CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19952
https://notcve.org/view.php?id=CVE-2019-19952
24 Dec 2019 — In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. En ImageMagick versión 7.0.9-7 Q16, se presenta un uso de la memoria previamente liberada en la función MngInfoDiscardObject del archivo coders/png.c, relacionado con ReadOneMNGImage. • https://github.com/ImageMagick/ImageMagick/issues/1791 • CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 1CVE-2019-19949 – ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c
https://notcve.org/view.php?id=CVE-2019-19949
24 Dec 2019 — In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. En ImageMagick versión 7.0.8-43 Q16, se presenta una lectura excesiva de búfer en la región heap de la memoria en la función WritePNGImage del archivo coders/png.c, relacionada con Magick_png_write_raw_profile y LocaleNCompare. An out-of-bounds read was discovered in ImageMagick when writing PNG images. An attacker may abuse this flaw ... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-18853
https://notcve.org/view.php?id=CVE-2019-18853
11 Nov 2019 — ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2. ImageMagick versiones anteriores a 7.0.9-0, permite a atacantes remotos causar una denegación de servicio porque XML_PARSE_HUGE no está restringido apropiadamente en el archivo coders/svg.c, relacionado con SVG y libxml2. • https://fortiguard.com/zeroday/FG-VD-19-136 • CWE-674: Uncontrolled Recursion •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-17540 – ImageMagick: heap-based buffer overflow in ReadPSInfo in coders/ps.c
https://notcve.org/view.php?id=CVE-2019-17540
14 Oct 2019 — ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. ImageMagick versiones anteriores a 7.0.8-54, presenta un desbordamiento de búfer en la región heap de la memoria en la función ReadPSInfo en el archivo coders/ps.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, o... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-17547
https://notcve.org/view.php?id=CVE-2019-17547
14 Oct 2019 — In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free. En ImageMagick versiones anteriores a 7.0.8-62, la función TraceBezier en el archivo MagickCore/draw.c presenta una vulnerabilidad de uso de la memoria previamente liberada. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-17541 – ImageMagick: Use after free in ReadICCProfile function in coders/jpeg.c
https://notcve.org/view.php?id=CVE-2019-17541
14 Oct 2019 — ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c. ImageMagick versiones anteriores a 7.0.8-55, presenta una vulnerabilidad de uso de la memoria previamente liberada de la función DestroyStringInfo en el archivo MagickCore/string.c porque el administrador de errores es manejado inapropiadamente en el archivo coders/jpeg.c. ImageMagick is an image display and manipulation tool for the X Window System that can ... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16708 – ImageMagick: memory leak in magick/xwindow.c
https://notcve.org/view.php?id=CVE-2019-16708
23 Sep 2019 — ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo magick/xwindow.c, relacionada con la función XCreateImage. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or potentially leak sensitive information. Th... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-16709 – ImageMagick: memory leak in coders/dps.c
https://notcve.org/view.php?id=CVE-2019-16709
23 Sep 2019 — ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo coders/dps.c, como es demostrado mediante la función XCreateImage. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bounds write, and ... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16710 – ImageMagick: memory leak in coders/dot.c
https://notcve.org/view.php?id=CVE-2019-16710
23 Sep 2019 — ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo coders/dot.c, como es demostrado mediante la función AcquireMagickMemory en archivo MagickCore/memory.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information ... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16711 – ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c
https://notcve.org/view.php?id=CVE-2019-16711
23 Sep 2019 — ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. ImageMagick versión 7.0.8-40, presenta una pérdida de memoria en la función Huffman2DEncodeImage en el archivo coders/ps2.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user inv... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •