-mntnaubxb-dbg8gb.md
new file mode 100644
index 00000000..1facb94b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubxb-dbg8gb.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubxb-dbg8gb"
+modified = 2025-11-25T22:35:59.327Z
+upstream = ["CVE-2014-9845"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html", "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=a7a7fd3ce95b7b8efb0ce1ce40f43dbbd20d8e03", "https://bugzilla.redhat.com/show_bug.cgi?id=1343503", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html", "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=a7a7fd3ce95b7b8efb0ce1ce40f43dbbd20d8e03", "https://bugzilla.redhat.com/show_bug.cgi?id=1343503"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9845"
+imported = 2025-11-25T22:35:59.327Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:00.877Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9845"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9845"
+```
+
+# The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial o...
+
+The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubxc-1tb5iqo.md b/advisories/published/2025/JLSEC-0000-mntnaubxc-1tb5iqo.md
new file mode 100644
index 00000000..beed2ebd
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubxc-1tb5iqo.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubxc-1tb5iqo"
+modified = 2025-11-25T22:35:59.328Z
+upstream = ["CVE-2014-9846"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html", "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=2d90693af41a363a988a9db3a91a15f9ca7c7370", "https://bugzilla.redhat.com/show_bug.cgi?id=1343504", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html", "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=2d90693af41a363a988a9db3a91a15f9ca7c7370", "https://bugzilla.redhat.com/show_bug.cgi?id=1343504"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9846"
+imported = 2025-11-25T22:35:59.328Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:00.953Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9846"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9846"
+```
+
+# Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote at...
+
+Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauby2-1j6ttz9.md b/advisories/published/2025/JLSEC-0000-mntnauby2-1j6ttz9.md
new file mode 100644
index 00000000..f62977b9
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauby2-1j6ttz9.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauby2-1j6ttz9"
+modified = 2025-11-25T22:35:59.354Z
+upstream = ["CVE-2014-9847"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f4ece8c7c462c5449138f39401f66318b9ab0430", "https://bugzilla.redhat.com/show_bug.cgi?id=1343506", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f4ece8c7c462c5449138f39401f66318b9ab0430", "https://bugzilla.redhat.com/show_bug.cgi?id=1343506"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9847"
+imported = 2025-11-25T22:35:59.329Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:01.047Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9847"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9847"
+```
+
+# The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
+
+The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauby4-9f6ttn.md b/advisories/published/2025/JLSEC-0000-mntnauby4-9f6ttn.md
new file mode 100644
index 00000000..a3419d4f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauby4-9f6ttn.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauby4-9f6ttn"
+modified = 2025-11-25T22:35:59.356Z
+upstream = ["CVE-2014-9848"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00093.html", "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://bugzilla.redhat.com/show_bug.cgi?id=1343507", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00093.html", "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://bugzilla.redhat.com/show_bug.cgi?id=1343507"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9848"
+imported = 2025-11-25T22:35:59.356Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:01.110Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9848"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9848"
+```
+
+# Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption)...
+
+Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauby5-1y5e02g.md b/advisories/published/2025/JLSEC-0000-mntnauby5-1y5e02g.md
new file mode 100644
index 00000000..e00a1510
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauby5-1y5e02g.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauby5-1y5e02g"
+modified = 2025-11-25T22:35:59.357Z
+upstream = ["CVE-2014-9849"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://bugzilla.redhat.com/show_bug.cgi?id=1343509", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://bugzilla.redhat.com/show_bug.cgi?id=1343509"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9849"
+imported = 2025-11-25T22:35:59.357Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:01.203Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9849"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9849"
+```
+
+# The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
+
+The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyd-qqjpru.md b/advisories/published/2025/JLSEC-0000-mntnaubyd-qqjpru.md
new file mode 100644
index 00000000..d038058b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyd-qqjpru.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyd-qqjpru"
+modified = 2025-11-25T22:35:59.365Z
+upstream = ["CVE-2014-9850"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=2257d1eadd02d89d225fce21013a1219d221dc7d", "https://bugzilla.redhat.com/show_bug.cgi?id=1343510", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=2257d1eadd02d89d225fce21013a1219d221dc7d", "https://bugzilla.redhat.com/show_bug.cgi?id=1343510"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9850"
+imported = 2025-11-25T22:35:59.365Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:01.250Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9850"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9850"
+```
+
+# Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource co...
+
+Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubye-dlhmd0.md b/advisories/published/2025/JLSEC-0000-mntnaubye-dlhmd0.md
new file mode 100644
index 00000000..ffadf9b8
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubye-dlhmd0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubye-dlhmd0"
+modified = 2025-11-25T22:35:59.366Z
+upstream = ["CVE-2014-9851"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=33b2d377b94eb738011bc7d5e90ca0a16ce4d471", "https://bugzilla.redhat.com/show_bug.cgi?id=1343511", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html", "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.ubuntu.com/usn/USN-3131-1", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=33b2d377b94eb738011bc7d5e90ca0a16ce4d471", "https://bugzilla.redhat.com/show_bug.cgi?id=1343511"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9851"
+imported = 2025-11-25T22:35:59.366Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-20T16:59:01.313Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9851"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9851"
+```
+
+# ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
+
+ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyf-dksdxu.md b/advisories/published/2025/JLSEC-0000-mntnaubyf-dksdxu.md
new file mode 100644
index 00000000..7d10afb3
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyf-dksdxu.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyf-dksdxu"
+modified = 2025-11-25T22:35:59.367Z
+upstream = ["CVE-2014-9832"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9832"
+imported = 2025-11-25T22:35:59.367Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-22T14:59:00.147Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9832"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9832"
+```
+
+# Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
+
+Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyg-1kjwxs0.md b/advisories/published/2025/JLSEC-0000-mntnaubyg-1kjwxs0.md
new file mode 100644
index 00000000..04b5d9aa
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyg-1kjwxs0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyg-1kjwxs0"
+modified = 2025-11-25T22:35:59.368Z
+upstream = ["CVE-2014-9833"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9833"
+imported = 2025-11-25T22:35:59.368Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-22T14:59:00.193Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9833"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9833"
+```
+
+# Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.
+
+Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyh-18u0xy1.md b/advisories/published/2025/JLSEC-0000-mntnaubyh-18u0xy1.md
new file mode 100644
index 00000000..ea1e94dd
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyh-18u0xy1.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyh-18u0xy1"
+modified = 2025-11-25T22:35:59.369Z
+upstream = ["CVE-2014-9834"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9834"
+imported = 2025-11-25T22:35:59.369Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-22T14:59:00.223Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9834"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9834"
+```
+
+# Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
+
+Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyh-7ktpnn.md b/advisories/published/2025/JLSEC-0000-mntnaubyh-7ktpnn.md
new file mode 100644
index 00000000..37827ebf
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyh-7ktpnn.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyh-7ktpnn"
+modified = 2025-11-25T22:35:59.369Z
+upstream = ["CVE-2014-9835"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9835"
+imported = 2025-11-25T22:35:59.369Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-22T14:59:00.257Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9835"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9835"
+```
+
+# Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
+
+Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyi-v3vacv.md b/advisories/published/2025/JLSEC-0000-mntnaubyi-v3vacv.md
new file mode 100644
index 00000000..640254fb
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyi-v3vacv.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyi-v3vacv"
+modified = 2025-11-25T22:35:59.370Z
+upstream = ["CVE-2014-9836"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9836"
+imported = 2025-11-25T22:35:59.370Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-22T14:59:00.287Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9836"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9836"
+```
+
+# ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
+
+ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyj-1rpomu6.md b/advisories/published/2025/JLSEC-0000-mntnaubyj-1rpomu6.md
new file mode 100644
index 00000000..5639ca94
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyj-1rpomu6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyj-1rpomu6"
+modified = 2025-11-25T22:35:59.371Z
+upstream = ["CVE-2014-9838"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.openwall.com/lists/oss-security/2016/06/02/13"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9838"
+imported = 2025-11-25T22:35:59.371Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-22T14:59:00.303Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9838"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9838"
+```
+
+# magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
+
+magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyk-elqh9f.md b/advisories/published/2025/JLSEC-0000-mntnaubyk-elqh9f.md
new file mode 100644
index 00000000..7eb2d2cd
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyk-elqh9f.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyk-elqh9f"
+modified = 2025-11-25T22:35:59.372Z
+upstream = ["CVE-2014-9839"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9839"
+imported = 2025-11-25T22:35:59.372Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-22T14:59:00.333Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9839"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9839"
+```
+
+# magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of servic...
+
+magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyk-wshuns.md b/advisories/published/2025/JLSEC-0000-mntnaubyk-wshuns.md
new file mode 100644
index 00000000..5f4ff8d8
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyk-wshuns.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyk-wshuns"
+modified = 2025-11-25T22:35:59.372Z
+upstream = ["CVE-2014-9840"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9840"
+imported = 2025-11-25T22:35:59.372Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-22T14:59:00.367Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9840"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9840"
+```
+
+# ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via ...
+
+ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyl-la3uzx.md b/advisories/published/2025/JLSEC-0000-mntnaubyl-la3uzx.md
new file mode 100644
index 00000000..0757ca57
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyl-la3uzx.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyl-la3uzx"
+modified = 2025-11-25T22:35:59.373Z
+upstream = ["CVE-2014-9915"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "https://bugzilla.redhat.com/show_bug.cgi?id=1410436", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "https://bugzilla.redhat.com/show_bug.cgi?id=1410436"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9915"
+imported = 2025-11-25T22:35:59.373Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.237Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9915"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9915"
+```
+
+# Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service ...
+
+Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubym-1ykw4ft.md b/advisories/published/2025/JLSEC-0000-mntnaubym-1ykw4ft.md
new file mode 100644
index 00000000..ac1438e0
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubym-1ykw4ft.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubym-1ykw4ft"
+modified = 2025-11-25T22:35:59.374Z
+upstream = ["CVE-2016-10046"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95183", "https://bugzilla.redhat.com/show_bug.cgi?id=1410448", "https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95183", "https://bugzilla.redhat.com/show_bug.cgi?id=1410448", "https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10046"
+imported = 2025-11-25T22:35:59.374Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.283Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10046"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10046"
+```
+
+# Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 ...
+
+Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubym-5xcdr5.md b/advisories/published/2025/JLSEC-0000-mntnaubym-5xcdr5.md
new file mode 100644
index 00000000..3033c05e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubym-5xcdr5.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubym-5xcdr5"
+modified = 2025-11-25T22:35:59.374Z
+upstream = ["CVE-2016-10047"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95182", "https://bugzilla.redhat.com/show_bug.cgi?id=1410449", "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95182", "https://bugzilla.redhat.com/show_bug.cgi?id=1410449", "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10047"
+imported = 2025-11-25T22:35:59.374Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.313Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10047"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10047"
+```
+
+# Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows rem...
+
+Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyn-i7pi0c.md b/advisories/published/2025/JLSEC-0000-mntnaubyn-i7pi0c.md
new file mode 100644
index 00000000..493a48d6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyn-i7pi0c.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyn-i7pi0c"
+modified = 2025-11-25T22:35:59.375Z
+upstream = ["CVE-2016-10048"]
+references = ["http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95186", "https://bugzilla.redhat.com/show_bug.cgi?id=1410451", "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95186", "https://bugzilla.redhat.com/show_bug.cgi?id=1410451", "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10048"
+imported = 2025-11-25T22:35:59.375Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.343Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10048"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10048"
+```
+
+# Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers ...
+
+Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyo-1jh00bl.md b/advisories/published/2025/JLSEC-0000-mntnaubyo-1jh00bl.md
new file mode 100644
index 00000000..58ed0d65
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyo-1jh00bl.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyo-1jh00bl"
+modified = 2025-11-25T22:35:59.376Z
+upstream = ["CVE-2016-10049"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95180", "https://bugzilla.redhat.com/show_bug.cgi?id=1410452", "https://github.com/ImageMagick/ImageMagick/commit/13db820f5e24cd993ee554e99377fea02a904e18", "https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95180", "https://bugzilla.redhat.com/show_bug.cgi?id=1410452", "https://github.com/ImageMagick/ImageMagick/commit/13db820f5e24cd993ee554e99377fea02a904e18", "https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10049"
+imported = 2025-11-25T22:35:59.376Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.390Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10049"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10049"
+```
+
+# Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows re...
+
+Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyp-1ha103b.md b/advisories/published/2025/JLSEC-0000-mntnaubyp-1ha103b.md
new file mode 100644
index 00000000..6a8e862f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyp-1ha103b.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyp-1ha103b"
+modified = 2025-11-25T22:35:59.377Z
+upstream = ["CVE-2016-10051"]
+references = ["http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95187", "https://bugzilla.redhat.com/show_bug.cgi?id=1410456", "https://github.com/ImageMagick/ImageMagick/commit/548701354191a3dda5cffc6d415374b35b01d0b9", "https://github.com/ImageMagick/ImageMagick/commit/ecc03a2518c2b7dd375fde3a040fdae0bdf6a521", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95187", "https://bugzilla.redhat.com/show_bug.cgi?id=1410456", "https://github.com/ImageMagick/ImageMagick/commit/548701354191a3dda5cffc6d415374b35b01d0b9", "https://github.com/ImageMagick/ImageMagick/commit/ecc03a2518c2b7dd375fde3a040fdae0bdf6a521", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10051"
+imported = 2025-11-25T22:35:59.377Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.470Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10051"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10051"
+```
+
+# Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 all...
+
+Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyp-1qa47ox.md b/advisories/published/2025/JLSEC-0000-mntnaubyp-1qa47ox.md
new file mode 100644
index 00000000..da71a900
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyp-1qa47ox.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyp-1qa47ox"
+modified = 2025-11-25T22:35:59.377Z
+upstream = ["CVE-2016-10050"]
+references = ["http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95185", "https://bugzilla.redhat.com/show_bug.cgi?id=1410454", "https://github.com/ImageMagick/ImageMagick/commit/139d4323c40d7363bfdd2382c3821a6f76d69430", "https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95185", "https://bugzilla.redhat.com/show_bug.cgi?id=1410454", "https://github.com/ImageMagick/ImageMagick/commit/139d4323c40d7363bfdd2382c3821a6f76d69430", "https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10050"
+imported = 2025-11-25T22:35:59.377Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.437Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10050"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10050"
+```
+
+# Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allow...
+
+Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyq-153ln30.md b/advisories/published/2025/JLSEC-0000-mntnaubyq-153ln30.md
new file mode 100644
index 00000000..4b17fe99
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyq-153ln30.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyq-153ln30"
+modified = 2025-11-25T22:35:59.378Z
+upstream = ["CVE-2016-10052"]
+references = ["http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95181", "https://bugzilla.redhat.com/show_bug.cgi?id=1410459", "https://github.com/ImageMagick/ImageMagick/commit/13267a10845a8dadabed63072b537f050cec6daa", "https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95181", "https://bugzilla.redhat.com/show_bug.cgi?id=1410459", "https://github.com/ImageMagick/ImageMagick/commit/13267a10845a8dadabed63072b537f050cec6daa", "https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10052"
+imported = 2025-11-25T22:35:59.378Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.517Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10052"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10052"
+```
+
+# Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows r...
+
+Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyr-1jzbto6.md b/advisories/published/2025/JLSEC-0000-mntnaubyr-1jzbto6.md
new file mode 100644
index 00000000..466aece5
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyr-1jzbto6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyr-1jzbto6"
+modified = 2025-11-25T22:35:59.379Z
+upstream = ["CVE-2016-10053"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95179", "https://bugzilla.redhat.com/show_bug.cgi?id=1410461", "https://github.com/ImageMagick/ImageMagick/commit/728dc6a600cf4cbdac846964c85cc04339db8ac1", "https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95179", "https://bugzilla.redhat.com/show_bug.cgi?id=1410461", "https://github.com/ImageMagick/ImageMagick/commit/728dc6a600cf4cbdac846964c85cc04339db8ac1", "https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10053"
+imported = 2025-11-25T22:35:59.379Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.563Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10053"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10053"
+```
+
+# The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers t...
+
+The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubys-sv1066.md b/advisories/published/2025/JLSEC-0000-mntnaubys-sv1066.md
new file mode 100644
index 00000000..25f7e96f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubys-sv1066.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubys-sv1066"
+modified = 2025-11-25T22:35:59.380Z
+upstream = ["CVE-2016-10054"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95191", "https://bugzilla.redhat.com/show_bug.cgi?id=1410462", "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95191", "https://bugzilla.redhat.com/show_bug.cgi?id=1410462", "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10054"
+imported = 2025-11-25T22:35:59.380Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.610Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10054"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10054"
+```
+
+# Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows r...
+
+Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubys-ypjs0z.md b/advisories/published/2025/JLSEC-0000-mntnaubys-ypjs0z.md
new file mode 100644
index 00000000..587558b1
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubys-ypjs0z.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubys-ypjs0z"
+modified = 2025-11-25T22:35:59.380Z
+upstream = ["CVE-2016-10055"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95193", "https://bugzilla.redhat.com/show_bug.cgi?id=1410464", "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95193", "https://bugzilla.redhat.com/show_bug.cgi?id=1410464", "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10055"
+imported = 2025-11-25T22:35:59.380Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.657Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10055"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10055"
+```
+
+# Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows r...
+
+Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyt-1f4afof.md b/advisories/published/2025/JLSEC-0000-mntnaubyt-1f4afof.md
new file mode 100644
index 00000000..929ae60d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyt-1f4afof.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyt-1f4afof"
+modified = 2025-11-25T22:35:59.381Z
+upstream = ["CVE-2016-10056"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95190", "http://www.securityfocus.com/bid/95191", "https://bugzilla.redhat.com/show_bug.cgi?id=1410465", "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95190", "http://www.securityfocus.com/bid/95191", "https://bugzilla.redhat.com/show_bug.cgi?id=1410465", "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10056"
+imported = 2025-11-25T22:35:59.381Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.687Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10056"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10056"
+```
+
+# Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows ...
+
+Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyu-191zfk8.md b/advisories/published/2025/JLSEC-0000-mntnaubyu-191zfk8.md
new file mode 100644
index 00000000..be325b67
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyu-191zfk8.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyu-191zfk8"
+modified = 2025-11-25T22:35:59.382Z
+upstream = ["CVE-2016-10058"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95212", "https://bugzilla.redhat.com/show_bug.cgi?id=1410467", "https://github.com/ImageMagick/ImageMagick/commit/47e8e6ceef979327614d0b8f0c76c6ecb18e09cf", "https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95212", "https://bugzilla.redhat.com/show_bug.cgi?id=1410467", "https://github.com/ImageMagick/ImageMagick/commit/47e8e6ceef979327614d0b8f0c76c6ecb18e09cf", "https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10058"
+imported = 2025-11-25T22:35:59.382Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.767Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10058"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10058"
+```
+
+# Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remot...
+
+Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyu-z8qu2.md b/advisories/published/2025/JLSEC-0000-mntnaubyu-z8qu2.md
new file mode 100644
index 00000000..440c12e6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyu-z8qu2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyu-z8qu2"
+modified = 2025-11-25T22:35:59.382Z
+upstream = ["CVE-2016-10057"]
+references = ["http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95192", "https://bugzilla.redhat.com/show_bug.cgi?id=1410466", "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95192", "https://bugzilla.redhat.com/show_bug.cgi?id=1410466", "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10057"
+imported = 2025-11-25T22:35:59.382Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.737Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10057"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10057"
+```
+
+# Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allo...
+
+Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyv-1u1cwq5.md b/advisories/published/2025/JLSEC-0000-mntnaubyv-1u1cwq5.md
new file mode 100644
index 00000000..a0d98921
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyv-1u1cwq5.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyv-1u1cwq5"
+modified = 2025-11-25T22:35:59.383Z
+upstream = ["CVE-2016-10059"]
+references = ["http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95206", "https://bugzilla.redhat.com/show_bug.cgi?id=1410469", "https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410", "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html", "http://www.openwall.com/lists/oss-security/2016/12/26/9", "http://www.securityfocus.com/bid/95206", "https://bugzilla.redhat.com/show_bug.cgi?id=1410469", "https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10059"
+imported = 2025-11-25T22:35:59.383Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-23T17:59:00.797Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10059"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10059"
+```
+
+# Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a de...
+
+Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyx-17c6n97.md b/advisories/published/2025/JLSEC-0000-mntnaubyx-17c6n97.md
new file mode 100644
index 00000000..380fce4b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyx-17c6n97.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyx-17c6n97"
+modified = 2025-11-25T22:35:59.385Z
+upstream = ["CVE-2016-10145"]
+references = ["http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95749", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851483", "https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9", "https://security.gentoo.org/glsa/201702-09", "http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95749", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851483", "https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9", "https://security.gentoo.org/glsa/201702-09"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10145"
+imported = 2025-11-25T22:35:59.385Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-24T15:59:00.433Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10145"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10145"
+```
+
+# Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact v...
+
+Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyx-1vjno0t.md b/advisories/published/2025/JLSEC-0000-mntnaubyx-1vjno0t.md
new file mode 100644
index 00000000..572783b2
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyx-1vjno0t.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyx-1vjno0t"
+modified = 2025-11-25T22:35:59.385Z
+upstream = ["CVE-2016-10144"]
+references = ["http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95750", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851485", "https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20", "https://security.gentoo.org/glsa/201702-09", "http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95750", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851485", "https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20", "https://security.gentoo.org/glsa/201702-09"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10144"
+imported = 2025-11-25T22:35:59.385Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-24T15:59:00.403Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10144"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10144"
+```
+
+# coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missin...
+
+coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyy-oupega.md b/advisories/published/2025/JLSEC-0000-mntnaubyy-oupega.md
new file mode 100644
index 00000000..6969a7eb
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyy-oupega.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyy-oupega"
+modified = 2025-11-25T22:35:59.386Z
+upstream = ["CVE-2016-10146"]
+references = ["http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95744", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380", "https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456", "https://security.gentoo.org/glsa/201702-09", "http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95744", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380", "https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456", "https://security.gentoo.org/glsa/201702-09"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-10146"
+imported = 2025-11-25T22:35:59.386Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-24T15:59:00.480Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-10146"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-10146"
+```
+
+# Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers t...
+
+Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaubyz-4fa346.md b/advisories/published/2025/JLSEC-0000-mntnaubyz-4fa346.md
new file mode 100644
index 00000000..0d4f4e90
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaubyz-4fa346.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaubyz-4fa346"
+modified = 2025-11-25T22:35:59.387Z
+upstream = ["CVE-2017-5506"]
+references = ["http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95753", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851383", "https://github.com/ImageMagick/ImageMagick/commit/9a069e0f2e027ec5138f998023cf9cb62c04889f", "https://github.com/ImageMagick/ImageMagick/issues/354", "https://security.gentoo.org/glsa/201702-09", "http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95753", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851383", "https://github.com/ImageMagick/ImageMagick/commit/9a069e0f2e027ec5138f998023cf9cb62c04889f", "https://github.com/ImageMagick/ImageMagick/issues/354", "https://security.gentoo.org/glsa/201702-09"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["*"]
+
+[[jlsec_sources]]
+id = "CVE-2017-5506"
+imported = 2025-11-25T22:35:59.387Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-24T15:59:00.967Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-5506"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-5506"
+```
+
+# Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspeci...
+
+Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc3q-1bgc8ry.md b/advisories/published/2025/JLSEC-0000-mntnauc3q-1bgc8ry.md
new file mode 100644
index 00000000..eaf07a24
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc3q-1bgc8ry.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc3q-1bgc8ry"
+modified = 2025-11-25T22:35:59.558Z
+upstream = ["CVE-2017-5507"]
+references = ["http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95752", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851382", "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-4/ChangeLog", "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-4/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/66e283e0a9c141b19fe6c4c39f4a41c0d3188ba8", "https://security.gentoo.org/glsa/201702-09", "http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95752", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851382", "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-4/ChangeLog", "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-4/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/66e283e0a9c141b19fe6c4c39f4a41c0d3188ba8", "https://security.gentoo.org/glsa/201702-09"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-5507"
+imported = 2025-11-25T22:35:59.558Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-24T15:59:01.027Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-5507"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-5507"
+```
+
+# Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attac...
+
+Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4a-v80kis.md b/advisories/published/2025/JLSEC-0000-mntnauc4a-v80kis.md
new file mode 100644
index 00000000..c6394a2d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4a-v80kis.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4a-v80kis"
+modified = 2025-11-25T22:35:59.578Z
+upstream = ["CVE-2017-5508"]
+references = ["http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95748", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851381", "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-3/ChangeLog", "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-3/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/c073a7712d82476b5fbee74856c46b88af9c3175", "https://security.gentoo.org/glsa/201702-09", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31161", "http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95748", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851381", "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-3/ChangeLog", "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-3/ChangeLog", "https://github.com/ImageMagick/ImageMagick/commit/c073a7712d82476b5fbee74856c46b88af9c3175", "https://security.gentoo.org/glsa/201702-09", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31161"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-5508"
+imported = 2025-11-25T22:35:59.578Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-24T15:59:01.060Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-5508"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-5508"
+```
+
+# Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x be...
+
+Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4b-1x5fjit.md b/advisories/published/2025/JLSEC-0000-mntnauc4b-1x5fjit.md
new file mode 100644
index 00000000..294aa901
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4b-1x5fjit.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4b-1x5fjit"
+modified = 2025-11-25T22:35:59.579Z
+upstream = ["CVE-2017-5509"]
+references = ["http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95751", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851377", "https://github.com/ImageMagick/ImageMagick/commit/37a1710e2dab6ed91128ea648d654a22fbe2a6af", "https://github.com/ImageMagick/ImageMagick/commit/d4ec73f866a7c42a2e7f301fcd696e5cb7a7d3ab", "https://github.com/ImageMagick/ImageMagick/issues/350", "https://security.gentoo.org/glsa/201702-09", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95751", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851377", "https://github.com/ImageMagick/ImageMagick/commit/37a1710e2dab6ed91128ea648d654a22fbe2a6af", "https://github.com/ImageMagick/ImageMagick/commit/d4ec73f866a7c42a2e7f301fcd696e5cb7a7d3ab", "https://github.com/ImageMagick/ImageMagick/issues/350", "https://security.gentoo.org/glsa/201702-09"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-5509"
+imported = 2025-11-25T22:35:59.579Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-24T15:59:01.123Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-5509"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-5509"
+```
+
+# coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD fil...
+
+coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4d-1qjjios.md b/advisories/published/2025/JLSEC-0000-mntnauc4d-1qjjios.md
new file mode 100644
index 00000000..afbc6b33
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4d-1qjjios.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4d-1qjjios"
+modified = 2025-11-25T22:35:59.581Z
+upstream = ["CVE-2017-5510"]
+references = ["http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95755", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851376", "https://github.com/ImageMagick/ImageMagick/commit/91cc3f36f2ccbd485a0456bab9aebe63b635da88", "https://github.com/ImageMagick/ImageMagick/commit/e87af64b1ff1635a32d9b6162f1b0e260fb54ed9", "https://github.com/ImageMagick/ImageMagick/issues/348", "https://security.gentoo.org/glsa/201702-09", "http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95755", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851376", "https://github.com/ImageMagick/ImageMagick/commit/91cc3f36f2ccbd485a0456bab9aebe63b635da88", "https://github.com/ImageMagick/ImageMagick/commit/e87af64b1ff1635a32d9b6162f1b0e260fb54ed9", "https://github.com/ImageMagick/ImageMagick/issues/348", "https://security.gentoo.org/glsa/201702-09"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-5510"
+imported = 2025-11-25T22:35:59.581Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-24T15:59:01.170Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-5510"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-5510"
+```
+
+# coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD fil...
+
+coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4e-7st53t.md b/advisories/published/2025/JLSEC-0000-mntnauc4e-7st53t.md
new file mode 100644
index 00000000..e3f1e981
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4e-7st53t.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4e-7st53t"
+modified = 2025-11-25T22:35:59.582Z
+upstream = ["CVE-2017-5511"]
+references = ["http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95746", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851374", "https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790", "https://github.com/ImageMagick/ImageMagick/commit/c8c6a0f123d5e35c173125365c97e2c0fc7eca42", "https://github.com/ImageMagick/ImageMagick/issues/347", "https://security.gentoo.org/glsa/201702-09", "http://www.debian.org/security/2017/dsa-3799", "http://www.openwall.com/lists/oss-security/2017/01/16/6", "http://www.openwall.com/lists/oss-security/2017/01/17/5", "http://www.securityfocus.com/bid/95746", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851374", "https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790", "https://github.com/ImageMagick/ImageMagick/commit/c8c6a0f123d5e35c173125365c97e2c0fc7eca42", "https://github.com/ImageMagick/ImageMagick/issues/347", "https://security.gentoo.org/glsa/201702-09"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-5511"
+imported = 2025-11-25T22:35:59.582Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-24T15:59:01.217Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-5511"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-5511"
+```
+
+# coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an impr...
+
+coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4g-16ta0p2.md b/advisories/published/2025/JLSEC-0000-mntnauc4g-16ta0p2.md
new file mode 100644
index 00000000..fe3c814b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4g-16ta0p2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4g-16ta0p2"
+modified = 2025-11-25T22:35:59.584Z
+upstream = ["CVE-2014-9804"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee", "https://bugzilla.redhat.com/show_bug.cgi?id=1343459", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee", "https://bugzilla.redhat.com/show_bug.cgi?id=1343459"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9804"
+imported = 2025-11-25T22:35:59.584Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.170Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9804"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9804"
+```
+
+# vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vec...
+
+vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object."
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4h-1r9x5kd.md b/advisories/published/2025/JLSEC-0000-mntnauc4h-1r9x5kd.md
new file mode 100644
index 00000000..ca682ca2
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4h-1r9x5kd.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4h-1r9x5kd"
+modified = 2025-11-25T22:35:59.585Z
+upstream = ["CVE-2014-9806"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://bugzilla.redhat.com/show_bug.cgi?id=1343462", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://bugzilla.redhat.com/show_bug.cgi?id=1343462"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9806"
+imported = 2025-11-25T22:35:59.585Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.250Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9806"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9806"
+```
+
+# ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a...
+
+ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4h-npecoy.md b/advisories/published/2025/JLSEC-0000-mntnauc4h-npecoy.md
new file mode 100644
index 00000000..b2b12620
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4h-npecoy.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4h-npecoy"
+modified = 2025-11-25T22:35:59.585Z
+upstream = ["CVE-2014-9805"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://bugzilla.redhat.com/show_bug.cgi?id=1343460", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://bugzilla.redhat.com/show_bug.cgi?id=1343460"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9805"
+imported = 2025-11-25T22:35:59.585Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.217Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9805"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9805"
+```
+
+# ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application...
+
+ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4i-19miawr.md b/advisories/published/2025/JLSEC-0000-mntnauc4i-19miawr.md
new file mode 100644
index 00000000..3910dd71
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4i-19miawr.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4i-19miawr"
+modified = 2025-11-25T22:35:59.586Z
+upstream = ["CVE-2014-9807"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=be644895456764f2c2670f297d9d9860ff0bdd75", "https://bugzilla.redhat.com/show_bug.cgi?id=1343463", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=be644895456764f2c2670f297d9d9860ff0bdd75", "https://bugzilla.redhat.com/show_bug.cgi?id=1343463"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9807"
+imported = 2025-11-25T22:35:59.586Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.297Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9807"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9807"
+```
+
+# The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via ...
+
+The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4j-iq1qu1.md b/advisories/published/2025/JLSEC-0000-mntnauc4j-iq1qu1.md
new file mode 100644
index 00000000..0164d472
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4j-iq1qu1.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4j-iq1qu1"
+modified = 2025-11-25T22:35:59.587Z
+upstream = ["CVE-2014-9808"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=82f779cbc24045af2eaecb95d0842ca7b97c71f4", "https://bugzilla.redhat.com/show_bug.cgi?id=1343464", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=82f779cbc24045af2eaecb95d0842ca7b97c71f4", "https://bugzilla.redhat.com/show_bug.cgi?id=1343464"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9808"
+imported = 2025-11-25T22:35:59.587Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.327Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9808"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9808"
+```
+
+# ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application...
+
+ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4k-k2b3nu.md b/advisories/published/2025/JLSEC-0000-mntnauc4k-k2b3nu.md
new file mode 100644
index 00000000..f683f860
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4k-k2b3nu.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4k-k2b3nu"
+modified = 2025-11-25T22:35:59.588Z
+upstream = ["CVE-2014-9810"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=68db5f601d4120170b91f5397e596c0b8f9d3a8e", "https://bugzilla.redhat.com/show_bug.cgi?id=1343466", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=68db5f601d4120170b91f5397e596c0b8f9d3a8e", "https://bugzilla.redhat.com/show_bug.cgi?id=1343466"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9810"
+imported = 2025-11-25T22:35:59.588Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.407Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9810"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9810"
+```
+
+# The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentati...
+
+The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4k-pvrdtf.md b/advisories/published/2025/JLSEC-0000-mntnauc4k-pvrdtf.md
new file mode 100644
index 00000000..6aaa6d01
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4k-pvrdtf.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4k-pvrdtf"
+modified = 2025-11-25T22:35:59.588Z
+upstream = ["CVE-2014-9809"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=82f779cbc24045af2eaecb95d0842ca7b97c71f4", "https://bugzilla.redhat.com/show_bug.cgi?id=1343465", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=82f779cbc24045af2eaecb95d0842ca7b97c71f4", "https://bugzilla.redhat.com/show_bug.cgi?id=1343465"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9809"
+imported = 2025-11-25T22:35:59.588Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.360Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9809"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9809"
+```
+
+# ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application...
+
+ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4l-1x95q8m.md b/advisories/published/2025/JLSEC-0000-mntnauc4l-1x95q8m.md
new file mode 100644
index 00000000..98f517df
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4l-1x95q8m.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4l-1x95q8m"
+modified = 2025-11-25T22:35:59.589Z
+upstream = ["CVE-2014-9811"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=82a5bbdd47b9b3f43ce3c2aa18741aecc4a0f962", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=914da276f717b3e21e5af6614887af14af87a9b8", "https://bugzilla.redhat.com/show_bug.cgi?id=1343467", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=82a5bbdd47b9b3f43ce3c2aa18741aecc4a0f962", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=914da276f717b3e21e5af6614887af14af87a9b8", "https://bugzilla.redhat.com/show_bug.cgi?id=1343467"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9811"
+imported = 2025-11-25T22:35:59.589Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.437Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9811"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9811"
+```
+
+# The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentati...
+
+The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4m-13jncxa.md b/advisories/published/2025/JLSEC-0000-mntnauc4m-13jncxa.md
new file mode 100644
index 00000000..4b36887a
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4m-13jncxa.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4m-13jncxa"
+modified = 2025-11-25T22:35:59.590Z
+upstream = ["CVE-2014-9812"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f093a3119704fd6d349a9ee32b9f71cabe7d04c8", "https://bugzilla.redhat.com/show_bug.cgi?id=1343468", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f093a3119704fd6d349a9ee32b9f71cabe7d04c8", "https://bugzilla.redhat.com/show_bug.cgi?id=1343468"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9812"
+imported = 2025-11-25T22:35:59.590Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.500Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9812"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9812"
+```
+
+# ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a cr...
+
+ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4n-9lbacg.md b/advisories/published/2025/JLSEC-0000-mntnauc4n-9lbacg.md
new file mode 100644
index 00000000..6924aa7c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4n-9lbacg.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4n-9lbacg"
+modified = 2025-11-25T22:35:59.591Z
+upstream = ["CVE-2014-9813"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=ae8e15370f269a529623b762c1355ab1dbab712e", "https://bugzilla.redhat.com/show_bug.cgi?id=1343469", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=ae8e15370f269a529623b762c1355ab1dbab712e", "https://bugzilla.redhat.com/show_bug.cgi?id=1343469"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9813"
+imported = 2025-11-25T22:35:59.591Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.517Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9813"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9813"
+```
+
+# ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted v...
+
+ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4o-1o7oxl4.md b/advisories/published/2025/JLSEC-0000-mntnauc4o-1o7oxl4.md
new file mode 100644
index 00000000..d80d1f77
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4o-1o7oxl4.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4o-1o7oxl4"
+modified = 2025-11-25T22:35:59.592Z
+upstream = ["CVE-2014-9815"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=1eb3064a9e4a81d0b8cd414e3dcd7fe9b158f241", "https://bugzilla.redhat.com/show_bug.cgi?id=1343471", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=1eb3064a9e4a81d0b8cd414e3dcd7fe9b158f241", "https://bugzilla.redhat.com/show_bug.cgi?id=1343471"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9815"
+imported = 2025-11-25T22:35:59.592Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.593Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9815"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9815"
+```
+
+# ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted w...
+
+ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4o-mk91ie.md b/advisories/published/2025/JLSEC-0000-mntnauc4o-mk91ie.md
new file mode 100644
index 00000000..1870e314
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4o-mk91ie.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4o-mk91ie"
+modified = 2025-11-25T22:35:59.592Z
+upstream = ["CVE-2014-9814"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=fcced2ba626109d23186282d326427a0fc85fec0", "https://bugzilla.redhat.com/show_bug.cgi?id=1343470", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=fcced2ba626109d23186282d326427a0fc85fec0", "https://bugzilla.redhat.com/show_bug.cgi?id=1343470"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9814"
+imported = 2025-11-25T22:35:59.592Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.563Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9814"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9814"
+```
+
+# ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a cr...
+
+ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4p-12csq5y.md b/advisories/published/2025/JLSEC-0000-mntnauc4p-12csq5y.md
new file mode 100644
index 00000000..6fe18061
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4p-12csq5y.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4p-12csq5y"
+modified = 2025-11-25T22:35:59.593Z
+upstream = ["CVE-2014-9816"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f", "https://bugzilla.redhat.com/show_bug.cgi?id=1343472", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f", "https://bugzilla.redhat.com/show_bug.cgi?id=1343472"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9816"
+imported = 2025-11-25T22:35:59.593Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.640Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9816"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9816"
+```
+
+# ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafte...
+
+ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4q-18k4ntn.md b/advisories/published/2025/JLSEC-0000-mntnauc4q-18k4ntn.md
new file mode 100644
index 00000000..3efa68da
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4q-18k4ntn.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4q-18k4ntn"
+modified = 2025-11-25T22:35:59.594Z
+upstream = ["CVE-2014-9817"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=e24de96ab25b396ae914a7640ff4d61e58c40cf0", "https://bugzilla.redhat.com/show_bug.cgi?id=1343473", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=e24de96ab25b396ae914a7640ff4d61e58c40cf0", "https://bugzilla.redhat.com/show_bug.cgi?id=1343473"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9817"
+imported = 2025-11-25T22:35:59.594Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.687Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9817"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9817"
+```
+
+# Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a c...
+
+Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4r-zbxivy.md b/advisories/published/2025/JLSEC-0000-mntnauc4r-zbxivy.md
new file mode 100644
index 00000000..58cbaf52
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4r-zbxivy.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4r-zbxivy"
+modified = 2025-11-25T22:35:59.595Z
+upstream = ["CVE-2014-9818"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=8e72cbfca8db81132319af14d1f33a3e833666d7", "https://bugzilla.redhat.com/show_bug.cgi?id=1343474", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=8e72cbfca8db81132319af14d1f33a3e833666d7", "https://bugzilla.redhat.com/show_bug.cgi?id=1343474"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9818"
+imported = 2025-11-25T22:35:59.595Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.717Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9818"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9818"
+```
+
+# ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malfor...
+
+ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4s-178k772.md b/advisories/published/2025/JLSEC-0000-mntnauc4s-178k772.md
new file mode 100644
index 00000000..bdda3f61
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4s-178k772.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4s-178k772"
+modified = 2025-11-25T22:35:59.596Z
+upstream = ["CVE-2014-9820"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330", "https://bugzilla.redhat.com/show_bug.cgi?id=1343476", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330", "https://bugzilla.redhat.com/show_bug.cgi?id=1343476"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9820"
+imported = 2025-11-25T22:35:59.596Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.797Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9820"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9820"
+```
+
+# Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a c...
+
+Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4s-ccs9ur.md b/advisories/published/2025/JLSEC-0000-mntnauc4s-ccs9ur.md
new file mode 100644
index 00000000..e41c43e4
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4s-ccs9ur.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4s-ccs9ur"
+modified = 2025-11-25T22:35:59.596Z
+upstream = ["CVE-2014-9819"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330", "https://bugzilla.redhat.com/show_bug.cgi?id=1343475", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330", "https://bugzilla.redhat.com/show_bug.cgi?id=1343475"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9819"
+imported = 2025-11-25T22:35:59.595Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.750Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9819"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9819"
+```
+
+# Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a c...
+
+Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4t-1bl9svq.md b/advisories/published/2025/JLSEC-0000-mntnauc4t-1bl9svq.md
new file mode 100644
index 00000000..73649bc1
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4t-1bl9svq.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4t-1bl9svq"
+modified = 2025-11-25T22:35:59.597Z
+upstream = ["CVE-2014-9821"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330", "https://bugzilla.redhat.com/show_bug.cgi?id=1343477", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330", "https://bugzilla.redhat.com/show_bug.cgi?id=1343477"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9821"
+imported = 2025-11-25T22:35:59.597Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.827Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9821"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9821"
+```
+
+# Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a c...
+
+Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4u-1ze8xd.md b/advisories/published/2025/JLSEC-0000-mntnauc4u-1ze8xd.md
new file mode 100644
index 00000000..f8be0aa9
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4u-1ze8xd.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4u-1ze8xd"
+modified = 2025-11-25T22:35:59.598Z
+upstream = ["CVE-2014-9822"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8", "https://bugzilla.redhat.com/show_bug.cgi?id=1343478", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8", "https://bugzilla.redhat.com/show_bug.cgi?id=1343478"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9822"
+imported = 2025-11-25T22:35:59.598Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.873Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9822"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9822"
+```
+
+# Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a c...
+
+Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4v-832ph.md b/advisories/published/2025/JLSEC-0000-mntnauc4v-832ph.md
new file mode 100644
index 00000000..61343bd6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4v-832ph.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4v-832ph"
+modified = 2025-11-25T22:35:59.599Z
+upstream = ["CVE-2014-9823"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8", "https://bugzilla.redhat.com/show_bug.cgi?id=1343479", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8", "https://bugzilla.redhat.com/show_bug.cgi?id=1343479"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9823"
+imported = 2025-11-25T22:35:59.599Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.907Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9823"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9823"
+```
+
+# Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a c...
+
+Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4v-8ywp.md b/advisories/published/2025/JLSEC-0000-mntnauc4v-8ywp.md
new file mode 100644
index 00000000..a10a57dc
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4v-8ywp.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4v-8ywp"
+modified = 2025-11-25T22:35:59.599Z
+upstream = ["CVE-2014-9824"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8", "https://bugzilla.redhat.com/show_bug.cgi?id=1343480", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8", "https://bugzilla.redhat.com/show_bug.cgi?id=1343480"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9824"
+imported = 2025-11-25T22:35:59.599Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.937Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9824"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9824"
+```
+
+# Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a c...
+
+Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4w-1yzt394.md b/advisories/published/2025/JLSEC-0000-mntnauc4w-1yzt394.md
new file mode 100644
index 00000000..3f71ae9f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4w-1yzt394.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4w-1yzt394"
+modified = 2025-11-25T22:35:59.600Z
+upstream = ["CVE-2014-9825"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=69490f5cffbda612e15a2985699455bb0b45e276", "https://bugzilla.redhat.com/show_bug.cgi?id=1343481", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=69490f5cffbda612e15a2985699455bb0b45e276", "https://bugzilla.redhat.com/show_bug.cgi?id=1343481"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9825"
+imported = 2025-11-25T22:35:59.600Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:00.983Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9825"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9825"
+```
+
+# Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a c...
+
+Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4x-ulv6s9.md b/advisories/published/2025/JLSEC-0000-mntnauc4x-ulv6s9.md
new file mode 100644
index 00000000..ba2116c2
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4x-ulv6s9.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4x-ulv6s9"
+modified = 2025-11-25T22:35:59.601Z
+upstream = ["CVE-2014-9826"]
+references = ["http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=69490f5cffbda612e15a2985699455bb0b45e276", "https://bugzilla.redhat.com/show_bug.cgi?id=1343482", "http://www.openwall.com/lists/oss-security/2014/12/24/1", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=69490f5cffbda612e15a2985699455bb0b45e276", "https://bugzilla.redhat.com/show_bug.cgi?id=1343482"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9826"
+imported = 2025-11-25T22:35:59.601Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-03-30T15:59:01.017Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9826"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9826"
+```
+
+# ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling...
+
+ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc4y-1m8en5o.md b/advisories/published/2025/JLSEC-0000-mntnauc4y-1m8en5o.md
new file mode 100644
index 00000000..9a201f4e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc4y-1m8en5o.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc4y-1m8en5o"
+modified = 2025-11-25T22:35:59.602Z
+upstream = ["CVE-2014-9829"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=8e72cbfca8db81132319af14d1f33a3e833666d7", "https://bugzilla.redhat.com/show_bug.cgi?id=1343485", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=8e72cbfca8db81132319af14d1f33a3e833666d7", "https://bugzilla.redhat.com/show_bug.cgi?id=1343485"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9829"
+imported = 2025-11-25T22:35:59.602Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-05T17:59:00.150Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9829"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9829"
+```
+
+# coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds acce...
+
+coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc50-muremm.md b/advisories/published/2025/JLSEC-0000-mntnauc50-muremm.md
new file mode 100644
index 00000000..d8e24f44
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc50-muremm.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc50-muremm"
+modified = 2025-11-25T22:35:59.604Z
+upstream = ["CVE-2014-8354"]
+references = ["http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html", "http://www.securityfocus.com/bid/70830", "https://bugzilla.redhat.com/show_bug.cgi?id=1158518", "https://int21.de/cve/CVE-2014-8354-ImageMagick-oob-heap-overflow.html", "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html", "http://www.securityfocus.com/bid/70830", "https://bugzilla.redhat.com/show_bug.cgi?id=1158518", "https://int21.de/cve/CVE-2014-8354-ImageMagick-oob-heap-overflow.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-8354"
+imported = 2025-11-25T22:35:59.604Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-11T19:59:00.203Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-8354"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-8354"
+```
+
+# The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to c...
+
+The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc51-yj070o.md b/advisories/published/2025/JLSEC-0000-mntnauc51-yj070o.md
new file mode 100644
index 00000000..58b0c8ff
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc51-yj070o.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc51-yj070o"
+modified = 2025-11-25T22:35:59.605Z
+upstream = ["CVE-2014-8355"]
+references = ["http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html", "http://www.securityfocus.com/bid/70839", "https://bugzilla.redhat.com/show_bug.cgi?id=1158523", "https://int21.de/cve/CVE-2014-8355-ImageMagick-pcx-oob-heap-overflow.html", "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html", "http://www.securityfocus.com/bid/70839", "https://bugzilla.redhat.com/show_bug.cgi?id=1158523", "https://int21.de/cve/CVE-2014-8355-ImageMagick-pcx-oob-heap-overflow.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-8355"
+imported = 2025-11-25T22:35:59.605Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-11T19:59:00.233Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-8355"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-8355"
+```
+
+# PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (...
+
+PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc52-3xq9rn.md b/advisories/published/2025/JLSEC-0000-mntnauc52-3xq9rn.md
new file mode 100644
index 00000000..6af0ad3b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc52-3xq9rn.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc52-3xq9rn"
+modified = 2025-11-25T22:35:59.606Z
+upstream = ["CVE-2014-8562"]
+references = ["http://www.securityfocus.com/bid/70837", "https://bugzilla.redhat.com/show_bug.cgi?id=1159362", "https://int21.de/cve/CVE-2014-8562-ImageMagick-dcm-oob-heap-overflow.html", "https://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html", "http://www.securityfocus.com/bid/70837", "https://bugzilla.redhat.com/show_bug.cgi?id=1159362", "https://int21.de/cve/CVE-2014-8562-ImageMagick-dcm-oob-heap-overflow.html", "https://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-8562"
+imported = 2025-11-25T22:35:59.606Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-11T19:59:00.280Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-8562"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-8562"
+```
+
+# DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-o...
+
+DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc52-p4jspo.md b/advisories/published/2025/JLSEC-0000-mntnauc52-p4jspo.md
new file mode 100644
index 00000000..21cf13c8
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc52-p4jspo.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc52-p4jspo"
+modified = 2025-11-25T22:35:59.606Z
+upstream = ["CVE-2014-8716"]
+references = ["http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26456", "http://www.securityfocus.com/bid/70992", "https://bugzilla.redhat.com/show_bug.cgi?id=1164248", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26456", "http://www.securityfocus.com/bid/70992", "https://bugzilla.redhat.com/show_bug.cgi?id=1164248"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-8716"
+imported = 2025-11-25T22:35:59.606Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-11T19:59:00.313Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-8716"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-8716"
+```
+
+# The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-...
+
+The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc53-13e97uh.md b/advisories/published/2025/JLSEC-0000-mntnauc53-13e97uh.md
new file mode 100644
index 00000000..992e2ad3
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc53-13e97uh.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc53-13e97uh"
+modified = 2025-11-25T22:35:59.607Z
+upstream = ["CVE-2014-9837"]
+references = ["http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=7a7119c6fe19324ee17b8f756dae60c16e470ab2", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=7a7119c6fe19324ee17b8f756dae60c16e470ab2"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9837"
+imported = 2025-11-25T22:35:59.607Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-11T19:59:00.343Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9837"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9837"
+```
+
+# coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of se...
+
+coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc56-2vy63z.md b/advisories/published/2025/JLSEC-0000-mntnauc56-2vy63z.md
new file mode 100644
index 00000000..1677f309
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc56-2vy63z.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc56-2vy63z"
+modified = 2025-11-25T22:35:59.610Z
+upstream = ["CVE-2014-9907"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93231", "https://bugzilla.redhat.com/show_bug.cgi?id=1378734", "https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f", "https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2", "https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93231", "https://bugzilla.redhat.com/show_bug.cgi?id=1378734", "https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f", "https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2", "https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9907"
+imported = 2025-11-25T22:35:59.610Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-19T14:59:00.147Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9907"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9907"
+```
+
+# coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS f...
+
+coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc57-f05eb7.md b/advisories/published/2025/JLSEC-0000-mntnauc57-f05eb7.md
new file mode 100644
index 00000000..22caf3ee
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc57-f05eb7.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc57-f05eb7"
+modified = 2025-11-25T22:35:59.611Z
+upstream = ["CVE-2016-7515"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93120", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445", "https://bugzilla.redhat.com/show_bug.cgi?id=1378741", "https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1", "https://github.com/ImageMagick/ImageMagick/issues/82", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93120", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445", "https://bugzilla.redhat.com/show_bug.cgi?id=1378741", "https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1", "https://github.com/ImageMagick/ImageMagick/issues/82"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7515"
+imported = 2025-11-25T22:35:59.611Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-19T14:59:00.270Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7515"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7515"
+```
+
+# The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial o...
+
+The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc58-s5coyu.md b/advisories/published/2025/JLSEC-0000-mntnauc58-s5coyu.md
new file mode 100644
index 00000000..f0b8b022
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc58-s5coyu.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc58-s5coyu"
+modified = 2025-11-25T22:35:59.612Z
+upstream = ["CVE-2016-7519"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445", "https://bugzilla.redhat.com/show_bug.cgi?id=1378746", "https://github.com/ImageMagick/ImageMagick/issues/82", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445", "https://bugzilla.redhat.com/show_bug.cgi?id=1378746", "https://github.com/ImageMagick/ImageMagick/issues/82"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7519"
+imported = 2025-11-25T22:35:59.612Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-19T14:59:00.317Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7519"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7519"
+```
+
+# The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial o...
+
+The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc59-1ixbi1r.md b/advisories/published/2025/JLSEC-0000-mntnauc59-1ixbi1r.md
new file mode 100644
index 00000000..a8eb39ef
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc59-1ixbi1r.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc59-1ixbi1r"
+modified = 2025-11-25T22:35:59.613Z
+upstream = ["CVE-2016-7522"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537419", "https://bugzilla.redhat.com/show_bug.cgi?id=1378751", "https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58", "https://github.com/ImageMagick/ImageMagick/issues/93", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537419", "https://bugzilla.redhat.com/show_bug.cgi?id=1378751", "https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58", "https://github.com/ImageMagick/ImageMagick/issues/93"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7522"
+imported = 2025-11-25T22:35:59.613Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-19T14:59:00.367Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7522"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7522"
+```
+
+# The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a d...
+
+The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5a-xtyvkp.md b/advisories/published/2025/JLSEC-0000-mntnauc5a-xtyvkp.md
new file mode 100644
index 00000000..d27228df
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5a-xtyvkp.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5a-xtyvkp"
+modified = 2025-11-25T22:35:59.614Z
+upstream = ["CVE-2016-7529"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052", "https://bugzilla.redhat.com/show_bug.cgi?id=1378761", "https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c", "https://github.com/ImageMagick/ImageMagick/issues/103", "https://github.com/ImageMagick/ImageMagick/issues/104", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052", "https://bugzilla.redhat.com/show_bug.cgi?id=1378761", "https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c", "https://github.com/ImageMagick/ImageMagick/issues/103", "https://github.com/ImageMagick/ImageMagick/issues/104"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7529"
+imported = 2025-11-25T22:35:59.614Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-19T14:59:00.443Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7529"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7529"
+```
+
+# coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read...
+
+coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5a-ye9eqz.md b/advisories/published/2025/JLSEC-0000-mntnauc5a-ye9eqz.md
new file mode 100644
index 00000000..36988b7d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5a-ye9eqz.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5a-ye9eqz"
+modified = 2025-11-25T22:35:59.614Z
+upstream = ["CVE-2016-7528"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93226", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537425", "https://bugzilla.redhat.com/show_bug.cgi?id=1378760", "https://github.com/ImageMagick/ImageMagick/commit/7be16a280014f895a951db4948df316a23dabc09", "https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135", "https://github.com/ImageMagick/ImageMagick/issues/99", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93226", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537425", "https://bugzilla.redhat.com/show_bug.cgi?id=1378760", "https://github.com/ImageMagick/ImageMagick/commit/7be16a280014f895a951db4948df316a23dabc09", "https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135", "https://github.com/ImageMagick/ImageMagick/issues/99"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7528"
+imported = 2025-11-25T22:35:59.614Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-19T14:59:00.397Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7528"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7528"
+```
+
+# The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial...
