CVEs affecting projects tracked on Release Alert, from NVD & OSV.
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.