+
+The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5b-4ph2k6.md b/advisories/published/2025/JLSEC-0000-mntnauc5b-4ph2k6.md
new file mode 100644
index 00000000..00bdb76f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5b-4ph2k6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5b-4ph2k6"
+modified = 2025-11-25T22:35:59.615Z
+upstream = ["CVE-2016-7531"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539061", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542112", "https://bugzilla.redhat.com/show_bug.cgi?id=1378763", "https://github.com/ImageMagick/ImageMagick/issues/107", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539061", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542112", "https://bugzilla.redhat.com/show_bug.cgi?id=1378763", "https://github.com/ImageMagick/ImageMagick/issues/107"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7531"
+imported = 2025-11-25T22:35:59.615Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-19T14:59:00.473Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7531"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7531"
+```
+
+# MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-boun...
+
+MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5c-1ra6ve5.md b/advisories/published/2025/JLSEC-0000-mntnauc5c-1ra6ve5.md
new file mode 100644
index 00000000..8c37caa1
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5c-1ra6ve5.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5c-1ra6ve5"
+modified = 2025-11-25T22:35:59.616Z
+upstream = ["CVE-2016-7533"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542114", "https://bugzilla.redhat.com/show_bug.cgi?id=1378765", "https://github.com/ImageMagick/ImageMagick/commit/bef1e4f637d8f665bc133a9c6d30df08d983bc3a", "https://github.com/ImageMagick/ImageMagick/issues/120", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542114", "https://bugzilla.redhat.com/show_bug.cgi?id=1378765", "https://github.com/ImageMagick/ImageMagick/commit/bef1e4f637d8f665bc133a9c6d30df08d983bc3a", "https://github.com/ImageMagick/ImageMagick/issues/120"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7533"
+imported = 2025-11-25T22:35:59.616Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-19T14:59:00.520Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7533"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7533"
+```
+
+# The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial o...
+
+The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5d-1dojumd.md b/advisories/published/2025/JLSEC-0000-mntnauc5d-1dojumd.md
new file mode 100644
index 00000000..9a232a5d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5d-1dojumd.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5d-1dojumd"
+modified = 2025-11-25T22:35:59.617Z
+upstream = ["CVE-2016-7537"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1553366", "https://bugzilla.redhat.com/show_bug.cgi?id=1378773", "https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f", "https://github.com/ImageMagick/ImageMagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8", "https://github.com/ImageMagick/ImageMagick/issues/143", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1553366", "https://bugzilla.redhat.com/show_bug.cgi?id=1378773", "https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f", "https://github.com/ImageMagick/ImageMagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8", "https://github.com/ImageMagick/ImageMagick/issues/143"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7537"
+imported = 2025-11-25T22:35:59.617Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-19T14:59:00.553Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7537"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7537"
+```
+
+# MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-boun...
+
+MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5d-1j0sm.md b/advisories/published/2025/JLSEC-0000-mntnauc5d-1j0sm.md
new file mode 100644
index 00000000..d1a6aac4
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5d-1j0sm.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5d-1j0sm"
+modified = 2025-11-25T22:35:59.617Z
+upstream = ["CVE-2015-8957"]
+references = ["http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93125", "https://bugzilla.redhat.com/show_bug.cgi?id=1378735", "https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4", "https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a", "https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93125", "https://bugzilla.redhat.com/show_bug.cgi?id=1378735", "https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4", "https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a", "https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8957"
+imported = 2025-11-25T22:35:59.617Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:00.157Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8957"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8957"
+```
+
+# Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of serv...
+
+Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5e-ppzmmj.md b/advisories/published/2025/JLSEC-0000-mntnauc5e-ppzmmj.md
new file mode 100644
index 00000000..b27afbe8
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5e-ppzmmj.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5e-ppzmmj"
+modified = 2025-11-25T22:35:59.618Z
+upstream = ["CVE-2015-8958"]
+references = ["http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93124", "https://bugzilla.redhat.com/show_bug.cgi?id=1378736", "https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f", "https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961", "https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105", "https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93124", "https://bugzilla.redhat.com/show_bug.cgi?id=1378736", "https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f", "https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961", "https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105", "https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8958"
+imported = 2025-11-25T22:35:59.618Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:00.217Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8958"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8958"
+```
+
+# coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service...
+
+coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5f-ci7in.md b/advisories/published/2025/JLSEC-0000-mntnauc5f-ci7in.md
new file mode 100644
index 00000000..7fdf1d73
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5f-ci7in.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5f-ci7in"
+modified = 2025-11-25T22:35:59.619Z
+upstream = ["CVE-2015-8959"]
+references = ["http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93230", "https://bugzilla.redhat.com/show_bug.cgi?id=1378738", "https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110", "https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4", "https://github.com/ImageMagick/ImageMagick/commit/cc2a4d2ba5371d25c58763e4db2dbc1f4691c0f7", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93230", "https://bugzilla.redhat.com/show_bug.cgi?id=1378738", "https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110", "https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4", "https://github.com/ImageMagick/ImageMagick/commit/cc2a4d2ba5371d25c58763e4db2dbc1f4691c0f7"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2015-8959"
+imported = 2025-11-25T22:35:59.619Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:00.263Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2015-8959"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2015-8959"
+```
+
+# coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service...
+
+coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5g-4bw6h3.md b/advisories/published/2025/JLSEC-0000-mntnauc5g-4bw6h3.md
new file mode 100644
index 00000000..f7b9e217
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5g-4bw6h3.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5g-4bw6h3"
+modified = 2025-11-25T22:35:59.620Z
+upstream = ["CVE-2016-5010"]
+references = ["http://git.imagemagick.org/repos/ImageMagick/commit/c20de102cc57f3739a8870f79e728e3b0bea18c0", "https://bugzilla.redhat.com/show_bug.cgi?id=1354500", "https://security.gentoo.org/glsa/201611-21", "http://git.imagemagick.org/repos/ImageMagick/commit/c20de102cc57f3739a8870f79e728e3b0bea18c0", "https://bugzilla.redhat.com/show_bug.cgi?id=1354500", "https://security.gentoo.org/glsa/201611-21"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-5010"
+imported = 2025-11-25T22:35:59.620Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:00.797Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-5010"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-5010"
+```
+
+# coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (ou...
+
+coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5h-1jvgzn8.md b/advisories/published/2025/JLSEC-0000-mntnauc5h-1jvgzn8.md
new file mode 100644
index 00000000..e68ca394
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5h-1jvgzn8.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5h-1jvgzn8"
+modified = 2025-11-25T22:35:59.621Z
+upstream = ["CVE-2016-7514"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93122", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533442", "https://bugzilla.redhat.com/show_bug.cgi?id=1378739", "https://github.com/ImageMagick/ImageMagick/commit/198fffab4daf8aea88badd9c629350e5b26ec32f", "https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1", "https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d", "https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb", "https://github.com/ImageMagick/ImageMagick/issues/83", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93122", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533442", "https://bugzilla.redhat.com/show_bug.cgi?id=1378739", "https://github.com/ImageMagick/ImageMagick/commit/198fffab4daf8aea88badd9c629350e5b26ec32f", "https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1", "https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d", "https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb", "https://github.com/ImageMagick/ImageMagick/issues/83"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7514"
+imported = 2025-11-25T22:35:59.621Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:00.873Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7514"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7514"
+```
+
+# The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a ...
+
+The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5h-1ts5fso.md b/advisories/published/2025/JLSEC-0000-mntnauc5h-1ts5fso.md
new file mode 100644
index 00000000..24763532
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5h-1ts5fso.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5h-1ts5fso"
+modified = 2025-11-25T22:35:59.621Z
+upstream = ["CVE-2016-7513"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93121", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832455", "https://bugzilla.redhat.com/show_bug.cgi?id=1378733", "https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93121", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832455", "https://bugzilla.redhat.com/show_bug.cgi?id=1378733", "https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7513"
+imported = 2025-11-25T22:35:59.621Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:00.827Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7513"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7513"
+```
+
+# Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of servi...
+
+Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5i-vadhp3.md b/advisories/published/2025/JLSEC-0000-mntnauc5i-vadhp3.md
new file mode 100644
index 00000000..4ec8f87b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5i-vadhp3.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5i-vadhp3"
+modified = 2025-11-25T22:35:59.622Z
+upstream = ["CVE-2016-7516"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93129", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533452", "https://bugzilla.redhat.com/show_bug.cgi?id=1378743", "https://github.com/ImageMagick/ImageMagick/issues/77", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93129", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533452", "https://bugzilla.redhat.com/show_bug.cgi?id=1378743", "https://github.com/ImageMagick/ImageMagick/issues/77"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7516"
+imported = 2025-11-25T22:35:59.622Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:00.937Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7516"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7516"
+```
+
+# The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial...
+
+The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5j-rci8v0.md b/advisories/published/2025/JLSEC-0000-mntnauc5j-rci8v0.md
new file mode 100644
index 00000000..316de329
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5j-rci8v0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5j-rci8v0"
+modified = 2025-11-25T22:35:59.623Z
+upstream = ["CVE-2016-7517"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93128", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533449", "https://bugzilla.redhat.com/show_bug.cgi?id=1378744", "https://github.com/ImageMagick/ImageMagick/issues/80", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93128", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533449", "https://bugzilla.redhat.com/show_bug.cgi?id=1378744", "https://github.com/ImageMagick/ImageMagick/issues/80"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7517"
+imported = 2025-11-25T22:35:59.623Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:00.967Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7517"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7517"
+```
+
+# The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial o...
+
+The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5k-1ta0.md b/advisories/published/2025/JLSEC-0000-mntnauc5k-1ta0.md
new file mode 100644
index 00000000..87aa7eba
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5k-1ta0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5k-1ta0"
+modified = 2025-11-25T22:35:59.624Z
+upstream = ["CVE-2016-7518"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93130", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533447", "https://bugzilla.redhat.com/show_bug.cgi?id=1378745", "https://github.com/ImageMagick/ImageMagick/issues/81", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93130", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533447", "https://bugzilla.redhat.com/show_bug.cgi?id=1378745", "https://github.com/ImageMagick/ImageMagick/issues/81"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7518"
+imported = 2025-11-25T22:35:59.624Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.013Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7518"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7518"
+```
+
+# The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial o...
+
+The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5l-1aro2hc.md b/advisories/published/2025/JLSEC-0000-mntnauc5l-1aro2hc.md
new file mode 100644
index 00000000..3385111b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5l-1aro2hc.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5l-1aro2hc"
+modified = 2025-11-25T22:35:59.625Z
+upstream = ["CVE-2016-7520"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537213", "https://bugzilla.redhat.com/show_bug.cgi?id=1378747", "https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556", "https://github.com/ImageMagick/ImageMagick/issues/90", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537213", "https://bugzilla.redhat.com/show_bug.cgi?id=1378747", "https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556", "https://github.com/ImageMagick/ImageMagick/issues/90"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7520"
+imported = 2025-11-25T22:35:59.625Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.060Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7520"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7520"
+```
+
+# Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial ...
+
+Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5l-wz9cwf.md b/advisories/published/2025/JLSEC-0000-mntnauc5l-wz9cwf.md
new file mode 100644
index 00000000..dcaed604
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5l-wz9cwf.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5l-wz9cwf"
+modified = 2025-11-25T22:35:59.625Z
+upstream = ["CVE-2016-7521"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537418", "https://bugzilla.redhat.com/show_bug.cgi?id=1378748", "https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4", "https://github.com/ImageMagick/ImageMagick/issues/92", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537418", "https://bugzilla.redhat.com/show_bug.cgi?id=1378748", "https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4", "https://github.com/ImageMagick/ImageMagick/issues/92"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7521"
+imported = 2025-11-25T22:35:59.625Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.093Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7521"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7521"
+```
+
+# Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial ...
+
+Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5m-7oeo16.md b/advisories/published/2025/JLSEC-0000-mntnauc5m-7oeo16.md
new file mode 100644
index 00000000..05b199fa
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5m-7oeo16.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5m-7oeo16"
+modified = 2025-11-25T22:35:59.626Z
+upstream = ["CVE-2016-7525"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537424", "https://bugzilla.redhat.com/show_bug.cgi?id=1378757", "https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8", "https://github.com/ImageMagick/ImageMagick/issues/98", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537424", "https://bugzilla.redhat.com/show_bug.cgi?id=1378757", "https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8", "https://github.com/ImageMagick/ImageMagick/issues/98"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7525"
+imported = 2025-11-25T22:35:59.626Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.140Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7525"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7525"
+```
+
+# Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial ...
+
+Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5n-975dr8.md b/advisories/published/2025/JLSEC-0000-mntnauc5n-975dr8.md
new file mode 100644
index 00000000..a7c5e9e8
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5n-975dr8.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5n-975dr8"
+modified = 2025-11-25T22:35:59.627Z
+upstream = ["CVE-2016-7526"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/bugs/1539050", "https://bugzilla.redhat.com/show_bug.cgi?id=1378758", "https://github.com/ImageMagick/ImageMagick/commit/998c687fb83993c13fa711d75f59a95b38ceab77", "https://github.com/ImageMagick/ImageMagick/commit/b60d1ed0af37c50b91a40937825b4c61e8458095", "https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7", "https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599", "https://github.com/ImageMagick/ImageMagick/issues/102", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/bugs/1539050", "https://bugzilla.redhat.com/show_bug.cgi?id=1378758", "https://github.com/ImageMagick/ImageMagick/commit/998c687fb83993c13fa711d75f59a95b38ceab77", "https://github.com/ImageMagick/ImageMagick/commit/b60d1ed0af37c50b91a40937825b4c61e8458095", "https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7", "https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599", "https://github.com/ImageMagick/ImageMagick/issues/102"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7526"
+imported = 2025-11-25T22:35:59.627Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.187Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7526"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7526"
+```
+
+# coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds writ...
+
+coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5o-1rarqp0.md b/advisories/published/2025/JLSEC-0000-mntnauc5o-1rarqp0.md
new file mode 100644
index 00000000..8476c0ef
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5o-1rarqp0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5o-1rarqp0"
+modified = 2025-11-25T22:35:59.628Z
+upstream = ["CVE-2016-7527"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93220", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542115", "https://bugzilla.redhat.com/show_bug.cgi?id=1378759", "https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41", "https://github.com/ImageMagick/ImageMagick/commit/b3dd69b23e9338806891c708a0cc8a82c0d1872a", "https://github.com/ImageMagick/ImageMagick/issues/122", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93220", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542115", "https://bugzilla.redhat.com/show_bug.cgi?id=1378759", "https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41", "https://github.com/ImageMagick/ImageMagick/commit/b3dd69b23e9338806891c708a0cc8a82c0d1872a", "https://github.com/ImageMagick/ImageMagick/issues/122"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7527"
+imported = 2025-11-25T22:35:59.628Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.217Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7527"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7527"
+```
+
+# coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read...
+
+coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5p-1fq7ocz.md b/advisories/published/2025/JLSEC-0000-mntnauc5p-1fq7ocz.md
new file mode 100644
index 00000000..59f15446
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5p-1fq7ocz.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5p-1fq7ocz"
+modified = 2025-11-25T22:35:59.629Z
+upstream = ["CVE-2016-7532"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539066", "https://bugzilla.redhat.com/show_bug.cgi?id=1378764", "https://github.com/ImageMagick/ImageMagick/commit/4f2c04ea6673863b87ac7f186cbb0d911f74085c", "https://github.com/ImageMagick/ImageMagick/issues/109", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539066", "https://bugzilla.redhat.com/show_bug.cgi?id=1378764", "https://github.com/ImageMagick/ImageMagick/commit/4f2c04ea6673863b87ac7f186cbb0d911f74085c", "https://github.com/ImageMagick/ImageMagick/issues/109"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7532"
+imported = 2025-11-25T22:35:59.629Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.310Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7532"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7532"
+```
+
+# coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read...
+
+coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5p-5tjcx3.md b/advisories/published/2025/JLSEC-0000-mntnauc5p-5tjcx3.md
new file mode 100644
index 00000000..633433c2
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5p-5tjcx3.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5p-5tjcx3"
+modified = 2025-11-25T22:35:59.629Z
+upstream = ["CVE-2016-7530"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/bugs/1539053", "https://bugs.launchpad.net/bugs/1539067", "https://bugzilla.redhat.com/show_bug.cgi?id=1378762", "https://github.com/ImageMagick/ImageMagick/commit/63346f34f9d19179599b5b256e5e8d3dda46435c", "https://github.com/ImageMagick/ImageMagick/commit/b5ed738f8060266bf4ae521f7e3ed145aa4498a3", "https://github.com/ImageMagick/ImageMagick/commit/c4e63ad30bc42da691f2b5f82a24516dd6b4dc70", "https://github.com/ImageMagick/ImageMagick/issues/105", "https://github.com/ImageMagick/ImageMagick/issues/110", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/bugs/1539053", "https://bugs.launchpad.net/bugs/1539067", "https://bugzilla.redhat.com/show_bug.cgi?id=1378762", "https://github.com/ImageMagick/ImageMagick/commit/63346f34f9d19179599b5b256e5e8d3dda46435c", "https://github.com/ImageMagick/ImageMagick/commit/b5ed738f8060266bf4ae521f7e3ed145aa4498a3", "https://github.com/ImageMagick/ImageMagick/commit/c4e63ad30bc42da691f2b5f82a24516dd6b4dc70", "https://github.com/ImageMagick/ImageMagick/issues/105", "https://github.com/ImageMagick/ImageMagick/issues/110"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7530"
+imported = 2025-11-25T22:35:59.629Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.263Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7530"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7530"
+```
+
+# The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divid...
+
+The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5q-1g08ek2.md b/advisories/published/2025/JLSEC-0000-mntnauc5q-1g08ek2.md
new file mode 100644
index 00000000..431f44b8
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5q-1g08ek2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5q-1g08ek2"
+modified = 2025-11-25T22:35:59.630Z
+upstream = ["CVE-2016-7534"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542785", "https://bugzilla.redhat.com/show_bug.cgi?id=1378767", "https://github.com/ImageMagick/ImageMagick/commit/430403b0029b37decf216d57f810899cab2317dd", "https://github.com/ImageMagick/ImageMagick/issues/126", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542785", "https://bugzilla.redhat.com/show_bug.cgi?id=1378767", "https://github.com/ImageMagick/ImageMagick/commit/430403b0029b37decf216d57f810899cab2317dd", "https://github.com/ImageMagick/ImageMagick/issues/126"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7534"
+imported = 2025-11-25T22:35:59.630Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.357Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7534"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7534"
+```
+
+# The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-boun...
+
+The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5r-byxzck.md b/advisories/published/2025/JLSEC-0000-mntnauc5r-byxzck.md
new file mode 100644
index 00000000..45520bdc
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5r-byxzck.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5r-byxzck"
+modified = 2025-11-25T22:35:59.631Z
+upstream = ["CVE-2016-7535"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545180", "https://bugzilla.redhat.com/show_bug.cgi?id=1378768", "https://github.com/ImageMagick/ImageMagick/issues/128", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545180", "https://bugzilla.redhat.com/show_bug.cgi?id=1378768", "https://github.com/ImageMagick/ImageMagick/issues/128"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7535"
+imported = 2025-11-25T22:35:59.631Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.390Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7535"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7535"
+```
+
+# coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds writ...
+
+coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5s-1dbi2y0.md b/advisories/published/2025/JLSEC-0000-mntnauc5s-1dbi2y0.md
new file mode 100644
index 00000000..e5ca7cbd
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5s-1dbi2y0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5s-1dbi2y0"
+modified = 2025-11-25T22:35:59.632Z
+upstream = ["CVE-2016-7536"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93225", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545367", "https://bugzilla.redhat.com/show_bug.cgi?id=1378772", "https://github.com/ImageMagick/ImageMagick/commit/02dadf116124cfba35d7ebd9ced3e5ad0be0f176", "https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453", "https://github.com/ImageMagick/ImageMagick/issues/130", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93225", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545367", "https://bugzilla.redhat.com/show_bug.cgi?id=1378772", "https://github.com/ImageMagick/ImageMagick/commit/02dadf116124cfba35d7ebd9ced3e5ad0be0f176", "https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453", "https://github.com/ImageMagick/ImageMagick/issues/130"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7536"
+imported = 2025-11-25T22:35:59.632Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.437Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7536"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7536"
+```
+
+# magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation f...
+
+magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5s-m8rm9m.md b/advisories/published/2025/JLSEC-0000-mntnauc5s-m8rm9m.md
new file mode 100644
index 00000000..4d8e8cb6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5s-m8rm9m.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5s-m8rm9m"
+modified = 2025-11-25T22:35:59.632Z
+upstream = ["CVE-2016-7538"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1556273", "https://bugzilla.redhat.com/show_bug.cgi?id=1378775", "https://github.com/ImageMagick/ImageMagick/commit/82e2049862a8b8a999e160734ad64fb6cc3b145f", "https://github.com/ImageMagick/ImageMagick/issues/148", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93131", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1556273", "https://bugzilla.redhat.com/show_bug.cgi?id=1378775", "https://github.com/ImageMagick/ImageMagick/commit/82e2049862a8b8a999e160734ad64fb6cc3b145f", "https://github.com/ImageMagick/ImageMagick/issues/148"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7538"
+imported = 2025-11-25T22:35:59.632Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.483Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7538"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7538"
+```
+
+# coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds writ...
+
+coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc5t-5zd950.md b/advisories/published/2025/JLSEC-0000-mntnauc5t-5zd950.md
new file mode 100644
index 00000000..b2457be9
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc5t-5zd950.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc5t-5zd950"
+modified = 2025-11-25T22:35:59.633Z
+upstream = ["CVE-2016-7540"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93228", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1594060", "https://bugzilla.redhat.com/show_bug.cgi?id=1378777", "https://github.com/ImageMagick/ImageMagick/commit/a0108a892f9ea3c2bb1e7a49b7d71376c2ecbff7", "https://github.com/ImageMagick/ImageMagick/pull/223", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93228", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1594060", "https://bugzilla.redhat.com/show_bug.cgi?id=1378777", "https://github.com/ImageMagick/ImageMagick/commit/a0108a892f9ea3c2bb1e7a49b7d71376c2ecbff7", "https://github.com/ImageMagick/ImageMagick/pull/223"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7540"
+imported = 2025-11-25T22:35:59.633Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-04-20T18:59:01.530Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7540"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7540"
+```
+
+# coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (as...
+
+coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc68-3dzdgv.md b/advisories/published/2025/JLSEC-0000-mntnauc68-3dzdgv.md
new file mode 100644
index 00000000..5e3d1090
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc68-3dzdgv.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc68-3dzdgv"
+modified = 2025-11-25T22:35:59.648Z
+upstream = ["CVE-2017-9098"]
+references = ["http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c", "http://www.debian.org/security/2017/dsa-3863", "http://www.securityfocus.com/bid/98593", "https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b", "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html", "https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html", "http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c", "http://www.debian.org/security/2017/dsa-3863", "http://www.securityfocus.com/bid/98593", "https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b", "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html", "https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-9098"
+imported = 2025-11-25T22:35:59.648Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-05-19T19:29:00.307Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-9098"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-9098"
+```
+
+# ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE deco...
+
+ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc6q-6vancm.md b/advisories/published/2025/JLSEC-0000-mntnauc6q-6vancm.md
new file mode 100644
index 00000000..c963339e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc6q-6vancm.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc6q-6vancm"
+modified = 2025-11-25T22:35:59.666Z
+upstream = ["CVE-2017-11352"]
+references = ["http://www.securityfocus.com/bid/99600", "https://bugs.debian.org/868469", "https://github.com/ImageMagick/ImageMagick/issues/502", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4040", "http://www.securityfocus.com/bid/99600", "https://bugs.debian.org/868469", "https://github.com/ImageMagick/ImageMagick/issues/502", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4040"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11352"
+imported = 2025-11-25T22:35:59.666Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-17T13:18:21.267Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11352"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11352"
+```
+
+# In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF han...
+
+In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc6s-hhl77h.md b/advisories/published/2025/JLSEC-0000-mntnauc6s-hhl77h.md
new file mode 100644
index 00000000..09769b76
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc6s-hhl77h.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc6s-hhl77h"
+modified = 2025-11-25T22:35:59.668Z
+upstream = ["CVE-2017-11447"]
+references = ["http://www.securityfocus.com/bid/99948", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867897", "https://github.com/ImageMagick/ImageMagick/commit/72a50e400d98d7a2fd610caedfeb9af043dc5582", "https://github.com/ImageMagick/ImageMagick/issues/556", "http://www.securityfocus.com/bid/99948", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867897", "https://github.com/ImageMagick/ImageMagick/commit/72a50e400d98d7a2fd610caedfeb9af043dc5582", "https://github.com/ImageMagick/ImageMagick/issues/556"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11447"
+imported = 2025-11-25T22:35:59.668Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-19T07:29:00.470Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11447"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11447"
+```
+
+# The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory lea...
+
+The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc6u-bdjj52.md b/advisories/published/2025/JLSEC-0000-mntnauc6u-bdjj52.md
new file mode 100644
index 00000000..30644ef8
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc6u-bdjj52.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc6u-bdjj52"
+modified = 2025-11-25T22:35:59.670Z
+upstream = ["CVE-2017-11448"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867893", "https://github.com/ImageMagick/ImageMagick/commit/f6463ca9588579633bbaed9460899d892aa3c64a", "https://github.com/ImageMagick/ImageMagick/issues/556", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867893", "https://github.com/ImageMagick/ImageMagick/commit/f6463ca9588579633bbaed9460899d892aa3c64a", "https://github.com/ImageMagick/ImageMagick/issues/556"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11448"
+imported = 2025-11-25T22:35:59.670Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-19T07:29:00.517Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11448"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11448"
+```
+
+# The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to...
+
+The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc6v-1ngji1w.md b/advisories/published/2025/JLSEC-0000-mntnauc6v-1ngji1w.md
new file mode 100644
index 00000000..eaf5261d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc6v-1ngji1w.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc6v-1ngji1w"
+modified = 2025-11-25T22:35:59.671Z
+upstream = ["CVE-2017-11449"]
+references = ["http://www.securityfocus.com/bid/99958", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867896", "https://github.com/ImageMagick/ImageMagick/commit/529ff26b68febb2ac03062c58452ea0b4c6edbc1", "https://github.com/ImageMagick/ImageMagick/commit/b007dd3a048097d8f58949297f5b434612e1e1a3", "https://github.com/ImageMagick/ImageMagick/issues/556", "http://www.securityfocus.com/bid/99958", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867896", "https://github.com/ImageMagick/ImageMagick/commit/529ff26b68febb2ac03062c58452ea0b4c6edbc1", "https://github.com/ImageMagick/ImageMagick/commit/b007dd3a048097d8f58949297f5b434612e1e1a3", "https://github.com/ImageMagick/ImageMagick/issues/556"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11449"
+imported = 2025-11-25T22:35:59.671Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-19T07:29:00.550Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11449"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11449"
+```
+
+# coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate...
+
+coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc6w-1vei0mp.md b/advisories/published/2025/JLSEC-0000-mntnauc6w-1vei0mp.md
new file mode 100644
index 00000000..5880ca18
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc6w-1vei0mp.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc6w-1vei0mp"
+modified = 2025-11-25T22:35:59.672Z
+upstream = ["CVE-2017-11450"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867894", "https://github.com/ImageMagick/ImageMagick/commit/948356eec65aea91995d4b7cc487d197d2c5f602", "https://github.com/ImageMagick/ImageMagick/issues/556", "https://security-tracker.debian.org/tracker/CVE-2017-11450", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867894", "https://github.com/ImageMagick/ImageMagick/commit/948356eec65aea91995d4b7cc487d197d2c5f602", "https://github.com/ImageMagick/ImageMagick/issues/556", "https://security-tracker.debian.org/tracker/CVE-2017-11450"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11450"
+imported = 2025-11-25T22:35:59.672Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-19T07:29:00.580Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11450"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11450"
+```
+
+# coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (ap...
+
+coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc7s-bi2cap.md b/advisories/published/2025/JLSEC-0000-mntnauc7s-bi2cap.md
new file mode 100644
index 00000000..2405a533
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc7s-bi2cap.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc7s-bi2cap"
+modified = 2025-11-25T22:35:59.704Z
+upstream = ["CVE-2017-11478"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826", "https://github.com/ImageMagick/ImageMagick/issues/528", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826", "https://github.com/ImageMagick/ImageMagick/issues/528"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11478"
+imported = 2025-11-25T22:35:59.704Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-20T16:29:00.177Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11478"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11478"
+```
+
+# The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-...
+
+The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc8u-lhz2av.md b/advisories/published/2025/JLSEC-0000-mntnauc8u-lhz2av.md
new file mode 100644
index 00000000..ffaff68d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc8u-lhz2av.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc8u-lhz2av"
+modified = 2025-11-25T22:35:59.742Z
+upstream = ["CVE-2017-11505"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867824", "https://github.com/ImageMagick/ImageMagick/issues/526", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867824", "https://github.com/ImageMagick/ImageMagick/issues/526"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11505"
+imported = 2025-11-25T22:35:59.742Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-21T16:29:00.253Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11505"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11505"
+```
+
+# The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 ...
+
+The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauc9n-sqo9y2.md b/advisories/published/2025/JLSEC-0000-mntnauc9n-sqo9y2.md
new file mode 100644
index 00000000..d9266575
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauc9n-sqo9y2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauc9n-sqo9y2"
+modified = 2025-11-25T22:35:59.771Z
+upstream = ["CVE-2017-11522"]
+references = ["https://bugs.debian.org/869209", "https://github.com/ImageMagick/ImageMagick/commit/816ecab6c532ae086ff4186b3eaf4aa7092d536f", "https://github.com/ImageMagick/ImageMagick/issues/586", "https://bugs.debian.org/869209", "https://github.com/ImageMagick/ImageMagick/commit/816ecab6c532ae086ff4186b3eaf4aa7092d536f", "https://github.com/ImageMagick/ImageMagick/issues/586"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11522"
+imported = 2025-11-25T22:35:59.771Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-22T21:29:00.180Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11522"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11522"
+```
+
+# The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1...
+
+The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucaf-id1te6.md b/advisories/published/2025/JLSEC-0000-mntnaucaf-id1te6.md
new file mode 100644
index 00000000..386f421d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucaf-id1te6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucaf-id1te6"
+modified = 2025-11-25T22:35:59.799Z
+upstream = ["CVE-2017-11523"]
+references = ["https://bugs.debian.org/869210", "https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078", "https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78", "https://github.com/ImageMagick/ImageMagick/issues/591", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://www.debian.org/security/2017/dsa-4019", "https://bugs.debian.org/869210", "https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078", "https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78", "https://github.com/ImageMagick/ImageMagick/issues/591", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://www.debian.org/security/2017/dsa-4019"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11523"
+imported = 2025-11-25T22:35:59.799Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-22T21:29:00.227Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11523"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11523"
+```
+
+# The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 all...
+
+The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucba-abt0ct.md b/advisories/published/2025/JLSEC-0000-mntnaucba-abt0ct.md
new file mode 100644
index 00000000..2a92de66
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucba-abt0ct.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucba-abt0ct"
+modified = 2025-11-25T22:35:59.830Z
+upstream = ["CVE-2017-11524"]
+references = ["http://www.securityfocus.com/bid/99934", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867798", "https://github.com/ImageMagick/ImageMagick/issues/506", "http://www.securityfocus.com/bid/99934", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867798", "https://github.com/ImageMagick/ImageMagick/issues/506"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11524"
+imported = 2025-11-25T22:35:59.830Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-23T03:29:00.267Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11524"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11524"
+```
+
+# The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 al...
+
+The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucc2-185w093.md b/advisories/published/2025/JLSEC-0000-mntnaucc2-185w093.md
new file mode 100644
index 00000000..b06fbd02
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucc2-185w093.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucc2-185w093"
+modified = 2025-11-25T22:35:59.858Z
+upstream = ["CVE-2017-11525"]
+references = ["http://www.securityfocus.com/bid/99931", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867810", "https://github.com/ImageMagick/ImageMagick/issues/519", "http://www.securityfocus.com/bid/99931", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867810", "https://github.com/ImageMagick/ImageMagick/issues/519"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11525"
+imported = 2025-11-25T22:35:59.858Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-23T03:29:00.313Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11525"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11525"
+```
+
+# The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allow...
+
+The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauccw-z32g9g.md b/advisories/published/2025/JLSEC-0000-mntnauccw-z32g9g.md
new file mode 100644
index 00000000..720cd02d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauccw-z32g9g.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauccw-z32g9g"
+modified = 2025-11-25T22:35:59.888Z
+upstream = ["CVE-2017-11526"]
+references = ["http://www.securityfocus.com/bid/99932", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867825", "https://github.com/ImageMagick/ImageMagick/issues/527", "http://www.securityfocus.com/bid/99932", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867825", "https://github.com/ImageMagick/ImageMagick/issues/527"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11526"
+imported = 2025-11-25T22:35:59.888Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-23T03:29:00.343Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11526"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11526"
+```
+
+# The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 al...
+
+The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucdt-1xx5xjg.md b/advisories/published/2025/JLSEC-0000-mntnaucdt-1xx5xjg.md
new file mode 100644
index 00000000..3a2fea37
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucdt-1xx5xjg.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucdt-1xx5xjg"
+modified = 2025-11-25T22:35:59.921Z
+upstream = ["CVE-2017-11527"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867812", "https://github.com/ImageMagick/ImageMagick/issues/523", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867812", "https://github.com/ImageMagick/ImageMagick/issues/523"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11527"
+imported = 2025-11-25T22:35:59.921Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-23T03:29:00.390Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11527"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11527"
+```
+
+# The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allow...
+
+The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucel-10xlwxj.md b/advisories/published/2025/JLSEC-0000-mntnaucel-10xlwxj.md
new file mode 100644
index 00000000..b259ca28
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucel-10xlwxj.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucel-10xlwxj"
+modified = 2025-11-25T22:35:59.949Z
+upstream = ["CVE-2017-11528"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867811", "https://github.com/ImageMagick/ImageMagick/issues/522", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867811", "https://github.com/ImageMagick/ImageMagick/issues/522"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11528"
+imported = 2025-11-25T22:35:59.949Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-23T03:29:00.407Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11528"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11528"
+```
+
+# The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allow...
+
+The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucfe-11bydaz.md b/advisories/published/2025/JLSEC-0000-mntnaucfe-11bydaz.md
new file mode 100644
index 00000000..f5ce6f9f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucfe-11bydaz.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucfe-11bydaz"
+modified = 2025-11-25T22:35:59.978Z
+upstream = ["CVE-2017-11529"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867823", "https://github.com/ImageMagick/ImageMagick/issues/525", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867823", "https://github.com/ImageMagick/ImageMagick/issues/525"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11529"
+imported = 2025-11-25T22:35:59.978Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-23T03:29:00.453Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11529"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11529"
+```
+
+# The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allow...
+
+The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucg8-1syr9y5.md b/advisories/published/2025/JLSEC-0000-mntnaucg8-1syr9y5.md
new file mode 100644
index 00000000..d49b0444
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucg8-1syr9y5.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucg8-1syr9y5"
+modified = 2025-11-25T22:36:00.008Z
+upstream = ["CVE-2017-11530"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867821", "https://github.com/ImageMagick/ImageMagick/issues/524", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867821", "https://github.com/ImageMagick/ImageMagick/issues/524"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11530"
+imported = 2025-11-25T22:36:00.008Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-23T03:29:00.483Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11530"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11530"
+```
+
+# The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allow...
+
+The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucgg-yrfh56.md b/advisories/published/2025/JLSEC-0000-mntnaucgg-yrfh56.md
new file mode 100644
index 00000000..84ee4c18
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucgg-yrfh56.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucgg-yrfh56"
+modified = 2025-11-25T22:36:00.016Z
+upstream = ["CVE-2016-7539"]
+references = ["http://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=28946", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93232", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833101", "https://bugzilla.redhat.com/show_bug.cgi?id=1378776", "https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c", "http://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=28946", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "http://www.securityfocus.com/bid/93232", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833101", "https://bugzilla.redhat.com/show_bug.cgi?id=1378776", "https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7539"
+imported = 2025-11-25T22:36:00.016Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-25T14:29:00.253Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7539"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7539"
+```
+
+# Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denia...
+
+Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauche-ofj8ek.md b/advisories/published/2025/JLSEC-0000-mntnauche-ofj8ek.md
new file mode 100644
index 00000000..2721fdee
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauche-ofj8ek.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauche-ofj8ek"
+modified = 2025-11-25T22:36:00.050Z
+upstream = ["CVE-2017-11724"]
+references = ["http://www.securityfocus.com/bid/104597", "https://github.com/ImageMagick/ImageMagick/issues/624", "https://security.gentoo.org/glsa/201711-07", "http://www.securityfocus.com/bid/104597", "https://github.com/ImageMagick/ImageMagick/issues/624", "https://security.gentoo.org/glsa/201711-07"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11724"
+imported = 2025-11-25T22:36:00.050Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-29T05:29:00.203Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11724"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11724"
+```
+
+# The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has...
+
+The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauchf-1lpqqpu.md b/advisories/published/2025/JLSEC-0000-mntnauchf-1lpqqpu.md
new file mode 100644
index 00000000..2b6f0cc1
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauchf-1lpqqpu.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauchf-1lpqqpu"
+modified = 2025-11-25T22:36:00.051Z
+upstream = ["CVE-2017-11750"]
+references = ["https://github.com/ImageMagick/ImageMagick/issues/632", "https://github.com/ImageMagick/ImageMagick/issues/632"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-11750"
+imported = 2025-11-25T22:36:00.051Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-07-30T17:29:00.303Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-11750"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-11750"
+```
+
+# The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attack...
+
+The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucif-1p10ark.md b/advisories/published/2025/JLSEC-0000-mntnaucif-1p10ark.md
new file mode 100644
index 00000000..421d3d09
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucif-1p10ark.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucif-1p10ark"
+modified = 2025-11-25T22:36:00.087Z
+upstream = ["CVE-2017-12427"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/e793eb203e5e0f91f5037aed6585e81b1e27395b", "https://github.com/ImageMagick/ImageMagick/issues/636", "https://security.gentoo.org/glsa/201711-07", "https://github.com/ImageMagick/ImageMagick/commit/e793eb203e5e0f91f5037aed6585e81b1e27395b", "https://github.com/ImageMagick/ImageMagick/issues/636", "https://security.gentoo.org/glsa/201711-07"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-12427"
+imported = 2025-11-25T22:36:00.087Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-04T09:29:00.283Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-12427"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-12427"
+```
+
+# The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 a...
+
+The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauciu-1iey9cx.md b/advisories/published/2025/JLSEC-0000-mntnauciu-1iey9cx.md
new file mode 100644
index 00000000..cacbde2c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauciu-1iey9cx.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauciu-1iey9cx"
+modified = 2025-11-25T22:36:00.102Z
+upstream = ["CVE-2014-9827"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=69490f5cffbda612e15a2985699455bb0b45e276", "https://bugzilla.redhat.com/show_bug.cgi?id=1343483", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=69490f5cffbda612e15a2985699455bb0b45e276", "https://bugzilla.redhat.com/show_bug.cgi?id=1343483"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9827"
+imported = 2025-11-25T22:36:00.102Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-07T20:29:00.293Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9827"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9827"
+```
+
+# coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm fil...
+
+coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauciv-1dsaq70.md b/advisories/published/2025/JLSEC-0000-mntnauciv-1dsaq70.md
new file mode 100644
index 00000000..4d27640c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauciv-1dsaq70.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauciv-1dsaq70"
+modified = 2025-11-25T22:36:00.103Z
+upstream = ["CVE-2014-9828"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=460547be494cc8c039b99b65e64a1fa2eb08ab5c", "https://bugzilla.redhat.com/show_bug.cgi?id=1343484", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=460547be494cc8c039b99b65e64a1fa2eb08ab5c", "https://bugzilla.redhat.com/show_bug.cgi?id=1343484"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9828"
+imported = 2025-11-25T22:36:00.103Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-07T20:29:00.323Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9828"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9828"
+```
+
+# coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd fil...
+
+coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauciw-1jbghny.md b/advisories/published/2025/JLSEC-0000-mntnauciw-1jbghny.md
new file mode 100644
index 00000000..3e5111f0
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauciw-1jbghny.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauciw-1jbghny"
+modified = 2025-11-25T22:36:00.104Z
+upstream = ["CVE-2014-9830"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f", "https://bugzilla.redhat.com/show_bug.cgi?id=1343486", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f", "https://bugzilla.redhat.com/show_bug.cgi?id=1343486"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9830"
+imported = 2025-11-25T22:36:00.104Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-07T20:29:00.370Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9830"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9830"
+```
+
+# coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun f...
+
+coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauciw-vvcnpl.md b/advisories/published/2025/JLSEC-0000-mntnauciw-vvcnpl.md
new file mode 100644
index 00000000..40c0dfff
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauciw-vvcnpl.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauciw-vvcnpl"
+modified = 2025-11-25T22:36:00.104Z
+upstream = ["CVE-2014-9831"]
+references = ["http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f", "https://bugzilla.redhat.com/show_bug.cgi?id=1343487", "http://www.openwall.com/lists/oss-security/2016/06/02/13", "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f", "https://bugzilla.redhat.com/show_bug.cgi?id=1343487"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-9831"
+imported = 2025-11-25T22:36:00.104Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-07T20:29:00.403Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-9831"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-9831"
+```
+
+# coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg f...
+
+coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucka-16fxnw0.md b/advisories/published/2025/JLSEC-0000-mntnaucka-16fxnw0.md
new file mode 100644
index 00000000..16cd6c95
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucka-16fxnw0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucka-16fxnw0"
+modified = 2025-11-25T22:36:00.154Z
+upstream = ["CVE-2017-13139"]
+references = ["http://www.securityfocus.com/bid/100494", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870109", "https://github.com/ImageMagick/ImageMagick/commit/d072ed6aff835c174e856ce3a428163c0da9e8f4", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4019", "https://www.debian.org/security/2017/dsa-4040", "http://www.securityfocus.com/bid/100494", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870109", "https://github.com/ImageMagick/ImageMagick/commit/d072ed6aff835c174e856ce3a428163c0da9e8f4", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4019", "https://www.debian.org/security/2017/dsa-4040"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13139"
+imported = 2025-11-25T22:36:00.154Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-23T06:29:00.183Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13139"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13139"
+```
+
+# In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c h...
+
+In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucl5-jpnfn0.md b/advisories/published/2025/JLSEC-0000-mntnaucl5-jpnfn0.md
new file mode 100644
index 00000000..990df1b6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucl5-jpnfn0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucl5-jpnfn0"
+modified = 2025-11-25T22:36:00.185Z
+upstream = ["CVE-2017-13140"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870111", "https://github.com/ImageMagick/ImageMagick/issues/596", "https://security.gentoo.org/glsa/201711-07", "https://www.debian.org/security/2017/dsa-4019", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870111", "https://github.com/ImageMagick/ImageMagick/issues/596", "https://security.gentoo.org/glsa/201711-07", "https://www.debian.org/security/2017/dsa-4019"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13140"
+imported = 2025-11-25T22:36:00.185Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-23T06:29:00.230Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13140"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13140"
+```
+
+# In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c a...
+
+In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucm4-ka79mm.md b/advisories/published/2025/JLSEC-0000-mntnaucm4-ka79mm.md
new file mode 100644
index 00000000..98a85dff
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucm4-ka79mm.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucm4-ka79mm"
+modified = 2025-11-25T22:36:00.220Z
+upstream = ["CVE-2017-13141"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870116", "https://github.com/ImageMagick/ImageMagick/issues/600", "https://security.gentoo.org/glsa/201711-07", "https://www.debian.org/security/2017/dsa-4019", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870116", "https://github.com/ImageMagick/ImageMagick/issues/600", "https://security.gentoo.org/glsa/201711-07", "https://www.debian.org/security/2017/dsa-4019"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13141"
+imported = 2025-11-25T22:36:00.220Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-23T06:29:00.277Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13141"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13141"
+```
+
+# In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ...
+
+In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucmx-8y8tr.md b/advisories/published/2025/JLSEC-0000-mntnaucmx-8y8tr.md
new file mode 100644
index 00000000..a0d8ad30
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucmx-8y8tr.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucmx-8y8tr"
+modified = 2025-11-25T22:36:00.249Z
+upstream = ["CVE-2017-13142"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870105", "https://github.com/ImageMagick/ImageMagick/commit/46e3aabbf8d59a1bdebdbb65acb9b9e0484577d3", "https://github.com/ImageMagick/ImageMagick/commit/aa84944b405acebbeefe871d0f64969b9e9f31ac", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4019", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870105", "https://github.com/ImageMagick/ImageMagick/commit/46e3aabbf8d59a1bdebdbb65acb9b9e0484577d3", "https://github.com/ImageMagick/ImageMagick/commit/aa84944b405acebbeefe871d0f64969b9e9f31ac", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4019"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13142"
+imported = 2025-11-25T22:36:00.249Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-23T06:29:00.307Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13142"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13142"
+```
+
+# In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash becau...
+
+In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucnj-5stwam.md b/advisories/published/2025/JLSEC-0000-mntnaucnj-5stwam.md
new file mode 100644
index 00000000..46497be7
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucnj-5stwam.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucnj-5stwam"
+modified = 2025-11-25T22:36:00.271Z
+upstream = ["CVE-2017-13143"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870012", "https://github.com/ImageMagick/ImageMagick/commit/51b0ae01709adc1e4a9245e158ef17b85a110960", "https://github.com/ImageMagick/ImageMagick/issues/362", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4019", "https://www.debian.org/security/2018/dsa-4204", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870012", "https://github.com/ImageMagick/ImageMagick/commit/51b0ae01709adc1e4a9245e158ef17b85a110960", "https://github.com/ImageMagick/ImageMagick/issues/362", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4019", "https://www.debian.org/security/2018/dsa-4204"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13143"
+imported = 2025-11-25T22:36:00.271Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-23T06:29:00.340Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13143"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13143"
+```
+
+# In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses...
+
+In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucnk-ilq839.md b/advisories/published/2025/JLSEC-0000-mntnaucnk-ilq839.md
new file mode 100644
index 00000000..55e4f6b4
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucnk-ilq839.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucnk-ilq839"
+modified = 2025-11-25T22:36:00.272Z
+upstream = ["CVE-2017-13144"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869728", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4019", "https://www.debian.org/security/2017/dsa-4040", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31438", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869728", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4019", "https://www.debian.org/security/2017/dsa-4040", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31438"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13144"
+imported = 2025-11-25T22:36:00.272Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-23T06:29:00.370Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13144"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13144"
+```
+
+# In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" erro...
+
+In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucoc-1s5mnd3.md b/advisories/published/2025/JLSEC-0000-mntnaucoc-1s5mnd3.md
new file mode 100644
index 00000000..83701e8b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucoc-1s5mnd3.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucoc-1s5mnd3"
+modified = 2025-11-25T22:36:00.300Z
+upstream = ["CVE-2017-13145"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869830", "https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa", "https://github.com/ImageMagick/ImageMagick/commit/f13c6b54a879aaa771ec64b5a066b939e8f8e7f0", "https://github.com/ImageMagick/ImageMagick/issues/501", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4019", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869830", "https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa", "https://github.com/ImageMagick/ImageMagick/commit/f13c6b54a879aaa771ec64b5a066b939e8f8e7f0", "https://github.com/ImageMagick/ImageMagick/issues/501", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4019"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13145"
+imported = 2025-11-25T22:36:00.300Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-23T06:29:00.400Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13145"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13145"
+```
+
+# In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does...
+
+In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucp5-1vgc3i1.md b/advisories/published/2025/JLSEC-0000-mntnaucp5-1vgc3i1.md
new file mode 100644
index 00000000..fa16569b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucp5-1vgc3i1.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucp5-1vgc3i1"
+modified = 2025-11-25T22:36:00.329Z
+upstream = ["CVE-2017-13146"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870013", "https://github.com/ImageMagick/ImageMagick/commit/79e5dbcdd1fc2f714f9bae548bc55d5073f3ed20", "https://security.gentoo.org/glsa/201711-07", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870013", "https://github.com/ImageMagick/ImageMagick/commit/79e5dbcdd1fc2f714f9bae548bc55d5073f3ed20", "https://security.gentoo.org/glsa/201711-07"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13146"
+imported = 2025-11-25T22:36:00.329Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-23T06:29:00.447Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13146"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13146"
+```
+
+# In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage fun...
+
+In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucpz-xzrfu1.md b/advisories/published/2025/JLSEC-0000-mntnaucpz-xzrfu1.md
new file mode 100644
index 00000000..1675037b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucpz-xzrfu1.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucpz-xzrfu1"
+modified = 2025-11-25T22:36:00.359Z
+upstream = ["CVE-2017-13658"]
+references = ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870019", "https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89", "https://github.com/ImageMagick/ImageMagick/issues/598", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870019", "https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89", "https://github.com/ImageMagick/ImageMagick/issues/598", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13658"
+imported = 2025-11-25T22:36:00.359Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-24T06:29:00.193Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13658"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13658"
+```
+
+# In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATIm...
+
+In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucq1-gfr7sf.md b/advisories/published/2025/JLSEC-0000-mntnaucq1-gfr7sf.md
new file mode 100644
index 00000000..44cf312e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucq1-gfr7sf.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucq1-gfr7sf"
+modified = 2025-11-25T22:36:00.361Z
+upstream = ["CVE-2017-12877"]
+references = ["http://www.openwall.com/lists/oss-security/2017/08/16/2", "https://blogs.gentoo.org/ago/2017/08/10/imagemagick-use-after-free-in-destroyimage-image-c/", "https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4040", "https://www.debian.org/security/2017/dsa-4074", "http://www.openwall.com/lists/oss-security/2017/08/16/2", "https://blogs.gentoo.org/ago/2017/08/10/imagemagick-use-after-free-in-destroyimage-image-c/", "https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4040", "https://www.debian.org/security/2017/dsa-4074"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-12877"
+imported = 2025-11-25T22:36:00.361Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-28T19:29:00.790Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-12877"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-12877"
+```
+
+# Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 a...
+
+Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucq4-ahc2y8.md b/advisories/published/2025/JLSEC-0000-mntnaucq4-ahc2y8.md
new file mode 100644
index 00000000..2e48861f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucq4-ahc2y8.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucq4-ahc2y8"
+modified = 2025-11-25T22:36:00.364Z
+upstream = ["CVE-2017-13768"]
+references = ["http://www.securityfocus.com/bid/100569", "https://github.com/ImageMagick/ImageMagick/issues/706", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "http://www.securityfocus.com/bid/100569", "https://github.com/ImageMagick/ImageMagick/issues/706", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13768"
+imported = 2025-11-25T22:36:00.364Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-30T09:29:00.560Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13768"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13768"
+```
+
+# Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick throu...
+
+Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucq6-14iewpm.md b/advisories/published/2025/JLSEC-0000-mntnaucq6-14iewpm.md
new file mode 100644
index 00000000..99b43c9b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucq6-14iewpm.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucq6-14iewpm"
+modified = 2025-11-25T22:36:00.366Z
+upstream = ["CVE-2017-13769"]
+references = ["https://github.com/ImageMagick/ImageMagick/issues/705", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4032", "https://www.debian.org/security/2017/dsa-4040", "https://github.com/ImageMagick/ImageMagick/issues/705", "https://security.gentoo.org/glsa/201711-07", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4032", "https://www.debian.org/security/2017/dsa-4040"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-13769"
+imported = 2025-11-25T22:36:00.366Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-08-30T09:29:00.590Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-13769"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-13769"
+```
+
+# The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an att...
+
+The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucr5-1ta8mm2.md b/advisories/published/2025/JLSEC-0000-mntnaucr5-1ta8mm2.md
new file mode 100644
index 00000000..1daac33f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucr5-1ta8mm2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucr5-1ta8mm2"
+modified = 2025-11-25T22:36:00.401Z
+upstream = ["CVE-2017-17499"]
+references = ["http://www.securityfocus.com/bid/102155", "https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc", "https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4074", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=33078&sid=5fbb164c3830293138917f9b14264ed1", "http://www.securityfocus.com/bid/102155", "https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc", "https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4074", "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=33078&sid=5fbb164c3830293138917f9b14264ed1"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-17499"
+imported = 2025-11-25T22:36:00.401Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-12-11T02:29:00.650Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-17499"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-17499"
+```
+
+# ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in M...
+
+ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucr6-1vg105k.md b/advisories/published/2025/JLSEC-0000-mntnaucr6-1vg105k.md
new file mode 100644
index 00000000..0e808b13
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucr6-1vg105k.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucr6-1vg105k"
+modified = 2025-11-25T22:36:00.402Z
+upstream = ["CVE-2017-17504"]
+references = ["https://github.com/ImageMagick/ImageMagick/issues/872", "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4074", "https://www.debian.org/security/2018/dsa-4204", "https://github.com/ImageMagick/ImageMagick/issues/872", "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html", "https://usn.ubuntu.com/3681-1/", "https://www.debian.org/security/2017/dsa-4074", "https://www.debian.org/security/2018/dsa-4204"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-17504"
+imported = 2025-11-25T22:36:00.402Z
+modified = 2025-04-20T01:37:25.860Z
+published = 2017-12-11T02:29:00.840Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-17504"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-17504"
+```
+
+# ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-re...
+
+ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucrj-fyc8vb.md b/advisories/published/2025/JLSEC-0000-mntnaucrj-fyc8vb.md
new file mode 100644
index 00000000..6d64e971
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucrj-fyc8vb.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucrj-fyc8vb"
+modified = 2025-11-25T22:36:00.415Z
+upstream = ["CVE-2017-1000445"]
+references = ["http://www.securityfocus.com/bid/102368", "https://github.com/ImageMagick/ImageMagick/issues/775", "https://lists.debian.org/debian-lts-announce/2018/01/msg00002.html", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html", "https://usn.ubuntu.com/3681-1/", "http://www.securityfocus.com/bid/102368", "https://github.com/ImageMagick/ImageMagick/issues/775", "https://lists.debian.org/debian-lts-announce/2018/01/msg00002.html", "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html", "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html", "https://usn.ubuntu.com/3681-1/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2017-1000445"
+imported = 2025-11-25T22:36:00.415Z
+modified = 2024-11-21T03:04:45.087Z
+published = 2018-01-02T15:29:00.263Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2017-1000445"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2017-1000445"
+```
+
+# ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore c...
+
+ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucrr-1m3jaq8.md b/advisories/published/2025/JLSEC-0000-mntnaucrr-1m3jaq8.md
new file mode 100644
index 00000000..62b89e27
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucrr-1m3jaq8.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucrr-1m3jaq8"
+modified = 2025-11-25T22:36:00.423Z
+upstream = ["CVE-2018-6405"]
+references = ["https://github.com/ImageMagick/ImageMagick/issues/964", "https://usn.ubuntu.com/3681-1/", "https://github.com/ImageMagick/ImageMagick/issues/964", "https://usn.ubuntu.com/3681-1/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2018-6405"
+imported = 2025-11-25T22:36:00.423Z
+modified = 2024-11-21T04:10:38.827Z
+published = 2018-01-30T21:29:00.353Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2018-6405"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2018-6405"
+```
+
+# In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, ...
+
+In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauctq-1ep8v0r.md b/advisories/published/2025/JLSEC-0000-mntnauctq-1ep8v0r.md
new file mode 100644
index 00000000..da8d636f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauctq-1ep8v0r.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauctq-1ep8v0r"
+modified = 2025-11-25T22:36:00.494Z
+upstream = ["CVE-2018-16323"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786", "https://usn.ubuntu.com/3785-1/", "https://usn.ubuntu.com/4034-1/", "https://www.exploit-db.com/exploits/45890/", "https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786", "https://usn.ubuntu.com/3785-1/", "https://usn.ubuntu.com/4034-1/", "https://www.exploit-db.com/exploits/45890/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2018-16323"
+imported = 2025-11-25T22:36:00.494Z
+modified = 2024-11-21T03:52:31.107Z
+published = 2018-09-01T18:29:01.053Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2018-16323"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2018-16323"
+```
+
+# ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing...
+
+ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauctq-1xmsbez.md b/advisories/published/2025/JLSEC-0000-mntnauctq-1xmsbez.md
new file mode 100644
index 00000000..4bf51f41
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauctq-1xmsbez.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauctq-1xmsbez"
+modified = 2025-11-25T22:36:00.494Z
+upstream = ["CVE-2018-16328"]
+references = ["https://github.com/ImageMagick/ImageMagick/issues/1224", "https://github.com/ImageMagick/ImageMagick/issues/1224"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2018-16328"
+imported = 2025-11-25T22:36:00.494Z
+modified = 2024-11-21T03:52:31.837Z
+published = 2018-09-01T22:29:00.500Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2018-16328"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2018-16328"
+```
+
+# In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function i...
+
+In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauctr-1rc0y2d.md b/advisories/published/2025/JLSEC-0000-mntnauctr-1rc0y2d.md
new file mode 100644
index 00000000..3100e730
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauctr-1rc0y2d.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauctr-1rc0y2d"
+modified = 2025-11-25T22:36:00.495Z
+upstream = ["CVE-2018-16329"]
+references = ["https://github.com/ImageMagick/ImageMagick/issues/1225", "https://github.com/ImageMagick/ImageMagick/issues/1225"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2018-16329"
+imported = 2025-11-25T22:36:00.495Z
+modified = 2024-11-21T03:52:31.973Z
+published = 2018-09-01T22:29:00.640Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2018-16329"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2018-16329"
+```
+
+# In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function i...
+
+In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucty-1jd9pih.md b/advisories/published/2025/JLSEC-0000-mntnaucty-1jd9pih.md
new file mode 100644
index 00000000..9e4c8790
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucty-1jd9pih.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucty-1jd9pih"
+modified = 2025-11-25T22:36:00.502Z
+upstream = ["CVE-2018-16749"]
+references = ["https://github.com/ImageMagick/ImageMagick/issues/1119", "https://github.com/ImageMagick/ImageMagick6/commit/1007b98f8795ad4bea6bc5f68a32d83e982fdae4", "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html", "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html", "https://usn.ubuntu.com/3785-1/", "https://github.com/ImageMagick/ImageMagick/issues/1119", "https://github.com/ImageMagick/ImageMagick6/commit/1007b98f8795ad4bea6bc5f68a32d83e982fdae4", "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html", "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html", "https://usn.ubuntu.com/3785-1/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2018-16749"
+imported = 2025-11-25T22:36:00.502Z
+modified = 2024-11-21T03:53:17.207Z
+published = 2018-09-09T15:29:00.220Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2018-16749"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2018-16749"
+```
+
+# In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows ...
+
+In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauctz-162swwq.md b/advisories/published/2025/JLSEC-0000-mntnauctz-162swwq.md
new file mode 100644
index 00000000..16455411
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauctz-162swwq.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauctz-162swwq"
+modified = 2025-11-25T22:36:00.503Z
+upstream = ["CVE-2018-16750"]
+references = ["http://www.securityfocus.com/bid/108492", "https://github.com/ImageMagick/ImageMagick/issues/1118", "https://usn.ubuntu.com/3785-1/", "http://www.securityfocus.com/bid/108492", "https://github.com/ImageMagick/ImageMagick/issues/1118", "https://usn.ubuntu.com/3785-1/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2018-16750"
+imported = 2025-11-25T22:36:00.503Z
+modified = 2024-11-21T03:53:17.367Z
+published = 2018-09-09T15:29:00.377Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2018-16750"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2018-16750"
+```
+
+# In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/me...
+
+In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucu7-13rpmr7.md b/advisories/published/2025/JLSEC-0000-mntnaucu7-13rpmr7.md
new file mode 100644
index 00000000..6f827a03
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucu7-13rpmr7.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucu7-13rpmr7"
+modified = 2025-11-25T22:36:00.511Z
+upstream = ["CVE-2018-20467"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "http://www.securityfocus.com/bid/106315", "https://github.com/ImageMagick/ImageMagick/commit/db0add932fb850d762b02604ca3053b7d7ab6deb", "https://github.com/ImageMagick/ImageMagick/issues/1408", "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html", "https://usn.ubuntu.com/4034-1/", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "http://www.securityfocus.com/bid/106315", "https://github.com/ImageMagick/ImageMagick/commit/db0add932fb850d762b02604ca3053b7d7ab6deb", "https://github.com/ImageMagick/ImageMagick/issues/1408", "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html", "https://usn.ubuntu.com/4034-1/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2018-20467"
+imported = 2025-11-25T22:36:00.511Z
+modified = 2024-11-21T04:01:32.737Z
+published = 2018-12-26T03:29:00.240Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2018-20467"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2018-20467"
+```
+
+# In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and han...
+
+In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucu8-rxxs2j.md b/advisories/published/2025/JLSEC-0000-mntnaucu8-rxxs2j.md
new file mode 100644
index 00000000..8d1b1309
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucu8-rxxs2j.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucu8-rxxs2j"
+modified = 2025-11-25T22:36:00.512Z
+upstream = ["CVE-2019-7395"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "http://www.securityfocus.com/bid/106850", "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", "https://github.com/ImageMagick/ImageMagick/issues/1451", "https://usn.ubuntu.com/4034-1/", "https://www.debian.org/security/2020/dsa-4712", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "http://www.securityfocus.com/bid/106850", "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", "https://github.com/ImageMagick/ImageMagick/issues/1451", "https://usn.ubuntu.com/4034-1/", "https://www.debian.org/security/2020/dsa-4712"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-7395"
+imported = 2025-11-25T22:36:00.512Z
+modified = 2024-11-21T04:48:08.530Z
+published = 2019-02-05T00:29:00.400Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-7395"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-7395"
+```
+
+# In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.
+
+In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucu9-pcsubc.md b/advisories/published/2025/JLSEC-0000-mntnaucu9-pcsubc.md
new file mode 100644
index 00000000..08d9e32d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucu9-pcsubc.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucu9-pcsubc"
+modified = 2025-11-25T22:36:00.513Z
+upstream = ["CVE-2019-7396"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://www.securityfocus.com/bid/106849", "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", "https://github.com/ImageMagick/ImageMagick/issues/1452", "https://usn.ubuntu.com/4034-1/", "https://www.debian.org/security/2020/dsa-4712", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://www.securityfocus.com/bid/106849", "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", "https://github.com/ImageMagick/ImageMagick/issues/1452", "https://usn.ubuntu.com/4034-1/", "https://www.debian.org/security/2020/dsa-4712"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-7396"
+imported = 2025-11-25T22:36:00.513Z
+modified = 2024-11-21T04:48:08.690Z
+published = 2019-02-05T00:29:00.447Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-7396"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-7396"
+```
+
+# In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.
+
+In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucub-1y26d8h.md b/advisories/published/2025/JLSEC-0000-mntnaucub-1y26d8h.md
new file mode 100644
index 00000000..56681535
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucub-1y26d8h.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucub-1y26d8h"
+modified = 2025-11-25T22:36:00.515Z
+upstream = ["CVE-2019-7397"]
+references = ["http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "http://www.securityfocus.com/bid/106847", "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", "https://github.com/ImageMagick/ImageMagick/issues/1454", "https://usn.ubuntu.com/4034-1/", "https://www.debian.org/security/2020/dsa-4712", "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "http://www.securityfocus.com/bid/106847", "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", "https://github.com/ImageMagick/ImageMagick/issues/1454", "https://usn.ubuntu.com/4034-1/", "https://www.debian.org/security/2020/dsa-4712"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-7397"
+imported = 2025-11-25T22:36:00.515Z
+modified = 2024-11-21T04:48:08.860Z
+published = 2019-02-05T00:29:00.510Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-7397"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-7397"
+```
+
+# In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in Writ...
+
+In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucuc-vhe0bq.md b/advisories/published/2025/JLSEC-0000-mntnaucuc-vhe0bq.md
new file mode 100644
index 00000000..c4357d82
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucuc-vhe0bq.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucuc-vhe0bq"
+modified = 2025-11-25T22:36:00.516Z
+upstream = ["CVE-2019-7398"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "http://www.securityfocus.com/bid/106848", "https://github.com/ImageMagick/ImageMagick/issues/1453", "https://usn.ubuntu.com/4034-1/", "https://www.debian.org/security/2020/dsa-4712", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "http://www.securityfocus.com/bid/106848", "https://github.com/ImageMagick/ImageMagick/issues/1453", "https://usn.ubuntu.com/4034-1/", "https://www.debian.org/security/2020/dsa-4712"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-7398"
+imported = 2025-11-25T22:36:00.516Z
+modified = 2024-11-21T04:48:09.020Z
+published = 2019-02-05T00:29:00.570Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-7398"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-7398"
+```
+
+# In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.
+
+In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucue-zt9ggz.md b/advisories/published/2025/JLSEC-0000-mntnaucue-zt9ggz.md
new file mode 100644
index 00000000..0f01765c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucue-zt9ggz.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucue-zt9ggz"
+modified = 2025-11-25T22:36:00.518Z
+upstream = ["CVE-2019-7175"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", "https://github.com/ImageMagick/ImageMagick/issues/1450", "https://usn.ubuntu.com/4034-1/", "https://www.debian.org/security/2020/dsa-4712", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", "https://github.com/ImageMagick/ImageMagick/issues/1450", "https://usn.ubuntu.com/4034-1/", "https://www.debian.org/security/2020/dsa-4712"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-7175"
+imported = 2025-11-25T22:36:00.518Z
+modified = 2024-11-21T04:47:43.430Z
+published = 2019-03-07T23:29:01.597Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-7175"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-7175"
+```
+
+# In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.
+
+In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucuh-1501x12.md b/advisories/published/2025/JLSEC-0000-mntnaucuh-1501x12.md
new file mode 100644
index 00000000..dc5df7d4
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucuh-1501x12.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucuh-1501x12"
+modified = 2025-11-25T22:36:00.521Z
+upstream = ["CVE-2019-10714"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/07eebcd72f45c8fd7563d3f9ec5d2bed48f65f36", "https://github.com/ImageMagick/ImageMagick/commit/58d9c46929ca0828edde34d263700c3a5fe8dc3c", "https://github.com/ImageMagick/ImageMagick/commit/edc7d3035883ddca8413e4fe7689aa2e579ef04a", "https://github.com/ImageMagick/ImageMagick/issues/1495", "https://github.com/ImageMagick/ImageMagick/commit/07eebcd72f45c8fd7563d3f9ec5d2bed48f65f36", "https://github.com/ImageMagick/ImageMagick/commit/58d9c46929ca0828edde34d263700c3a5fe8dc3c", "https://github.com/ImageMagick/ImageMagick/commit/edc7d3035883ddca8413e4fe7689aa2e579ef04a", "https://github.com/ImageMagick/ImageMagick/issues/1495"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-10714"
+imported = 2025-11-25T22:36:00.521Z
+modified = 2024-11-21T04:19:47.490Z
+published = 2019-04-02T21:29:00.250Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-10714"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-10714"
+```
+
+# LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, l...
+
+LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucul-1cleaje.md b/advisories/published/2025/JLSEC-0000-mntnaucul-1cleaje.md
new file mode 100644
index 00000000..30e153a4
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucul-1cleaje.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucul-1cleaje"
+modified = 2025-11-25T22:36:00.525Z
+upstream = ["CVE-2019-10131"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html", "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", "http://www.securityfocus.com/bid/108117", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10131", "https://github.com/ImageMagick/ImageMagick/commit/cb1214c124e1bd61f7dd551b94a794864861592e", "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html", "https://usn.ubuntu.com/4034-1/", "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html", "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", "http://www.securityfocus.com/bid/108117", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10131", "https://github.com/ImageMagick/ImageMagick/commit/cb1214c124e1bd61f7dd551b94a794864861592e", "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html", "https://usn.ubuntu.com/4034-1/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-10131"
+imported = 2025-11-25T22:36:00.525Z
+modified = 2024-11-21T04:18:28.863Z
+published = 2019-04-30T19:29:03.717Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-10131"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-10131"
+```
+
+# An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the format...
+
+An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucuu-1k83cbb.md b/advisories/published/2025/JLSEC-0000-mntnaucuu-1k83cbb.md
new file mode 100644
index 00000000..6e07edab
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucuu-1k83cbb.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucuu-1k83cbb"
+modified = 2025-11-25T22:36:00.534Z
+upstream = ["CVE-2019-13135"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", "https://github.com/ImageMagick/ImageMagick/issues/1599", "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html", "https://support.f5.com/csp/article/K20336394", "https://support.f5.com/csp/article/K20336394?utm_source=f5support&%3Butm_medium=RSS", "https://usn.ubuntu.com/4192-1/", "https://www.debian.org/security/2020/dsa-4712", "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", "https://github.com/ImageMagick/ImageMagick/issues/1599", "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html", "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html", "https://support.f5.com/csp/article/K20336394", "https://support.f5.com/csp/article/K20336394?utm_source=f5support&%3Butm_medium=RSS", "https://usn.ubuntu.com/4192-1/", "https://www.debian.org/security/2020/dsa-4712"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-13135"
+imported = 2025-11-25T22:36:00.534Z
+modified = 2024-11-21T04:24:16.150Z
+published = 2019-07-01T20:15:11.337Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-13135"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-13135"
+```
+
+# ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUT...
+
+ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucuv-rmuxpm.md b/advisories/published/2025/JLSEC-0000-mntnaucuv-rmuxpm.md
new file mode 100644
index 00000000..1ebd6190
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucuv-rmuxpm.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucuv-rmuxpm"
+modified = 2025-11-25T22:36:00.535Z
+upstream = ["CVE-2019-13136"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", "https://github.com/ImageMagick/ImageMagick/commit/fe5f4b85e6b1b54d3b4588a77133c06ade46d891", "https://github.com/ImageMagick/ImageMagick/issues/1602", "https://support.f5.com/csp/article/K03512441?utm_source=f5support&%3Butm_medium=RSS", "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", "https://github.com/ImageMagick/ImageMagick/commit/fe5f4b85e6b1b54d3b4588a77133c06ade46d891", "https://github.com/ImageMagick/ImageMagick/issues/1602", "https://support.f5.com/csp/article/K03512441?utm_source=f5support&%3Butm_medium=RSS"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-13136"
+imported = 2025-11-25T22:36:00.535Z
+modified = 2024-11-21T04:24:16.360Z
+published = 2019-07-01T20:15:11.417Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-13136"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-13136"
+```
+
+# ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStre...
+
+ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucuw-2sypee.md b/advisories/published/2025/JLSEC-0000-mntnaucuw-2sypee.md
new file mode 100644
index 00000000..fd451d6f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucuw-2sypee.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucuw-2sypee"
+modified = 2025-11-25T22:36:00.536Z
+upstream = ["CVE-2019-13137"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", "https://github.com/ImageMagick/ImageMagick/issues/1601", "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b", "https://usn.ubuntu.com/4192-1/", "https://www.debian.org/security/2020/dsa-4712", "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", "https://github.com/ImageMagick/ImageMagick/issues/1601", "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b", "https://usn.ubuntu.com/4192-1/", "https://www.debian.org/security/2020/dsa-4712"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-13137"
+imported = 2025-11-25T22:36:00.536Z
+modified = 2024-11-21T04:24:16.507Z
+published = 2019-07-01T20:15:11.493Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-13137"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-13137"
+```
+
+# ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps...
+
+ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvc-6nz6wv.md b/advisories/published/2025/JLSEC-0000-mntnaucvc-6nz6wv.md
new file mode 100644
index 00000000..92a9e180
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvc-6nz6wv.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvc-6nz6wv"
+modified = 2025-11-25T22:36:00.552Z
+upstream = ["CVE-2019-14980"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "https://github.com/ImageMagick/ImageMagick/commit/c5d012a46ae22be9444326aa37969a3f75daa3ba", "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-41...7.0.8-42", "https://github.com/ImageMagick/ImageMagick6/commit/614a257295bdcdeda347086761062ac7658b6830", "https://github.com/ImageMagick/ImageMagick6/issues/43", "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "https://github.com/ImageMagick/ImageMagick/commit/c5d012a46ae22be9444326aa37969a3f75daa3ba", "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-41...7.0.8-42", "https://github.com/ImageMagick/ImageMagick6/commit/614a257295bdcdeda347086761062ac7658b6830", "https://github.com/ImageMagick/ImageMagick6/issues/43"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-14980"
+imported = 2025-11-25T22:36:00.552Z
+modified = 2024-11-21T04:27:48.970Z
+published = 2019-08-12T23:15:11.493Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-14980"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-14980"
+```
+
+# In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability...
+
+In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvd-1jkcahp.md b/advisories/published/2025/JLSEC-0000-mntnaucvd-1jkcahp.md
new file mode 100644
index 00000000..b7b4e8fb
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvd-1jkcahp.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvd-1jkcahp"
+modified = 2025-11-25T22:36:00.553Z
+upstream = ["CVE-2019-14981"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", "https://github.com/ImageMagick/ImageMagick/issues/1552", "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html", "https://usn.ubuntu.com/4192-1/", "https://www.debian.org/security/2020/dsa-4712", "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", "https://github.com/ImageMagick/ImageMagick/issues/1552", "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html", "https://usn.ubuntu.com/4192-1/", "https://www.debian.org/security/2020/dsa-4712"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-14981"
+imported = 2025-11-25T22:36:00.553Z
+modified = 2024-11-21T04:27:49.150Z
+published = 2019-08-12T23:15:11.600Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-14981"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-14981"
+```
+
+# In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability...
+
+In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvl-12yfp84.md b/advisories/published/2025/JLSEC-0000-mntnaucvl-12yfp84.md
new file mode 100644
index 00000000..61923cf5
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvl-12yfp84.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvl-12yfp84"
+modified = 2025-11-25T22:36:00.561Z
+upstream = ["CVE-2019-17540"]
+references = ["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578", "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54", "https://github.com/ImageMagick/ImageMagick/compare/master%40%7B2019-07-15%7D...master%40%7B2019-07-17%7D", "https://security-tracker.debian.org/tracker/CVE-2019-17540", "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578", "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54", "https://github.com/ImageMagick/ImageMagick/compare/master%40%7B2019-07-15%7D...master%40%7B2019-07-17%7D", "https://security-tracker.debian.org/tracker/CVE-2019-17540"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = [">= 6.9.12+0, < 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-17540"
+imported = 2025-11-25T22:36:00.561Z
+modified = 2024-11-21T04:32:29.023Z
+published = 2019-10-14T02:15:10.607Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-17540"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-17540"
+```
+
+# ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
+
+ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvm-fznskv.md b/advisories/published/2025/JLSEC-0000-mntnaucvm-fznskv.md
new file mode 100644
index 00000000..eaec9ff0
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvm-fznskv.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvm-fznskv"
+modified = 2025-11-25T22:36:00.562Z
+upstream = ["CVE-2019-17541"]
+references = ["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827", "https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493", "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55", "https://github.com/ImageMagick/ImageMagick/issues/1641", "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827", "https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493", "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55", "https://github.com/ImageMagick/ImageMagick/issues/1641"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-17541"
+imported = 2025-11-25T22:36:00.562Z
+modified = 2024-11-21T04:32:29.170Z
+published = 2019-10-14T02:15:10.703Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-17541"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-17541"
+```
+
+# ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because...
+
+ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvn-17nd8ve.md b/advisories/published/2025/JLSEC-0000-mntnaucvn-17nd8ve.md
new file mode 100644
index 00000000..71da2491
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvn-17nd8ve.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvn-17nd8ve"
+modified = 2025-11-25T22:36:00.563Z
+upstream = ["CVE-2019-17547"]
+references = ["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537", "https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397", "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62", "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537", "https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397", "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-17547"
+imported = 2025-11-25T22:36:00.563Z
+modified = 2024-11-21T04:32:30.127Z
+published = 2019-10-14T02:15:11.170Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-17547"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-17547"
+```
+
+# In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
+
+In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvp-cx2oi3.md b/advisories/published/2025/JLSEC-0000-mntnaucvp-cx2oi3.md
new file mode 100644
index 00000000..08b33f46
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvp-cx2oi3.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvp-cx2oi3"
+modified = 2025-11-25T22:36:00.565Z
+upstream = ["CVE-2014-8561"]
+references = ["http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html", "http://seclists.org/fulldisclosure/2014/Nov/1", "http://www.openwall.com/lists/oss-security/2014/10/31/3", "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2014-8561", "https://security-tracker.debian.org/tracker/CVE-2014-8561", "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html", "http://seclists.org/fulldisclosure/2014/Nov/1", "http://www.openwall.com/lists/oss-security/2014/10/31/3", "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2014-8561", "https://security-tracker.debian.org/tracker/CVE-2014-8561"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-8561"
+imported = 2025-11-25T22:36:00.565Z
+modified = 2024-11-21T02:19:20.493Z
+published = 2019-12-15T22:15:11.997Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-8561"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-8561"
+```
+
+# imagemagick 6.8.9.6 has remote DOS via infinite loop
+
+imagemagick 6.8.9.6 has remote DOS via infinite loop
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvr-1r44mxt.md b/advisories/published/2025/JLSEC-0000-mntnaucvr-1r44mxt.md
new file mode 100644
index 00000000..4861f31e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvr-1r44mxt.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvr-1r44mxt"
+modified = 2025-11-25T22:36:00.567Z
+upstream = ["CVE-2019-19949"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", "https://github.com/ImageMagick/ImageMagick/issues/1561", "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html", "https://usn.ubuntu.com/4549-1/", "https://www.debian.org/security/2020/dsa-4712", "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", "https://github.com/ImageMagick/ImageMagick/issues/1561", "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html", "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html", "https://usn.ubuntu.com/4549-1/", "https://www.debian.org/security/2020/dsa-4712"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2019-19949"
+imported = 2025-11-25T22:36:00.567Z
+modified = 2024-11-21T04:35:43.490Z
+published = 2019-12-24T01:15:11.327Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-19949"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-19949"
+```
+
+# In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of...
+
+In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvs-n4icah.md b/advisories/published/2025/JLSEC-0000-mntnaucvs-n4icah.md
new file mode 100644
index 00000000..ccc04f35
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvs-n4icah.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvs-n4icah"
+modified = 2025-11-25T22:36:00.568Z
+upstream = ["CVE-2016-7523"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537420", "https://bugzilla.redhat.com/show_bug.cgi?id=1378754", "https://github.com/ImageMagick/ImageMagick/issues/94", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537420", "https://bugzilla.redhat.com/show_bug.cgi?id=1378754", "https://github.com/ImageMagick/ImageMagick/issues/94"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7523"
+imported = 2025-11-25T22:36:00.568Z
+modified = 2024-11-21T02:58:08.640Z
+published = 2020-02-06T14:15:10.737Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7523"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7523"
+```
+
+# coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds rea...
+
+coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvt-iq6lvx.md b/advisories/published/2025/JLSEC-0000-mntnaucvt-iq6lvx.md
new file mode 100644
index 00000000..dcf1110e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvt-iq6lvx.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvt-iq6lvx"
+modified = 2025-11-25T22:36:00.569Z
+upstream = ["CVE-2016-7524"]
+references = ["http://www.openwall.com/lists/oss-security/2016/09/22/2", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537422", "https://bugzilla.redhat.com/show_bug.cgi?id=1378762", "https://github.com/ImageMagick/ImageMagick/commit/97c9f438a9b3454d085895f4d1f66389fd22a0fb", "https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6", "https://github.com/ImageMagick/ImageMagick/issues/96", "http://www.openwall.com/lists/oss-security/2016/09/22/2", "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537422", "https://bugzilla.redhat.com/show_bug.cgi?id=1378762", "https://github.com/ImageMagick/ImageMagick/commit/97c9f438a9b3454d085895f4d1f66389fd22a0fb", "https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6", "https://github.com/ImageMagick/ImageMagick/issues/96"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2016-7524"
+imported = 2025-11-25T22:36:00.569Z
+modified = 2024-11-21T02:58:08.750Z
+published = 2020-02-06T14:15:10.830Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2016-7524"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2016-7524"
+```
+
+# coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds rea...
+
+coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvu-1rn5ipv.md b/advisories/published/2025/JLSEC-0000-mntnaucvu-1rn5ipv.md
new file mode 100644
index 00000000..68e60c62
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvu-1rn5ipv.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvu-1rn5ipv"
+modified = 2025-11-25T22:36:00.570Z
+upstream = ["CVE-2014-1958"]
+references = ["http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html", "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html", "http://trac.imagemagick.org/changeset/14801", "http://ubuntu.com/usn/usn-2132-1", "http://www.openwall.com/lists/oss-security/2014/02/13/2", "http://www.openwall.com/lists/oss-security/2014/02/13/5", "https://www.openwall.com/lists/oss-security/2014/02/19/13", "http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html", "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html", "http://trac.imagemagick.org/changeset/14801", "http://ubuntu.com/usn/usn-2132-1", "http://www.openwall.com/lists/oss-security/2014/02/13/2", "http://www.openwall.com/lists/oss-security/2014/02/13/5", "https://www.openwall.com/lists/oss-security/2014/02/19/13"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-1958"
+imported = 2025-11-25T22:36:00.570Z
+modified = 2024-11-21T02:05:21.043Z
+published = 2020-02-06T15:15:10.483Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-1958"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-1958"
+```
+
+# Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might ...
+
+Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvu-2wka8v.md b/advisories/published/2025/JLSEC-0000-mntnaucvu-2wka8v.md
new file mode 100644
index 00000000..f2759263
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvu-2wka8v.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvu-2wka8v"
+modified = 2025-11-25T22:36:00.570Z
+upstream = ["CVE-2014-2030"]
+references = ["http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html", "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html", "http://ubuntu.com/usn/usn-2132-1", "http://www.openwall.com/lists/oss-security/2014/02/12/2", "http://www.openwall.com/lists/oss-security/2014/02/13/5", "http://www.openwall.com/lists/oss-security/2014/02/19/13", "https://bugzilla.redhat.com/show_bug.cgi?id=1064098", "https://web.archive.org/web/20090120112751/http://trac.imagemagick.org/changeset/13736", "http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html", "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html", "http://ubuntu.com/usn/usn-2132-1", "http://www.openwall.com/lists/oss-security/2014/02/12/2", "http://www.openwall.com/lists/oss-security/2014/02/13/5", "http://www.openwall.com/lists/oss-security/2014/02/19/13", "https://bugzilla.redhat.com/show_bug.cgi?id=1064098", "https://web.archive.org/web/20090120112751/http://trac.imagemagick.org/changeset/13736"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-2030"
+imported = 2025-11-25T22:36:00.570Z
+modified = 2024-11-21T02:05:29.753Z
+published = 2020-02-06T15:15:10.637Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-2030"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-2030"
+```
+
+# Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6...
+
+Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvv-11yv9q.md b/advisories/published/2025/JLSEC-0000-mntnaucvv-11yv9q.md
new file mode 100644
index 00000000..561ea461
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvv-11yv9q.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvv-11yv9q"
+modified = 2025-11-25T22:36:00.571Z
+upstream = ["CVE-2014-1947"]
+references = ["http://www.openwall.com/lists/oss-security/2014/02/12/13", "http://www.openwall.com/lists/oss-security/2014/02/12/2", "http://www.openwall.com/lists/oss-security/2014/02/13/2", "http://www.openwall.com/lists/oss-security/2014/02/13/5", "http://www.openwall.com/lists/oss-security/2014/02/19/13", "https://bugzilla.redhat.com/show_bug.cgi?id=1064098", "https://www.suse.com/support/update/announcement/2014/suse-su-20140359-1.html", "http://www.openwall.com/lists/oss-security/2014/02/12/13", "http://www.openwall.com/lists/oss-security/2014/02/12/2", "http://www.openwall.com/lists/oss-security/2014/02/13/2", "http://www.openwall.com/lists/oss-security/2014/02/13/5", "http://www.openwall.com/lists/oss-security/2014/02/19/13", "https://bugzilla.redhat.com/show_bug.cgi?id=1064098", "https://www.suse.com/support/update/announcement/2014/suse-su-20140359-1.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2014-1947"
+imported = 2025-11-25T22:36:00.571Z
+modified = 2024-11-21T02:05:19.997Z
+published = 2020-02-17T21:15:12.570Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2014-1947"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2014-1947"
+```
+
+# Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and e...
+
+Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucvz-1f3dnxp.md b/advisories/published/2025/JLSEC-0000-mntnaucvz-1f3dnxp.md
new file mode 100644
index 00000000..b04117cc
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucvz-1f3dnxp.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucvz-1f3dnxp"
+modified = 2025-11-25T22:36:00.575Z
+upstream = ["CVE-2020-27759"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894238", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894238", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27759"
+imported = 2025-11-25T22:36:00.575Z
+modified = 2024-11-21T05:21:46.667Z
+published = 2020-12-03T17:15:12.707Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27759"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27759"
+```
+
+# In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned...
+
+In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucw4-10mk0dz.md b/advisories/published/2025/JLSEC-0000-mntnaucw4-10mk0dz.md
new file mode 100644
index 00000000..f97527cd
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucw4-10mk0dz.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucw4-10mk0dz"
+modified = 2025-11-25T22:36:00.580Z
+upstream = ["CVE-2020-27760"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894239", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894239", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27760"
+imported = 2025-11-25T22:36:00.580Z
+modified = 2024-11-21T05:21:46.817Z
+published = 2020-12-03T17:15:12.770Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27760"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27760"
+```
+
+# In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger...
+
+In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciprocal()` to prevent the divide-by-zero from occurring. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucw5-112dos5.md b/advisories/published/2025/JLSEC-0000-mntnaucw5-112dos5.md
new file mode 100644
index 00000000..72a5594d
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucw5-112dos5.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucw5-112dos5"
+modified = 2025-11-25T22:36:00.581Z
+upstream = ["CVE-2020-27761"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894679", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894679", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27761"
+imported = 2025-11-25T22:36:00.581Z
+modified = 2024-11-21T05:21:46.963Z
+published = 2020-12-03T17:15:12.847Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27761"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27761"
+```
+
+# WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could l...
+
+WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instead to avoid this issue. Red Hat Product Security marked the Severity as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to ImageMagick 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucw7-oazmhf.md b/advisories/published/2025/JLSEC-0000-mntnaucw7-oazmhf.md
new file mode 100644
index 00000000..970dee6f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucw7-oazmhf.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucw7-oazmhf"
+modified = 2025-11-25T22:36:00.583Z
+upstream = ["CVE-2020-27762"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894680", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894680", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27762"
+imported = 2025-11-25T22:36:00.583Z
+modified = 2024-11-21T05:21:47.110Z
+published = 2020-12-03T17:15:12.910Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27762"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27762"
+```
+
+# A flaw was found in ImageMagick in coders/hdr.c
+
+A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucw8-6mz6uz.md b/advisories/published/2025/JLSEC-0000-mntnaucw8-6mz6uz.md
new file mode 100644
index 00000000..d01f8f2b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucw8-6mz6uz.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucw8-6mz6uz"
+modified = 2025-11-25T22:36:00.584Z
+upstream = ["CVE-2020-27763"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894682", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894682", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27763"
+imported = 2025-11-25T22:36:00.584Z
+modified = 2024-11-21T05:21:47.250Z
+published = 2020-12-03T17:15:12.973Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27763"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27763"
+```
+
+# A flaw was found in ImageMagick in MagickCore/resize.c
+
+A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucw9-1cu1gmc.md b/advisories/published/2025/JLSEC-0000-mntnaucw9-1cu1gmc.md
new file mode 100644
index 00000000..936d2d69
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucw9-1cu1gmc.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucw9-1cu1gmc"
+modified = 2025-11-25T22:36:00.585Z
+upstream = ["CVE-2020-27764"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894683", "https://github.com/ImageMagick/ImageMagick6/commit/3e21bc8a58b4ae38d24c7e283837cc279f35b6a5", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894683", "https://github.com/ImageMagick/ImageMagick6/commit/3e21bc8a58b4ae38d24c7e283837cc279f35b6a5", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27764"
+imported = 2025-11-25T22:36:00.585Z
+modified = 2024-11-21T05:21:47.390Z
+published = 2020-12-03T17:15:13.037Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27764"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27764"
+```
+
+# In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast s...
+
+In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 6.9.10-69.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwa-z2h3fk.md b/advisories/published/2025/JLSEC-0000-mntnaucwa-z2h3fk.md
new file mode 100644
index 00000000..3ad736b8
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwa-z2h3fk.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwa-z2h3fk"
+modified = 2025-11-25T22:36:00.586Z
+upstream = ["CVE-2020-27765"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894684", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894684", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27765"
+imported = 2025-11-25T22:36:00.586Z
+modified = 2024-11-21T05:21:47.537Z
+published = 2020-12-04T15:15:10.427Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27765"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27765"
+```
+
+# A flaw was found in ImageMagick in MagickCore/segment.c
+
+A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwb-1tb032i.md b/advisories/published/2025/JLSEC-0000-mntnaucwb-1tb032i.md
new file mode 100644
index 00000000..8996566a
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwb-1tb032i.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwb-1tb032i"
+modified = 2025-11-25T22:36:00.587Z
+upstream = ["CVE-2020-27766"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894686", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894686", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27766"
+imported = 2025-11-25T22:36:00.587Z
+modified = 2024-11-21T05:21:47.677Z
+published = 2020-12-04T15:15:10.567Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27766"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27766"
+```
+
+# A flaw was found in ImageMagick in MagickCore/statistic.c
+
+A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-69.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwc-13unsn6.md b/advisories/published/2025/JLSEC-0000-mntnaucwc-13unsn6.md
new file mode 100644
index 00000000..9188a41a
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwc-13unsn6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwc-13unsn6"
+modified = 2025-11-25T22:36:00.588Z
+upstream = ["CVE-2020-27767"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894687", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894687", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27767"
+imported = 2025-11-25T22:36:00.588Z
+modified = 2024-11-21T05:21:47.810Z
+published = 2020-12-04T15:15:10.627Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27767"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27767"
+```
+
+# A flaw was found in ImageMagick in MagickCore/quantum.h
+
+A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwe-zhag3q.md b/advisories/published/2025/JLSEC-0000-mntnaucwe-zhag3q.md
new file mode 100644
index 00000000..8df93116
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwe-zhag3q.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwe-zhag3q"
+modified = 2025-11-25T22:36:00.590Z
+upstream = ["CVE-2020-27770"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894691", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894691", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27770"
+imported = 2025-11-25T22:36:00.590Z
+modified = 2024-11-21T05:21:48.180Z
+published = 2020-12-04T15:15:10.707Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27770"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27770"
+```
+
+# Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in...
+
+Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwf-1ivb7hb.md b/advisories/published/2025/JLSEC-0000-mntnaucwf-1ivb7hb.md
new file mode 100644
index 00000000..c7f59aa6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwf-1ivb7hb.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwf-1ivb7hb"
+modified = 2025-11-25T22:36:00.591Z
+upstream = ["CVE-2020-27771"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1898290", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1898290", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27771"
+imported = 2025-11-25T22:36:00.591Z
+modified = 2024-11-21T05:21:48.293Z
+published = 2020-12-04T15:15:10.787Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27771"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27771"
+```
+
+# In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could...
+
+In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefined behavior could be triggered when ImageMagick processes a crafted pdf file. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was demonstrated in this case. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwg-1k4hb3z.md b/advisories/published/2025/JLSEC-0000-mntnaucwg-1k4hb3z.md
new file mode 100644
index 00000000..964e832a
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwg-1k4hb3z.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwg-1k4hb3z"
+modified = 2025-11-25T22:36:00.592Z
+upstream = ["CVE-2020-27774"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1898296", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1898296", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27774"
+imported = 2025-11-25T22:36:00.592Z
+modified = 2024-11-21T05:21:48.653Z
+published = 2020-12-04T21:15:12.560Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27774"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27774"
+```
+
+# A flaw was found in ImageMagick in MagickCore/statistic.c
+
+A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwi-59rp7s.md b/advisories/published/2025/JLSEC-0000-mntnaucwi-59rp7s.md
new file mode 100644
index 00000000..8527a340
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwi-59rp7s.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwi-59rp7s"
+modified = 2025-11-25T22:36:00.594Z
+upstream = ["CVE-2020-27775"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1898300", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1898300", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27775"
+imported = 2025-11-25T22:36:00.594Z
+modified = 2024-11-21T05:21:48.753Z
+published = 2020-12-04T21:15:12.637Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27775"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27775"
+```
+
+# A flaw was found in ImageMagick in MagickCore/quantum.h
+
+A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwj-1ij7l5p.md b/advisories/published/2025/JLSEC-0000-mntnaucwj-1ij7l5p.md
new file mode 100644
index 00000000..1607fb89
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwj-1ij7l5p.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwj-1ij7l5p"
+modified = 2025-11-25T22:36:00.595Z
+upstream = ["CVE-2020-27776"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1898304", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1898304", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27776"
+imported = 2025-11-25T22:36:00.595Z
+modified = 2024-11-21T05:21:48.870Z
+published = 2020-12-04T21:15:12.707Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27776"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27776"
+```
+
+# A flaw was found in ImageMagick in MagickCore/statistic.c
+
+A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwk-1fj3k0r.md b/advisories/published/2025/JLSEC-0000-mntnaucwk-1fj3k0r.md
new file mode 100644
index 00000000..7b0842b0
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwk-1fj3k0r.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwk-1fj3k0r"
+modified = 2025-11-25T22:36:00.596Z
+upstream = ["CVE-2020-27772"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1898291", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1898291", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27772"
+imported = 2025-11-25T22:36:00.596Z
+modified = 2024-11-21T05:21:48.413Z
+published = 2020-12-04T22:15:12.550Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27772"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27772"
+```
+
+# A flaw was found in ImageMagick in coders/bmp.c
+
+A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwl-xjosup.md b/advisories/published/2025/JLSEC-0000-mntnaucwl-xjosup.md
new file mode 100644
index 00000000..4061ccc2
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwl-xjosup.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwl-xjosup"
+modified = 2025-11-25T22:36:00.597Z
+upstream = ["CVE-2020-27773"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1898295", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1898295", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27773"
+imported = 2025-11-25T22:36:00.597Z
+modified = 2024-11-21T05:21:48.540Z
+published = 2020-12-04T22:15:12.630Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27773"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27773"
+```
+
+# A flaw was found in ImageMagick in MagickCore/gem-private.h
+
+A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwn-1kpjfpe.md b/advisories/published/2025/JLSEC-0000-mntnaucwn-1kpjfpe.md
new file mode 100644
index 00000000..f59cf9fc
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwn-1kpjfpe.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwn-1kpjfpe"
+modified = 2025-11-25T22:36:00.599Z
+upstream = ["CVE-2020-25663"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1891601", "https://github.com/ImageMagick/ImageMagick/issues/1723", "https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153", "https://bugzilla.redhat.com/show_bug.cgi?id=1891601", "https://github.com/ImageMagick/ImageMagick/issues/1723", "https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2020-25663"
+imported = 2025-11-25T22:36:00.599Z
+modified = 2024-11-21T05:18:23.650Z
+published = 2020-12-08T21:15:12.420Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-25663"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-25663"
+```
+
+# A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a...
+
+A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if an attacker is able to submit a malicious image file to be processed by ImageMagick and could lead to denial of service. It likely would not lead to anything further because the memory is used as pixel data and not e.g. a function pointer. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwn-1s573y0.md b/advisories/published/2025/JLSEC-0000-mntnaucwn-1s573y0.md
new file mode 100644
index 00000000..a254e76b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwn-1s573y0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwn-1s573y0"
+modified = 2025-11-25T22:36:00.599Z
+upstream = ["CVE-2020-29599"]
+references = ["https://github.com/ImageMagick/ImageMagick/discussions/2851", "https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://security.gentoo.org/glsa/202101-36", "https://github.com/ImageMagick/ImageMagick/discussions/2851", "https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://security.gentoo.org/glsa/202101-36"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-29599"
+imported = 2025-11-25T22:36:00.599Z
+modified = 2024-11-21T05:24:17.280Z
+published = 2020-12-07T20:15:12.773Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-29599"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-29599"
+```
+
+# ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which all...
+
+ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwp-1lhcpbz.md b/advisories/published/2025/JLSEC-0000-mntnaucwp-1lhcpbz.md
new file mode 100644
index 00000000..9c00b8eb
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwp-1lhcpbz.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwp-1lhcpbz"
+modified = 2025-11-25T22:36:00.601Z
+upstream = ["CVE-2020-25664"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1891605", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z3J6D7POCQYQKNVRDYLTTPM5SQC3WVTR/", "https://bugzilla.redhat.com/show_bug.cgi?id=1891605", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z3J6D7POCQYQKNVRDYLTTPM5SQC3WVTR/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-25664"
+imported = 2025-11-25T22:36:00.601Z
+modified = 2024-11-21T05:18:23.840Z
+published = 2020-12-08T21:15:12.497Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-25664"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-25664"
+```
+
+# In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() a...
+
+In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwq-usk2ev.md b/advisories/published/2025/JLSEC-0000-mntnaucwq-usk2ev.md
new file mode 100644
index 00000000..4f59e625
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwq-usk2ev.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwq-usk2ev"
+modified = 2025-11-25T22:36:00.602Z
+upstream = ["CVE-2020-25665"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1891606", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1891606", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-25665"
+imported = 2025-11-25T22:36:00.602Z
+modified = 2024-11-21T05:18:24.023Z
+published = 2020-12-08T21:15:12.560Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-25665"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-25665"
+```
+
+# The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine Wr...
+
+The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytes_per_row in the call to AcquireQuantumMemory(). This could cause impact to reliability. This flaw affects ImageMagick versions prior to 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwr-1hy8gyg.md b/advisories/published/2025/JLSEC-0000-mntnaucwr-1hy8gyg.md
new file mode 100644
index 00000000..da39825f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwr-1hy8gyg.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwr-1hy8gyg"
+modified = 2025-11-25T22:36:00.603Z
+upstream = ["CVE-2020-25666"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1891612", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1891612", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-25666"
+imported = 2025-11-25T22:36:00.603Z
+modified = 2024-11-21T05:18:24.197Z
+published = 2020-12-08T21:15:12.623Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-25666"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-25666"
+```
+
+# There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is poss...
+
+There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts to `ssize_t` type for these calculations, instead of `int`. This flaw could impact application reliability in the event that ImageMagick processes a crafted input file. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwt-fhg9tj.md b/advisories/published/2025/JLSEC-0000-mntnaucwt-fhg9tj.md
new file mode 100644
index 00000000..7186b659
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwt-fhg9tj.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwt-fhg9tj"
+modified = 2025-11-25T22:36:00.605Z
+upstream = ["CVE-2020-25667"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1891613", "https://bugzilla.redhat.com/show_bug.cgi?id=1891613"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-25667"
+imported = 2025-11-25T22:36:00.605Z
+modified = 2024-11-21T05:18:24.373Z
+published = 2020-12-08T21:15:12.700Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-25667"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-25667"
+```
+
+# TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it s...
+
+TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this. This could cause an impact to availability of the application. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwu-xzihmb.md b/advisories/published/2025/JLSEC-0000-mntnaucwu-xzihmb.md
new file mode 100644
index 00000000..093578f1
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwu-xzihmb.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwu-xzihmb"
+modified = 2025-11-25T22:36:00.606Z
+upstream = ["CVE-2020-25674"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1891928", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1891928", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-25674"
+imported = 2025-11-25T22:36:00.606Z
+modified = 2024-11-21T05:18:25.833Z
+published = 2020-12-08T22:15:17.320Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-25674"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-25674"
+```
+
+# WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition ...
+
+WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times, attempting to pass invalid colormap data to the event logger. The patch replaces the hardcoded 256 value with a call to MagickMin() to ensure the proper value is used. This could impact application availability when a specially crafted input file is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwv-11wy6y4.md b/advisories/published/2025/JLSEC-0000-mntnaucwv-11wy6y4.md
new file mode 100644
index 00000000..8c79c449
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwv-11wy6y4.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwv-11wy6y4"
+modified = 2025-11-25T22:36:00.607Z
+upstream = ["CVE-2020-25675"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1891933", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1891933", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-25675"
+imported = 2025-11-25T22:36:00.607Z
+modified = 2024-11-21T05:18:26.113Z
+published = 2020-12-08T22:15:17.397Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-25675"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-25675"
+```
+
+# In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations ...
+
+In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a negative impact to application availability or other problems related to undefined behavior, in cases where ImageMagick processes untrusted input data. The upstream patch introduces functionality to constrain the pixel offsets and prevent these issues. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucww-1f5qrfh.md b/advisories/published/2025/JLSEC-0000-mntnaucww-1f5qrfh.md
new file mode 100644
index 00000000..b57b0756
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucww-1f5qrfh.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucww-1f5qrfh"
+modified = 2025-11-25T22:36:00.608Z
+upstream = ["CVE-2020-25676"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1891934", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1891934", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-25676"
+imported = 2025-11-25T22:36:00.608Z
+modified = 2024-11-21T05:18:26.283Z
+published = 2020-12-08T22:15:17.477Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-25676"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-25676"
+```
+
+# In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and In...
+
+In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function. These calculations produced undefined behavior in the form of out-of-range and integer overflows, as identified by UndefinedBehaviorSanitizer. These instances of undefined behavior could be triggered by an attacker who is able to supply a crafted input file to be processed by ImageMagick. These issues could impact application availability or potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwy-1pahkby.md b/advisories/published/2025/JLSEC-0000-mntnaucwy-1pahkby.md
new file mode 100644
index 00000000..ad0702ff
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwy-1pahkby.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwy-1pahkby"
+modified = 2025-11-25T22:36:00.610Z
+upstream = ["CVE-2020-27750"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1891984", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1891984", "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27750"
+imported = 2025-11-25T22:36:00.610Z
+modified = 2024-11-21T05:21:45.480Z
+published = 2020-12-08T22:15:17.930Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27750"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27750"
+```
+
+# A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h
+
+A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` and math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucwz-j9sq3.md b/advisories/published/2025/JLSEC-0000-mntnaucwz-j9sq3.md
new file mode 100644
index 00000000..1bd497c6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucwz-j9sq3.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucwz-j9sq3"
+modified = 2025-11-25T22:36:00.611Z
+upstream = ["CVE-2020-27751"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1891994", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1891994", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27751"
+imported = 2025-11-25T22:36:00.611Z
+modified = 2024-11-21T05:21:45.610Z
+published = 2020-12-08T22:15:17.993Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27751"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27751"
+```
+
+# A flaw was found in ImageMagick in MagickCore/quantum-export.c
+
+A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long` as well as a shift exponent that is too large for 64-bit type. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucx0-bgy176.md b/advisories/published/2025/JLSEC-0000-mntnaucx0-bgy176.md
new file mode 100644
index 00000000..dba91423
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucx0-bgy176.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucx0-bgy176"
+modified = 2025-11-25T22:36:00.612Z
+upstream = ["CVE-2020-27752"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894226", "https://bugzilla.redhat.com/show_bug.cgi?id=1894226"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27752"
+imported = 2025-11-25T22:36:00.612Z
+modified = 2024-11-21T05:21:45.740Z
+published = 2020-12-08T22:15:18.070Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27752"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27752"
+```
+
+# A flaw was found in ImageMagick in MagickCore/quantum-private.h
+
+A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucx1-vuu4wt.md b/advisories/published/2025/JLSEC-0000-mntnaucx1-vuu4wt.md
new file mode 100644
index 00000000..6844948b
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucx1-vuu4wt.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucx1-vuu4wt"
+modified = 2025-11-25T22:36:00.613Z
+upstream = ["CVE-2020-27753"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894229", "https://bugzilla.redhat.com/show_bug.cgi?id=1894229"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27753"
+imported = 2025-11-25T22:36:00.613Z
+modified = 2024-11-21T05:21:45.867Z
+published = 2020-12-08T22:15:18.133Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27753"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27753"
+```
+
+# There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth value...
+
+There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported that the issues were in `AcquireMagickMemory()` because that is where LeakSanitizer detected the leaks, but the patch resolves issues in the MIFF coder, which incorrectly handles data being passed to `AcquireMagickMemory()`. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucx3-1gu5y5l.md b/advisories/published/2025/JLSEC-0000-mntnaucx3-1gu5y5l.md
new file mode 100644
index 00000000..44949554
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucx3-1gu5y5l.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucx3-1gu5y5l"
+modified = 2025-11-25T22:36:00.615Z
+upstream = ["CVE-2020-27754"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894231", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894231", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27754"
+imported = 2025-11-25T22:36:00.615Z
+modified = 2024-11-21T05:21:45.990Z
+published = 2020-12-08T22:15:18.227Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27754"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27754"
+```
+
+# In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could r...
+
+In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity() function, which forces the pixel intensities to be within the proper bounds in the event of an overflow. This flaw affects ImageMagick versions prior to 6.9.10-69 and 7.0.8-69.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucx4-t0qhd9.md b/advisories/published/2025/JLSEC-0000-mntnaucx4-t0qhd9.md
new file mode 100644
index 00000000..5ff6d50e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucx4-t0qhd9.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucx4-t0qhd9"
+modified = 2025-11-25T22:36:00.616Z
+upstream = ["CVE-2020-27755"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894232", "https://bugzilla.redhat.com/show_bug.cgi?id=1894232"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27755"
+imported = 2025-11-25T22:36:00.616Z
+modified = 2024-11-21T05:21:46.120Z
+published = 2020-12-08T22:15:18.290Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27755"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27755"
+```
+
+# in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak be...
+
+in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. The memory leak can be triggered by a crafted input file that is processed by ImageMagick and could cause an impact to application reliability, such as denial of service. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucx5-19b7y3k.md b/advisories/published/2025/JLSEC-0000-mntnaucx5-19b7y3k.md
new file mode 100644
index 00000000..9abd4bb1
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucx5-19b7y3k.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucx5-19b7y3k"
+modified = 2025-11-25T22:36:00.617Z
+upstream = ["CVE-2020-27756"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894233", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894233", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27756"
+imported = 2025-11-25T22:36:00.617Z
+modified = 2024-11-21T05:21:46.260Z
+published = 2020-12-08T22:15:18.383Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27756"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27756"
+```
+
+# In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to div...
+
+In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses multiplication in addition to the function `PerceptibleReciprocal()` in order to prevent such divide-by-zero conditions. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucx7-7gf2y6.md b/advisories/published/2025/JLSEC-0000-mntnaucx7-7gf2y6.md
new file mode 100644
index 00000000..7e314c0e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucx7-7gf2y6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucx7-7gf2y6"
+modified = 2025-11-25T22:36:00.619Z
+upstream = ["CVE-2020-27757"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894234", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894234", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27757"
+imported = 2025-11-25T22:36:00.619Z
+modified = 2024-11-21T05:21:46.403Z
+published = 2020-12-08T22:15:18.447Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27757"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27757"
+```
+
+# A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead...
+
+A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The flaw could be triggered by a crafted input file under certain conditions when it is processed by ImageMagick. Red Hat Product Security marked this as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucx8-b6zc42.md b/advisories/published/2025/JLSEC-0000-mntnaucx8-b6zc42.md
new file mode 100644
index 00000000..226831c4
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucx8-b6zc42.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucx8-b6zc42"
+modified = 2025-11-25T22:36:00.620Z
+upstream = ["CVE-2020-27758"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894236", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894236", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27758"
+imported = 2025-11-25T22:36:00.620Z
+modified = 2024-11-21T05:21:46.530Z
+published = 2020-12-08T22:15:18.507Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27758"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27758"
+```
+
+# A flaw was found in ImageMagick in coders/txt.c
+
+A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucx9-15jfevc.md b/advisories/published/2025/JLSEC-0000-mntnaucx9-15jfevc.md
new file mode 100644
index 00000000..a026b53e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucx9-15jfevc.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucx9-15jfevc"
+modified = 2025-11-25T22:36:00.621Z
+upstream = ["CVE-2021-20176"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1916610", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1916610", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20176"
+imported = 2025-11-25T22:36:00.621Z
+modified = 2024-11-21T05:46:04.280Z
+published = 2021-02-06T00:15:12.920Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20176"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20176"
+```
+
+# A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c
+
+A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest threat from this vulnerability is to system availability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxa-11ij78.md b/advisories/published/2025/JLSEC-0000-mntnaucxa-11ij78.md
new file mode 100644
index 00000000..0e4f17fc
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxa-11ij78.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxa-11ij78"
+modified = 2025-11-25T22:36:00.622Z
+upstream = ["CVE-2020-27768"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894689", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894689", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27768"
+imported = 2025-11-25T22:36:00.622Z
+modified = 2024-11-21T05:21:47.933Z
+published = 2021-02-23T04:15:13.803Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27768"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27768"
+```
+
+# In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at Magi...
+
+In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxb-b9v9up.md b/advisories/published/2025/JLSEC-0000-mntnaucxb-b9v9up.md
new file mode 100644
index 00000000..5841a82e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxb-b9v9up.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxb-b9v9up"
+modified = 2025-11-25T22:36:00.623Z
+upstream = ["CVE-2021-20241"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1928952", "https://github.com/ImageMagick/ImageMagick/pull/3177", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1928952", "https://github.com/ImageMagick/ImageMagick/pull/3177", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20241"
+imported = 2025-11-25T22:36:00.623Z
+modified = 2024-11-21T05:46:11.953Z
+published = 2021-03-09T18:15:14.877Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20241"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20241"
+```
+
+# A flaw was found in ImageMagick in coders/jp2.c
+
+A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxc-1mzwdgz.md b/advisories/published/2025/JLSEC-0000-mntnaucxc-1mzwdgz.md
new file mode 100644
index 00000000..520a0aa0
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxc-1mzwdgz.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxc-1mzwdgz"
+modified = 2025-11-25T22:36:00.624Z
+upstream = ["CVE-2021-20243"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1928958", "https://github.com/ImageMagick/ImageMagick/pull/3193", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1928958", "https://github.com/ImageMagick/ImageMagick/pull/3193", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20243"
+imported = 2025-11-25T22:36:00.624Z
+modified = 2024-11-21T05:46:12.100Z
+published = 2021-03-09T18:15:15.033Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20243"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20243"
+```
+
+# A flaw was found in ImageMagick in MagickCore/resize.c
+
+A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxd-1qvkbbn.md b/advisories/published/2025/JLSEC-0000-mntnaucxd-1qvkbbn.md
new file mode 100644
index 00000000..9afc9d17
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxd-1qvkbbn.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxd-1qvkbbn"
+modified = 2025-11-25T22:36:00.625Z
+upstream = ["CVE-2021-20244"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1928959", "https://github.com/ImageMagick/ImageMagick/pull/3194", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1928959", "https://github.com/ImageMagick/ImageMagick/pull/3194", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20244"
+imported = 2025-11-25T22:36:00.625Z
+modified = 2024-11-21T05:46:12.217Z
+published = 2021-03-09T19:15:12.423Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20244"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20244"
+```
+
+# A flaw was found in ImageMagick in MagickCore/visual-effects.c
+
+A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxe-1h4x6go.md b/advisories/published/2025/JLSEC-0000-mntnaucxe-1h4x6go.md
new file mode 100644
index 00000000..066a8582
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxe-1h4x6go.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxe-1h4x6go"
+modified = 2025-11-25T22:36:00.626Z
+upstream = ["CVE-2021-20245"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1928943", "https://github.com/ImageMagick/ImageMagick/issues/3176", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1928943", "https://github.com/ImageMagick/ImageMagick/issues/3176", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20245"
+imported = 2025-11-25T22:36:00.626Z
+modified = 2024-11-21T05:46:12.337Z
+published = 2021-03-09T19:15:12.500Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20245"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20245"
+```
+
+# A flaw was found in ImageMagick in coders/webp.c
+
+A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxf-1phpil6.md b/advisories/published/2025/JLSEC-0000-mntnaucxf-1phpil6.md
new file mode 100644
index 00000000..5c184405
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxf-1phpil6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxf-1phpil6"
+modified = 2025-11-25T22:36:00.627Z
+upstream = ["CVE-2021-20246"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1928941", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1928941", "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20246"
+imported = 2025-11-25T22:36:00.627Z
+modified = 2024-11-21T05:46:12.463Z
+published = 2021-03-09T19:15:12.580Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20246"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20246"
+```
+
+# A flaw was found in ImageMagick in MagickCore/resample.c
+
+A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxg-146tt6v.md b/advisories/published/2025/JLSEC-0000-mntnaucxg-146tt6v.md
new file mode 100644
index 00000000..354e1e6c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxg-146tt6v.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxg-146tt6v"
+modified = 2025-11-25T22:36:00.628Z
+upstream = ["CVE-2020-27829"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1922525", "https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0", "https://bugzilla.redhat.com/show_bug.cgi?id=1922525", "https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27829"
+imported = 2025-11-25T22:36:00.628Z
+modified = 2024-11-21T05:21:53.577Z
+published = 2021-03-26T17:15:11.953Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27829"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27829"
+```
+
+# A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in I...
+
+A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxh-t5y2p2.md b/advisories/published/2025/JLSEC-0000-mntnaucxh-t5y2p2.md
new file mode 100644
index 00000000..f57ffd39
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxh-t5y2p2.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxh-t5y2p2"
+modified = 2025-11-25T22:36:00.629Z
+upstream = ["CVE-2021-20309"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1946722", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1946722", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.13025+0"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20309"
+imported = 2025-11-25T22:36:00.629Z
+modified = 2024-11-21T05:46:20.823Z
+published = 2021-05-11T23:15:08.720Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20309"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20309"
+```
+
+# A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zer...
+
+A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxi-1i4ex8p.md b/advisories/published/2025/JLSEC-0000-mntnaucxi-1i4ex8p.md
new file mode 100644
index 00000000..dc95e3d2
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxi-1i4ex8p.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxi-1i4ex8p"
+modified = 2025-11-25T22:36:00.630Z
+upstream = ["CVE-2021-20310"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1946728", "https://bugzilla.redhat.com/show_bug.cgi?id=1946728"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20310"
+imported = 2025-11-25T22:36:00.630Z
+modified = 2024-11-21T05:46:20.967Z
+published = 2021-05-11T23:15:08.770Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20310"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20310"
+```
+
+# A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzaz...
+
+A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxj-1ggxdev.md b/advisories/published/2025/JLSEC-0000-mntnaucxj-1ggxdev.md
new file mode 100644
index 00000000..639bdde9
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxj-1ggxdev.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxj-1ggxdev"
+modified = 2025-11-25T22:36:00.631Z
+upstream = ["CVE-2021-20311"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1946739", "https://bugzilla.redhat.com/show_bug.cgi?id=1946739"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20311"
+imported = 2025-11-25T22:36:00.631Z
+modified = 2024-11-21T05:46:21.093Z
+published = 2021-05-11T23:15:08.810Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20311"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20311"
+```
+
+# A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransform...
+
+A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxk-1vqryty.md b/advisories/published/2025/JLSEC-0000-mntnaucxk-1vqryty.md
new file mode 100644
index 00000000..3d4d0036
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxk-1vqryty.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxk-1vqryty"
+modified = 2025-11-25T22:36:00.632Z
+upstream = ["CVE-2021-20313"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1947019", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1947019", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20313"
+imported = 2025-11-25T22:36:00.632Z
+modified = 2024-11-21T05:46:21.357Z
+published = 2021-05-11T23:15:08.893Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20313"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20313"
+```
+
+# A flaw was found in ImageMagick in versions before 7.0.11
+
+A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxk-g9p8oq.md b/advisories/published/2025/JLSEC-0000-mntnaucxk-g9p8oq.md
new file mode 100644
index 00000000..1a00e222
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxk-g9p8oq.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxk-g9p8oq"
+modified = 2025-11-25T22:36:00.632Z
+upstream = ["CVE-2021-20312"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1946742", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1946742", "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20312"
+imported = 2025-11-25T22:36:00.632Z
+modified = 2024-11-21T05:46:21.223Z
+published = 2021-05-11T23:15:08.850Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20312"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20312"
+```
+
+# A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage...
+
+A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxl-d7x6os.md b/advisories/published/2025/JLSEC-0000-mntnaucxl-d7x6os.md
new file mode 100644
index 00000000..e595a6a6
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxl-d7x6os.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxl-d7x6os"
+modified = 2025-11-25T22:36:00.633Z
+upstream = ["CVE-2020-27769"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1894690", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1894690", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2020-27769"
+imported = 2025-11-25T22:36:00.633Z
+modified = 2024-11-21T05:21:48.060Z
+published = 2021-05-14T20:15:11.057Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-27769"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-27769"
+```
+
+# In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type ...
+
+In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxm-1wmzh6k.md b/advisories/published/2025/JLSEC-0000-mntnaucxm-1wmzh6k.md
new file mode 100644
index 00000000..fe6852bf
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxm-1wmzh6k.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxm-1wmzh6k"
+modified = 2025-11-25T22:36:00.634Z
+upstream = ["CVE-2021-39212"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/01faddbe2711a4156180c4a92837e2f23683cc68", "https://github.com/ImageMagick/ImageMagick/commit/35893e7cad78ce461fcaffa56076c11700ba5e4e", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvhr-jj4p-j2qr", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://github.com/ImageMagick/ImageMagick/commit/01faddbe2711a4156180c4a92837e2f23683cc68", "https://github.com/ImageMagick/ImageMagick/commit/35893e7cad78ce461fcaffa56076c11700ba5e4e", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvhr-jj4p-j2qr", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = [">= 6.9.12+0, < 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2021-39212"
+imported = 2025-11-25T22:36:00.634Z
+modified = 2024-11-21T06:18:54.870Z
+published = 2021-09-13T18:15:23.907Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-39212"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-39212"
+```
+
+# ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that ...
+
+ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded by a `module` policy in `policy.xml`. ex. . The issue has been resolved in ImageMagick 7.1.0-7 and in 6.9.12-22. Fortunately, in the wild, few users utilize the `module` policy and instead use the `coder` policy that is also our workaround recommendation: .
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxo-945um6.md b/advisories/published/2025/JLSEC-0000-mntnaucxo-945um6.md
new file mode 100644
index 00000000..9cf92bc7
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxo-945um6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxo-945um6"
+modified = 2025-11-25T22:36:00.636Z
+upstream = ["CVE-2021-3596"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=1970569", "https://github.com/ImageMagick/ImageMagick/issues/2624", "https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1970569", "https://github.com/ImageMagick/ImageMagick/issues/2624", "https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2021-3596"
+imported = 2025-11-25T22:36:00.636Z
+modified = 2024-11-21T06:21:55.937Z
+published = 2022-02-24T19:15:09.063Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-3596"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-3596"
+```
+
+# A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGIm...
+
+A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxp-o91u18.md b/advisories/published/2025/JLSEC-0000-mntnaucxp-o91u18.md
new file mode 100644
index 00000000..86caed0e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxp-o91u18.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxp-o91u18"
+modified = 2025-11-25T22:36:00.637Z
+upstream = ["CVE-2021-3610"]
+references = ["http://www.openwall.com/lists/oss-security/2023/05/29/4", "http://www.openwall.com/lists/oss-security/2023/06/05/1", "https://bugzilla.redhat.com/show_bug.cgi?id=1973689", "https://github.com/ImageMagick/ImageMagick/commit/930ff0d1a9bc42925a7856e9ea53f5fc9f318bf3", "http://www.openwall.com/lists/oss-security/2023/05/29/4", "http://www.openwall.com/lists/oss-security/2023/06/05/1", "https://bugzilla.redhat.com/show_bug.cgi?id=1973689", "https://github.com/ImageMagick/ImageMagick/commit/930ff0d1a9bc42925a7856e9ea53f5fc9f318bf3"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = [">= 6.9.12+0, < 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2021-3610"
+imported = 2025-11-25T22:36:00.637Z
+modified = 2024-11-21T06:21:58.403Z
+published = 2022-02-24T19:15:09.213Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-3610"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-3610"
+```
+
+# A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 i...
+
+A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxq-11tzcm0.md b/advisories/published/2025/JLSEC-0000-mntnaucxq-11tzcm0.md
new file mode 100644
index 00000000..4651eeeb
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxq-11tzcm0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxq-11tzcm0"
+modified = 2025-11-25T22:36:00.638Z
+upstream = ["CVE-2021-4219"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=2054611", "https://bugzilla.redhat.com/show_bug.cgi?id=2054611"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2021-4219"
+imported = 2025-11-25T22:36:00.638Z
+modified = 2024-11-21T06:37:10.617Z
+published = 2022-03-23T20:15:10.257Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-4219"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-4219"
+```
+
+# A flaw was found in ImageMagick
+
+A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxs-spomyh.md b/advisories/published/2025/JLSEC-0000-mntnaucxs-spomyh.md
new file mode 100644
index 00000000..586e7933
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxs-spomyh.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxs-spomyh"
+modified = 2025-11-25T22:36:00.640Z
+upstream = ["CVE-2022-1114"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=2064538", "https://bugzilla.redhat.com/show_bug.cgi?id=2064538"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2022-1114"
+imported = 2025-11-25T22:36:00.640Z
+modified = 2024-11-21T06:40:04.533Z
+published = 2022-04-29T16:15:08.587Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-1114"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2022-1114"
+```
+
+# A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file
+
+A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for conversion, potentially leading to information disclosure and a denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxt-6bdfj6.md b/advisories/published/2025/JLSEC-0000-mntnaucxt-6bdfj6.md
new file mode 100644
index 00000000..2f157d01
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxt-6bdfj6.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxt-6bdfj6"
+modified = 2025-11-25T22:36:00.641Z
+upstream = ["CVE-2022-28463"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/ca3654ebf7a439dc736f56f083c9aa98e4464b7f", "https://github.com/ImageMagick/ImageMagick/issues/4988", "https://github.com/ImageMagick/ImageMagick6/commit/e6ea5876e0228165ee3abc6e959aa174cee06680", "https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://github.com/ImageMagick/ImageMagick/commit/ca3654ebf7a439dc736f56f083c9aa98e4464b7f", "https://github.com/ImageMagick/ImageMagick/issues/4988", "https://github.com/ImageMagick/ImageMagick6/commit/e6ea5876e0228165ee3abc6e959aa174cee06680", "https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2022-28463"
+imported = 2025-11-25T22:36:00.641Z
+modified = 2025-06-25T21:02:38.857Z
+published = 2022-05-08T23:15:17.820Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-28463"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2022-28463"
+```
+
+# ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
+
+ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxu-jjx497.md b/advisories/published/2025/JLSEC-0000-mntnaucxu-jjx497.md
new file mode 100644
index 00000000..907480c0
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxu-jjx497.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxu-jjx497"
+modified = 2025-11-25T22:36:00.642Z
+upstream = ["CVE-2022-32545"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=2091811", "https://github.com/ImageMagick/ImageMagick/commit/9c9a84cec4ab28ee0b57c2b9266d6fbe68183512", "https://github.com/ImageMagick/ImageMagick6/commit/450949ed017f009b399c937cf362f0058eacc5fa", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=2091811", "https://github.com/ImageMagick/ImageMagick/commit/9c9a84cec4ab28ee0b57c2b9266d6fbe68183512", "https://github.com/ImageMagick/ImageMagick6/commit/450949ed017f009b399c937cf362f0058eacc5fa", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2022-32545"
+imported = 2025-11-25T22:36:00.642Z
+modified = 2024-11-21T07:06:35.893Z
+published = 2022-06-16T18:15:10.873Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-32545"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2022-32545"
+```
+
+# A vulnerability was found in ImageMagick, causing an outside the range of representable values of ty...
+
+A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxv-p04tmh.md b/advisories/published/2025/JLSEC-0000-mntnaucxv-p04tmh.md
new file mode 100644
index 00000000..882d46f9
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxv-p04tmh.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxv-p04tmh"
+modified = 2025-11-25T22:36:00.643Z
+upstream = ["CVE-2022-32546"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=2091812", "https://github.com/ImageMagick/ImageMagick/commit/f221ea0fa3171f0f4fdf74ac9d81b203b9534c23", "https://github.com/ImageMagick/ImageMagick6/commit/29c8abce0da56b536542f76a9ddfebdaab5b2943", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=2091812", "https://github.com/ImageMagick/ImageMagick/commit/f221ea0fa3171f0f4fdf74ac9d81b203b9534c23", "https://github.com/ImageMagick/ImageMagick6/commit/29c8abce0da56b536542f76a9ddfebdaab5b2943", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2022-32546"
+imported = 2025-11-25T22:36:00.643Z
+modified = 2024-11-21T07:06:36.030Z
+published = 2022-06-16T18:15:10.927Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-32546"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2022-32546"
+```
+
+# A vulnerability was found in ImageMagick, causing an outside the range of representable values of ty...
+
+A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxx-1axzvd9.md b/advisories/published/2025/JLSEC-0000-mntnaucxx-1axzvd9.md
new file mode 100644
index 00000000..6366549f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxx-1axzvd9.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxx-1axzvd9"
+modified = 2025-11-25T22:36:00.645Z
+upstream = ["CVE-2022-32547"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=2091813", "https://github.com/ImageMagick/ImageMagick/commit/eac8ce4d873f28bb6a46aa3a662fb196b49b95d0", "https://github.com/ImageMagick/ImageMagick6/commit/dc070da861a015d3c97488fdcca6063b44d47a7b", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html", "https://bugzilla.redhat.com/show_bug.cgi?id=2091813", "https://github.com/ImageMagick/ImageMagick/commit/eac8ce4d873f28bb6a46aa3a662fb196b49b95d0", "https://github.com/ImageMagick/ImageMagick6/commit/dc070da861a015d3c97488fdcca6063b44d47a7b", "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2022-32547"
+imported = 2025-11-25T22:36:00.645Z
+modified = 2024-11-21T07:06:36.160Z
+published = 2022-06-16T18:15:10.983Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-32547"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2022-32547"
+```
+
+# In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignme...
+
+In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxy-827pmq.md b/advisories/published/2025/JLSEC-0000-mntnaucxy-827pmq.md
new file mode 100644
index 00000000..92057e55
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxy-827pmq.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxy-827pmq"
+modified = 2025-11-25T22:36:00.646Z
+upstream = ["CVE-2022-2719"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=2116537", "https://bugzilla.redhat.com/show_bug.cgi?id=2116537"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2022-2719"
+imported = 2025-11-25T22:36:00.646Z
+modified = 2024-11-21T07:01:34.720Z
+published = 2022-08-10T20:15:36.917Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-2719"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2022-2719"
+```
+
+# In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was mad...
+
+In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucxz-wvoymb.md b/advisories/published/2025/JLSEC-0000-mntnaucxz-wvoymb.md
new file mode 100644
index 00000000..2c313f00
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucxz-wvoymb.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucxz-wvoymb"
+modified = 2025-11-25T22:36:00.647Z
+upstream = ["CVE-2021-20224"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/5af1dffa4b6ab984b5f13d1e91c95760d75f12a6", "https://github.com/ImageMagick/ImageMagick/pull/3083", "https://github.com/ImageMagick/ImageMagick6/commit/553054c1cb1e4e05ec86237afef76a32cd7c464d", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "https://github.com/ImageMagick/ImageMagick/commit/5af1dffa4b6ab984b5f13d1e91c95760d75f12a6", "https://github.com/ImageMagick/ImageMagick/pull/3083", "https://github.com/ImageMagick/ImageMagick6/commit/553054c1cb1e4e05ec86237afef76a32cd7c464d", "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2021-20224"
+imported = 2025-11-25T22:36:00.647Z
+modified = 2024-11-21T05:46:09.763Z
+published = 2022-08-25T20:15:08.873Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-20224"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2021-20224"
+```
+
+# An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCor...
+
+An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucy0-yd4gl.md b/advisories/published/2025/JLSEC-0000-mntnaucy0-yd4gl.md
new file mode 100644
index 00000000..02babc55
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucy0-yd4gl.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucy0-yd4gl"
+modified = 2025-11-25T22:36:00.648Z
+upstream = ["CVE-2022-0284"]
+references = ["https://access.redhat.com/security/cve/CVE-2022-0284", "https://bugzilla.redhat.com/show_bug.cgi?id=2045943", "https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7", "https://github.com/ImageMagick/ImageMagick/issues/4729", "https://access.redhat.com/security/cve/CVE-2022-0284", "https://bugzilla.redhat.com/show_bug.cgi?id=2045943", "https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7", "https://github.com/ImageMagick/ImageMagick/issues/4729"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2022-0284"
+imported = 2025-11-25T22:36:00.648Z
+modified = 2024-11-21T06:38:18.113Z
+published = 2022-08-29T15:15:09.183Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-0284"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2022-0284"
+```
+
+# A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-acc...
+
+A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of service and information disclosure.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucy1-1b113c8.md b/advisories/published/2025/JLSEC-0000-mntnaucy1-1b113c8.md
new file mode 100644
index 00000000..37928fa2
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucy1-1b113c8.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucy1-1b113c8"
+modified = 2025-11-25T22:36:00.649Z
+upstream = ["CVE-2022-1115"]
+references = ["https://access.redhat.com/security/cve/CVE-2022-1115", "https://bugzilla.redhat.com/show_bug.cgi?id=2067022", "https://github.com/ImageMagick/ImageMagick/commit/c8718305f120293d8bf13724f12eed885d830b09", "https://github.com/ImageMagick/ImageMagick/issues/4974", "https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51", "https://access.redhat.com/security/cve/CVE-2022-1115", "https://bugzilla.redhat.com/show_bug.cgi?id=2067022", "https://github.com/ImageMagick/ImageMagick/commit/c8718305f120293d8bf13724f12eed885d830b09", "https://github.com/ImageMagick/ImageMagick/issues/4974", "https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2022-1115"
+imported = 2025-11-25T22:36:00.649Z
+modified = 2024-11-21T06:40:04.640Z
+published = 2022-08-29T15:15:10.297Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-1115"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2022-1115"
+```
+
+# A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-privat...
+
+A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucy3-yocbv4.md b/advisories/published/2025/JLSEC-0000-mntnaucy3-yocbv4.md
new file mode 100644
index 00000000..36db2a4f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucy3-yocbv4.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucy3-yocbv4"
+modified = 2025-11-25T22:36:00.651Z
+upstream = ["CVE-2022-3213"]
+references = ["https://access.redhat.com/security/cve/CVE-2022-3213", "https://bugzilla.redhat.com/show_bug.cgi?id=2126824", "https://github.com/ImageMagick/ImageMagick/commit/30ccf9a0da1f47161b5935a95be854fe84e6c2a2", "https://github.com/ImageMagick/ImageMagick6/commit/1aea203eb36409ce6903b9e41fe7cb70030e8750", "https://access.redhat.com/security/cve/CVE-2022-3213", "https://bugzilla.redhat.com/show_bug.cgi?id=2126824", "https://github.com/ImageMagick/ImageMagick/commit/30ccf9a0da1f47161b5935a95be854fe84e6c2a2", "https://github.com/ImageMagick/ImageMagick6/commit/1aea203eb36409ce6903b9e41fe7cb70030e8750"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2022-3213"
+imported = 2025-11-25T22:36:00.651Z
+modified = 2024-11-21T07:19:03.863Z
+published = 2022-09-19T18:15:09.907Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-3213"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2022-3213"
+```
+
+# A heap buffer overflow issue was found in ImageMagick
+
+A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucy5-tebbwa.md b/advisories/published/2025/JLSEC-0000-mntnaucy5-tebbwa.md
new file mode 100644
index 00000000..ca9e1a52
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucy5-tebbwa.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucy5-tebbwa"
+modified = 2025-11-25T22:36:00.653Z
+upstream = ["CVE-2023-1289"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=2176858", "https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr", "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html", "https://bugzilla.redhat.com/show_bug.cgi?id=2176858", "https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr", "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2023-1289"
+imported = 2025-11-25T22:36:00.653Z
+modified = 2024-11-21T07:38:50.907Z
+published = 2023-03-23T20:15:14.393Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-1289"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-1289"
+```
+
+# A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and ca...
+
+A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucy6-1llfi74.md b/advisories/published/2025/JLSEC-0000-mntnaucy6-1llfi74.md
new file mode 100644
index 00000000..eb411966
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucy6-1llfi74.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucy6-1llfi74"
+modified = 2025-11-25T22:36:00.654Z
+upstream = ["CVE-2023-1906"]
+references = ["https://access.redhat.com/security/cve/CVE-2023-1906", "https://bugzilla.redhat.com/show_bug.cgi?id=2185714", "https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247", "https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6655G3GPS42WQM32DJHUCZALI2URQSCO/", "https://access.redhat.com/security/cve/CVE-2023-1906", "https://bugzilla.redhat.com/show_bug.cgi?id=2185714", "https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247", "https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6655G3GPS42WQM32DJHUCZALI2URQSCO/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2023-1906"
+imported = 2025-11-25T22:36:00.654Z
+modified = 2025-02-10T17:15:15.963Z
+published = 2023-04-12T22:15:11.967Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-1906"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-1906"
+```
+
+# A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() func...
+
+A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucy7-hvr2ik.md b/advisories/published/2025/JLSEC-0000-mntnaucy7-hvr2ik.md
new file mode 100644
index 00000000..e5268810
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucy7-hvr2ik.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucy7-hvr2ik"
+modified = 2025-11-25T22:36:00.655Z
+upstream = ["CVE-2023-34151"]
+references = ["https://access.redhat.com/security/cve/CVE-2023-34151", "https://bugzilla.redhat.com/show_bug.cgi?id=2210657", "https://github.com/ImageMagick/ImageMagick/issues/6341", "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/", "https://access.redhat.com/security/cve/CVE-2023-34151", "https://bugzilla.redhat.com/show_bug.cgi?id=2210657", "https://github.com/ImageMagick/ImageMagick/issues/6341", "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2023-34151"
+imported = 2025-11-25T22:36:00.655Z
+modified = 2024-12-02T14:34:36.813Z
+published = 2023-05-30T22:15:11.000Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-34151"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-34151"
+```
+
+# A vulnerability was found in ImageMagick
+
+A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucy8-1mjn1uf.md b/advisories/published/2025/JLSEC-0000-mntnaucy8-1mjn1uf.md
new file mode 100644
index 00000000..0a101d56
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucy8-1mjn1uf.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucy8-1mjn1uf"
+modified = 2025-11-25T22:36:00.656Z
+upstream = ["CVE-2023-34152"]
+references = ["https://access.redhat.com/security/cve/CVE-2023-34152", "https://bugzilla.redhat.com/show_bug.cgi?id=2210659", "https://github.com/ImageMagick/ImageMagick/issues/6339", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/", "https://access.redhat.com/security/cve/CVE-2023-34152", "https://bugzilla.redhat.com/show_bug.cgi?id=2210659", "https://github.com/ImageMagick/ImageMagick/issues/6339", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2023-34152"
+imported = 2025-11-25T22:36:00.656Z
+modified = 2025-01-13T19:15:10.400Z
+published = 2023-05-30T22:15:11.070Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-34152"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-34152"
+```
+
+# A vulnerability was found in ImageMagick
+
+A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucy8-1n9cmae.md b/advisories/published/2025/JLSEC-0000-mntnaucy8-1n9cmae.md
new file mode 100644
index 00000000..9ce80e73
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucy8-1n9cmae.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucy8-1n9cmae"
+modified = 2025-11-25T22:36:00.656Z
+upstream = ["CVE-2023-34153"]
+references = ["https://access.redhat.com/security/cve/CVE-2023-34153", "https://bugzilla.redhat.com/show_bug.cgi?id=2210660", "https://github.com/ImageMagick/ImageMagick/issues/6338", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/", "https://access.redhat.com/security/cve/CVE-2023-34153", "https://bugzilla.redhat.com/show_bug.cgi?id=2210660", "https://github.com/ImageMagick/ImageMagick/issues/6338", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2023-34153"
+imported = 2025-11-25T22:36:00.656Z
+modified = 2025-01-10T21:15:12.310Z
+published = 2023-05-30T22:15:11.143Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-34153"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-34153"
+```
+
+# A vulnerability was found in ImageMagick
+
+A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucy9-mpdy18.md b/advisories/published/2025/JLSEC-0000-mntnaucy9-mpdy18.md
new file mode 100644
index 00000000..9bc395a4
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucy9-mpdy18.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucy9-mpdy18"
+modified = 2025-11-25T22:36:00.657Z
+upstream = ["CVE-2023-2157"]
+references = ["https://bugzilla.redhat.com/show_bug.cgi?id=2208537", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/", "https://bugzilla.redhat.com/show_bug.cgi?id=2208537", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2023-2157"
+imported = 2025-11-25T22:36:00.657Z
+modified = 2025-01-07T22:15:29.647Z
+published = 2023-06-06T20:15:12.120Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-2157"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-2157"
+```
+
+# A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the...
+
+A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucya-ygjyzd.md b/advisories/published/2025/JLSEC-0000-mntnaucya-ygjyzd.md
new file mode 100644
index 00000000..291f85af
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucya-ygjyzd.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucya-ygjyzd"
+modified = 2025-11-25T22:36:00.658Z
+upstream = ["CVE-2023-34474"]
+references = ["https://access.redhat.com/security/cve/CVE-2023-34474", "https://bugzilla.redhat.com/show_bug.cgi?id=2214148", "https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://access.redhat.com/security/cve/CVE-2023-34474", "https://bugzilla.redhat.com/show_bug.cgi?id=2214148", "https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2023-34474"
+imported = 2025-11-25T22:36:00.658Z
+modified = 2024-11-21T08:07:20.087Z
+published = 2023-06-16T20:15:09.370Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-34474"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-34474"
+```
+
+# A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in c...
+
+A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucyb-acy24b.md b/advisories/published/2025/JLSEC-0000-mntnaucyb-acy24b.md
new file mode 100644
index 00000000..5ce0b711
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucyb-acy24b.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucyb-acy24b"
+modified = 2025-11-25T22:36:00.659Z
+upstream = ["CVE-2023-34475"]
+references = ["https://access.redhat.com/security/cve/CVE-2023-34475", "https://bugzilla.redhat.com/show_bug.cgi?id=2214149", "https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://access.redhat.com/security/cve/CVE-2023-34475", "https://bugzilla.redhat.com/show_bug.cgi?id=2214149", "https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2023-34475"
+imported = 2025-11-25T22:36:00.659Z
+modified = 2024-11-21T08:07:20.233Z
+published = 2023-06-16T20:15:09.433Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-34475"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-34475"
+```
+
+# A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore...
+
+A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucyc-1xavi1x.md b/advisories/published/2025/JLSEC-0000-mntnaucyc-1xavi1x.md
new file mode 100644
index 00000000..f26652c1
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucyc-1xavi1x.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucyc-1xavi1x"
+modified = 2025-11-25T22:36:00.660Z
+upstream = ["CVE-2023-3195"]
+references = ["https://access.redhat.com/security/cve/CVE-2023-3195", "https://bugzilla.redhat.com/show_bug.cgi?id=2214141", "https://github.com/ImageMagick/ImageMagick/commit/f620340935777b28fa3f7b0ed7ed6bd86946934c", "https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://www.openwall.com/lists/oss-security/2023/05/29/1", "https://access.redhat.com/security/cve/CVE-2023-3195", "https://bugzilla.redhat.com/show_bug.cgi?id=2214141", "https://github.com/ImageMagick/ImageMagick/commit/f620340935777b28fa3f7b0ed7ed6bd86946934c", "https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://www.openwall.com/lists/oss-security/2023/05/29/1"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2023-3195"
+imported = 2025-11-25T22:36:00.660Z
+modified = 2024-11-21T08:16:40.133Z
+published = 2023-06-16T20:15:09.547Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-3195"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-3195"
+```
+
+# A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c
+
+A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucyd-1y6sspc.md b/advisories/published/2025/JLSEC-0000-mntnaucyd-1y6sspc.md
new file mode 100644
index 00000000..549a2f6f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucyd-1y6sspc.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucyd-1y6sspc"
+modified = 2025-11-25T22:36:00.661Z
+upstream = ["CVE-2023-3745"]
+references = ["https://access.redhat.com/security/cve/CVE-2023-3745", "https://bugzilla.redhat.com/show_bug.cgi?id=2223557", "https://github.com/ImageMagick/ImageMagick/commit/54cdc146bbe50018526770be201b56643ad58ba7", "https://github.com/ImageMagick/ImageMagick/commit/651672f19c75161a6159d9b6838fd3095b6c5304", "https://github.com/ImageMagick/ImageMagick/issues/1857", "https://github.com/ImageMagick/ImageMagick6/commit/7486477aa00c5c7856b111506da075b6cdfa8b73", "https://github.com/ImageMagick/ImageMagick6/commit/b466a96965afc1308a4ace93f5535c2b770f294b", "https://access.redhat.com/security/cve/CVE-2023-3745", "https://bugzilla.redhat.com/show_bug.cgi?id=2223557", "https://github.com/ImageMagick/ImageMagick/commit/54cdc146bbe50018526770be201b56643ad58ba7", "https://github.com/ImageMagick/ImageMagick/commit/651672f19c75161a6159d9b6838fd3095b6c5304", "https://github.com/ImageMagick/ImageMagick/issues/1857", "https://github.com/ImageMagick/ImageMagick6/commit/7486477aa00c5c7856b111506da075b6cdfa8b73", "https://github.com/ImageMagick/ImageMagick6/commit/b466a96965afc1308a4ace93f5535c2b770f294b"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.11+0"]
+
+[[jlsec_sources]]
+id = "CVE-2023-3745"
+imported = 2025-11-25T22:36:00.661Z
+modified = 2024-11-21T08:17:58.043Z
+published = 2023-07-24T16:15:13.130Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-3745"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-3745"
+```
+
+# A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-pr...
+
+A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucye-m5qln.md b/advisories/published/2025/JLSEC-0000-mntnaucye-m5qln.md
new file mode 100644
index 00000000..3142b2d5
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucye-m5qln.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucye-m5qln"
+modified = 2025-11-25T22:36:00.662Z
+upstream = ["CVE-2023-39978"]
+references = ["https://github.com/ImageMagick/ImageMagick6/commit/c90e79b3b22fec309cab55af2ee606f71b027b12", "https://github.com/ImageMagick/ImageMagick6/compare/6.9.12-90...6.9.12-91", "https://github.com/rmagick/rmagick/pull/1406/files", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "https://github.com/ImageMagick/ImageMagick6/commit/c90e79b3b22fec309cab55af2ee606f71b027b12", "https://github.com/ImageMagick/ImageMagick6/compare/6.9.12-90...6.9.12-91", "https://github.com/rmagick/rmagick/pull/1406/files", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 6.9.13025+0"]
+
+[[jlsec_sources]]
+id = "CVE-2023-39978"
+imported = 2025-11-25T22:36:00.662Z
+modified = 2024-11-21T08:16:10.030Z
+published = 2023-08-08T06:15:47.790Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-39978"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-39978"
+```
+
+# ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in M...
+
+ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucyg-13o6e41.md b/advisories/published/2025/JLSEC-0000-mntnaucyg-13o6e41.md
new file mode 100644
index 00000000..e5b168dd
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucyg-13o6e41.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucyg-13o6e41"
+modified = 2025-11-25T22:36:00.664Z
+upstream = ["CVE-2022-48541"]
+references = ["https://github.com/ImageMagick/ImageMagick/issues/2889", "https://lists.debian.org/debian-lts-announce/2024/03/msg00020.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/", "https://github.com/ImageMagick/ImageMagick/issues/2889", "https://lists.debian.org/debian-lts-announce/2024/03/msg00020.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = [">= 6.9.12+0, < 6.9.12+4"]
+
+[[jlsec_sources]]
+id = "CVE-2022-48541"
+imported = 2025-11-25T22:36:00.664Z
+modified = 2025-11-04T19:15:41.277Z
+published = 2023-08-22T19:16:31.443Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-48541"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2022-48541"
+```
+
+# A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of ...
+
+A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucyh-15nu0hi.md b/advisories/published/2025/JLSEC-0000-mntnaucyh-15nu0hi.md
new file mode 100644
index 00000000..354a76f4
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucyh-15nu0hi.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucyh-15nu0hi"
+modified = 2025-11-25T22:36:00.665Z
+upstream = ["CVE-2023-3428"]
+references = ["https://access.redhat.com/security/cve/CVE-2023-3428", "https://bugzilla.redhat.com/show_bug.cgi?id=2218369", "https://access.redhat.com/security/cve/CVE-2023-3428", "https://bugzilla.redhat.com/show_bug.cgi?id=2218369"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.1+1"]
+
+[[jlsec_sources]]
+id = "CVE-2023-3428"
+imported = 2025-11-25T22:36:00.665Z
+modified = 2024-11-21T08:17:14.803Z
+published = 2023-10-04T19:15:10.277Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-3428"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-3428"
+```
+
+# A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick
+
+A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaucyh-16nf3ty.md b/advisories/published/2025/JLSEC-0000-mntnaucyh-16nf3ty.md
new file mode 100644
index 00000000..ac297c04
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaucyh-16nf3ty.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaucyh-16nf3ty"
+modified = 2025-11-25T22:36:00.665Z
+upstream = ["CVE-2023-5341"]
+references = ["https://access.redhat.com/security/cve/CVE-2023-5341", "https://bugzilla.redhat.com/show_bug.cgi?id=2241774", "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1", "https://access.redhat.com/security/cve/CVE-2023-5341", "https://bugzilla.redhat.com/show_bug.cgi?id=2241774", "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1", "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["*"]
+
+[[jlsec_sources]]
+id = "CVE-2023-5341"
+imported = 2025-11-25T22:36:00.665Z
+modified = 2025-02-07T03:15:10.433Z
+published = 2023-11-19T10:15:49.433Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-5341"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2023-5341"
+```
+
+# A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
+
+A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudj5-2ensoq.md b/advisories/published/2025/JLSEC-0000-mntnaudj5-2ensoq.md
new file mode 100644
index 00000000..c5f8780c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudj5-2ensoq.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudj5-2ensoq"
+modified = 2025-11-25T22:36:01.409Z
+upstream = ["CVE-2024-41817"]
+references = ["https://github.com/ImageMagick/ImageMagick/blob/3b22378a23d59d7517c43b65b1822f023df357a0/app-image/AppRun#L11-L14", "https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8", "https://github.com/ImageMagick/ImageMagick/blob/3b22378a23d59d7517c43b65b1822f023df357a0/app-image/AppRun#L11-L14", "https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = [">= 7.1.0+0, < 7.1.1047+0"]
+
+[[jlsec_sources]]
+id = "CVE-2024-41817"
+imported = 2025-11-25T22:36:01.409Z
+modified = 2025-11-20T19:21:58.747Z
+published = 2024-07-29T16:15:05.360Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2024-41817"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2024-41817"
+```
+
+# ImageMagick is a free and open-source software suite, used for editing and manipulating digital imag...
+
+ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The `AppImage` version `ImageMagick` might use an empty path when setting `MAGICK_CONFIGURE_PATH` and `LD_LIBRARY_PATH` environment variables while executing, which might lead to arbitrary code execution by loading malicious configuration files or shared libraries in the current working directory while executing `ImageMagick`. The vulnerability is fixed in 7.11-36.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudj6-9vlv3b.md b/advisories/published/2025/JLSEC-0000-mntnaudj6-9vlv3b.md
new file mode 100644
index 00000000..2ece3d60
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudj6-9vlv3b.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudj6-9vlv3b"
+modified = 2025-11-25T22:36:01.410Z
+upstream = ["CVE-2025-53014"]
+references = ["https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hm4x-r5hc-794f", "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2001+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-53014"
+imported = 2025-11-25T22:36:01.410Z
+modified = 2025-11-03T19:16:07.910Z
+published = 2025-07-14T18:15:23.620Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-53014"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-53014"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` function. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs (`%%`). Versions 7.1.2-0 and 6.9.13-26 fix the issue.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudj8-yhyzhy.md b/advisories/published/2025/JLSEC-0000-mntnaudj8-yhyzhy.md
new file mode 100644
index 00000000..f94d3148
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudj8-yhyzhy.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudj8-yhyzhy"
+modified = 2025-11-25T22:36:01.412Z
+upstream = ["CVE-2025-53019"]
+references = ["https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cfh4-9f7v-fhrc", "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cfh4-9f7v-fhrc"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2001+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-53019"
+imported = 2025-11-25T22:36:01.412Z
+modified = 2025-11-03T19:16:08.050Z
+published = 2025-07-14T20:15:29.043Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-53019"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-53019"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick stream` command, specifying multiple consecutive `%d` format specifiers in a filename template causes a memory leak. Versions 7.1.2-0 and 6.9.13-26 fix the issue.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudja-1oq2d5a.md b/advisories/published/2025/JLSEC-0000-mntnaudja-1oq2d5a.md
new file mode 100644
index 00000000..a70f239c
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudja-1oq2d5a.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudja-1oq2d5a"
+modified = 2025-11-25T22:36:01.414Z
+upstream = ["CVE-2025-53101"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9", "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2001+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-53101"
+imported = 2025-11-25T22:36:01.414Z
+modified = 2025-11-03T19:16:08.327Z
+published = 2025-07-14T20:15:29.180Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-53101"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-53101"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`. Versions 7.1.2-0 and 6.9.13-26 fix the issue.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudja-x4aihm.md b/advisories/published/2025/JLSEC-0000-mntnaudja-x4aihm.md
new file mode 100644
index 00000000..ba8ba956
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudja-x4aihm.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudja-x4aihm"
+modified = 2025-11-25T22:36:01.414Z
+upstream = ["CVE-2025-55004"]
+references = ["https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cjc8-g9w8-chfw", "https://goo.gle/bigsleep", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cjc8-g9w8-chfw"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2001+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-55004"
+imported = 2025-11-25T22:36:01.414Z
+modified = 2025-08-15T19:31:52.070Z
+published = 2025-08-13T14:15:32.733Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-55004"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-55004"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This can likely be used to leak subsequent memory contents into the output image. This issue has been patched in version 7.1.2-1.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudjb-6klffg.md b/advisories/published/2025/JLSEC-0000-mntnaudjb-6klffg.md
new file mode 100644
index 00000000..c972a9ff
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudjb-6klffg.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudjb-6klffg"
+modified = 2025-11-25T22:36:01.415Z
+upstream = ["CVE-2025-55005"]
+references = ["https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fp", "https://goo.gle/bigsleep", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fp"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2001+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-55005"
+imported = 2025-11-25T22:36:01.415Z
+modified = 2025-08-15T19:36:34.257Z
+published = 2025-08-13T14:15:32.883Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-55005"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-55005"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024. This leads to corrupting memory beyond the end of the allocated logmap buffer. This issue has been patched in version 7.1.2-1.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudjd-1kkvoq8.md b/advisories/published/2025/JLSEC-0000-mntnaudjd-1kkvoq8.md
new file mode 100644
index 00000000..f5fa8163
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudjd-1kkvoq8.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudjd-1kkvoq8"
+modified = 2025-11-25T22:36:01.417Z
+upstream = ["CVE-2025-55154"]
+references = ["https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp29-wxp5-wh82", "https://goo.gle/bigsleep", "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2001+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-55154"
+imported = 2025-11-25T22:36:01.417Z
+modified = 2025-11-03T19:16:12.043Z
+published = 2025-08-13T14:15:33.030Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-55154"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-55154"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leading to memory corruption. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudje-1geiyqp.md b/advisories/published/2025/JLSEC-0000-mntnaudje-1geiyqp.md
new file mode 100644
index 00000000..fe142c1a
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudje-1geiyqp.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudje-1geiyqp"
+modified = 2025-11-25T22:36:01.418Z
+upstream = ["CVE-2025-55160"]
+references = ["https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hgw-6x87-578x"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2001+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-55160"
+imported = 2025-11-25T22:36:01.418Z
+modified = 2025-08-15T19:25:21.890Z
+published = 2025-08-13T14:15:33.177Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-55160"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-55160"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudjf-2m13ls.md b/advisories/published/2025/JLSEC-0000-mntnaudjf-2m13ls.md
new file mode 100644
index 00000000..7697e782
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudjf-2m13ls.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudjf-2m13ls"
+modified = 2025-11-25T22:36:01.419Z
+upstream = ["CVE-2025-55212"]
+references = ["https://github.com/ImageMagick/ImageMagick/blob/0ba1b587be17543b664f7ad538e9e51e0da59d17/MagickCore/geometry.c#L355", "https://github.com/ImageMagick/ImageMagick/blob/0ba1b587be17543b664f7ad538e9e51e0da59d17/MagickCore/resize.c#L4625-L4629", "https://github.com/ImageMagick/ImageMagick/commit/5f0bcf986b8b5e90567750d31a37af502b73f2af", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fh55-q5pj-pxgw", "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1", "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fh55-q5pj-pxgw"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2004+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-55212"
+imported = 2025-11-25T22:36:01.419Z
+modified = 2025-11-03T19:16:12.180Z
+published = 2025-08-26T17:15:39.863Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-55212"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-55212"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon (":") to montage -geometry leads GetGeometry() to set width/height to 0. Later, ThumbnailImage() divides by these zero dimensions, triggering a crash (SIGFPE/abort), resulting in a denial of service. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudjh-1toobe0.md b/advisories/published/2025/JLSEC-0000-mntnaudjh-1toobe0.md
new file mode 100644
index 00000000..b226bbcd
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudjh-1toobe0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudjh-1toobe0"
+modified = 2025-11-25T22:36:01.421Z
+upstream = ["CVE-2025-55298"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/439b362b93c074eea6c3f834d84982b43ef057d5", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9ccg-6pjw-x645", "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1", "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9ccg-6pjw-x645"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2004+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-55298"
+imported = 2025-11-25T22:36:01.421Z
+modified = 2025-11-03T19:16:12.337Z
+published = 2025-08-26T18:15:47.583Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-55298"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-55298"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code execution. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudji-13ufxax.md b/advisories/published/2025/JLSEC-0000-mntnaudji-13ufxax.md
new file mode 100644
index 00000000..302fa9fc
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudji-13ufxax.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudji-13ufxax"
+modified = 2025-11-25T22:36:01.422Z
+upstream = ["CVE-2025-57803"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/2c55221f4d38193adcb51056c14cf238fbcc35d7", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mxvv-97wh-cfmm", "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1", "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mxvv-97wh-cfmm"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2004+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-57803"
+imported = 2025-11-25T22:36:01.422Z
+modified = 2025-11-03T19:16:12.657Z
+published = 2025-08-26T18:15:47.780Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-57803"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-57803"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudjw-18pjp8m.md b/advisories/published/2025/JLSEC-0000-mntnaudjw-18pjp8m.md
new file mode 100644
index 00000000..5b9ef857
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudjw-18pjp8m.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudjw-18pjp8m"
+modified = 2025-11-25T22:36:01.436Z
+upstream = ["CVE-2025-57807"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg", "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.2004+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-57807"
+imported = 2025-11-25T22:36:01.436Z
+modified = 2025-11-03T19:16:12.893Z
+published = 2025-09-05T22:15:34.340Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-57807"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-57807"
+```
+
+# ImageMagick is free and open-source software used for editing and manipulating digital images
+
+ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset ≫ extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2⁶⁴ arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudjy-8yn8fq.md b/advisories/published/2025/JLSEC-0000-mntnaudjy-8yn8fq.md
new file mode 100644
index 00000000..7983c79f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudjy-8yn8fq.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudjy-8yn8fq"
+modified = 2025-11-25T22:36:01.438Z
+upstream = ["CVE-2025-62171"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/cea1693e2ded51b4cc91c70c54096cbed1691c00", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9pp9-cfwx-54rm", "https://lists.debian.org/debian-lts-announce/2025/10/msg00019.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["*"]
+
+[[jlsec_sources]]
+id = "CVE-2025-62171"
+imported = 2025-11-25T22:36:01.438Z
+modified = 2025-11-03T18:17:01.650Z
+published = 2025-10-17T17:15:49.197Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-62171"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-62171"
+```
+
+# ImageMagick is an open source software suite for displaying, converting, and editing raster image fi...
+
+ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c when calculating the extent value by multiplying image columns by bits per pixel. On 32-bit systems with size_t of 4 bytes, a malicious BMP file with specific dimensions can cause this multiplication to overflow and wrap to zero. The overflow check added to address CVE-2025-57803 is placed after the overflow occurs, making it ineffective. A specially crafted 58-byte BMP file with width set to 536,870,912 and 32 bits per pixel can trigger this overflow, causing the bytes_per_line calculation to become zero. This vulnerability only affects 32-bit builds of ImageMagick where default resource limits for width, height, and area have been manually increased beyond their defaults. 64-bit systems with size_t of 8 bytes are not vulnerable, and systems using default ImageMagick resource limits are not vulnerable. The vulnerability is fixed in versions 7.1.2-7 and 6.9.13-32.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnauduv-14rmdt0.md b/advisories/published/2025/JLSEC-0000-mntnauduv-14rmdt0.md
new file mode 100644
index 00000000..a8b6ff3f
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnauduv-14rmdt0.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnauduv-14rmdt0"
+modified = 2025-11-25T22:36:01.831Z
+upstream = ["CVE-2025-62594"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/7b47fe369eda90483402fcd3d78fa4167d3bb129", "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wpp4-vqfq-v4hp"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["*"]
+
+[[jlsec_sources]]
+id = "CVE-2025-62594"
+imported = 2025-11-25T22:36:01.831Z
+modified = 2025-11-03T19:42:36.100Z
+published = 2025-10-27T20:15:54.893Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-62594"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-62594"
+```
+
+# ImageMagick is a software suite to create, edit, compose, or convert bitmap images
+
+ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow occurs in pointer arithmetic, leading to out-of-bounds memory access, and division-by-zero causes immediate crashes. This issue has been patched in version 7.1.2-8.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudw4-1nkwpgl.md b/advisories/published/2025/JLSEC-0000-mntnaudw4-1nkwpgl.md
new file mode 100644
index 00000000..8a5660ae
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudw4-1nkwpgl.md
@@ -0,0 +1,32 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudw4-1nkwpgl"
+modified = 2025-11-25T22:36:01.876Z
+aliases = ["CVE-2025-43965"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/bac413a26073923d3ffb258adaab07fb3fe8fdc9", "https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-44---2025-02-22", "https://lists.debian.org/debian-lts-announce/2025/04/msg00035.html"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.1047+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-43965"
+imported = 2025-11-25T22:36:01.858Z
+modified = 2025-04-29T13:52:47.470Z
+published = 2025-04-23T15:16:00.733Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-43965"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-43965"
+[[jlsec_sources]]
+id = "EUVD-2025-12200"
+imported = 2025-11-25T22:36:01.897Z
+modified = 2025-04-26T23:03:02.000Z
+published = 2025-04-23T00:00:00.000Z
+url = "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2025-12200"
+html_url = "https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-12200"
+fields = ["affected"]
+```
+
+# In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumF...
+
+In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.
+
diff --git a/advisories/published/2025/JLSEC-0000-mntnaudwp-lkvz8k.md b/advisories/published/2025/JLSEC-0000-mntnaudwp-lkvz8k.md
new file mode 100644
index 00000000..0db8d07e
--- /dev/null
+++ b/advisories/published/2025/JLSEC-0000-mntnaudwp-lkvz8k.md
@@ -0,0 +1,32 @@
+```toml
+schema_version = "1.7.4"
+id = "JLSEC-0000-mntnaudwp-lkvz8k"
+modified = 2025-11-25T22:36:01.897Z
+aliases = ["CVE-2025-46393"]
+references = ["https://github.com/ImageMagick/ImageMagick/commit/81ac8a0d2eb21739842ed18c48c7646b7eef65b8", "https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-44---2025-02-22"]
+
+[[affected]]
+pkg = "ImageMagick_jll"
+ranges = ["< 7.1.1047+0"]
+
+[[jlsec_sources]]
+id = "CVE-2025-46393"
+imported = 2025-11-25T22:36:01.897Z
+modified = 2025-04-29T13:52:47.470Z
+published = 2025-04-23T15:16:01.060Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-46393"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2025-46393"
+[[jlsec_sources]]
+id = "EUVD-2025-12198"
+imported = 2025-11-25T22:36:01.899Z
+modified = 2025-04-23T15:17:20.000Z
+published = 2025-04-23T00:00:00.000Z
+url = "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2025-12198"
+html_url = "https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-12198"
+fields = ["affected"]
+```
+
+# In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (re...
+
+In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order).
+
diff --git a/advisories/published/2025/JLSEC-2025-9.md b/advisories/published/2025/JLSEC-2025-9.md
index 26d07f74..b24208e1 100644
--- a/advisories/published/2025/JLSEC-2025-9.md
+++ b/advisories/published/2025/JLSEC-2025-9.md
@@ -12,7 +12,7 @@ ranges = [">= 7.1.1+0, < 7.1.2001+0"]
[[jlsec_sources]]
id = "CVE-2025-53015"
-imported = 2025-10-09T16:58:37.456Z
+imported = 2025-11-25T22:36:01.411Z
modified = 2025-10-08T17:06:58.590Z
published = 2025-07-14T20:15:28.890Z
url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-53015"