CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-7397 – ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
https://notcve.org/view.php?id=CVE-2019-7397
05 Feb 2019 — In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. En ImageMagick, en versiones anteriores a la 7.0.8-25, y GraphicsMagick, hasta la versión 1.3.31, existen varias vulnerabilidades de fuga de memoria en WritePDFImage en coders/pdf.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker c... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-7398 – ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c
https://notcve.org/view.php?id=CVE-2019-7398
05 Feb 2019 — In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. En ImageMagick en versiones anteriores a la 7.0.8-25, existe una vulnerabilidad de fuga de memoria en WriteDIBImage en coders/dib.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges ... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2018-20467 – ImageMagick: infinite loop in coders/bmp.c
https://notcve.org/view.php?id=CVE-2018-20467
26 Dec 2018 — In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. En coders/bmp.c en ImageMagick en versiones anteriores a la 7.0.8-16, un archivo de entradas puede resultar en un bucle infinito y un bloqueo, con un gran consumo de CPU y memoria. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación d... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16328 – ImageMagick: NULL pointer dereference in CheckEventLogging function in MagickCore/log.c
https://notcve.org/view.php?id=CVE-2018-16328
01 Sep 2018 — In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. En ImageMagick en versiones anteriores a la 7.0.8-8, existe una desreferencia de puntero NULL en la función CheckEventLogging en MagickCore/log.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bou... • https://github.com/ImageMagick/ImageMagick/issues/1224 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16329
https://notcve.org/view.php?id=CVE-2018-16329
01 Sep 2018 — In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c. En ImageMagick en versiones anteriores a la 7.0.8-8, existe una desreferencia de puntero NULL en la función GetMagickProperty en MagickCore/property.c. • https://github.com/ImageMagick/ImageMagick/issues/1225 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 74%CPEs: 7EXPL: 3CVE-2018-16323 – ImageMagick - Memory Leak
https://notcve.org/view.php?id=CVE-2018-16323
01 Sep 2018 — ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data. ReadXBMImage en coders/xbm.c en ImageMagick en versiones anteriores a la 7.0.8-9 deja los datos sin inicializar al procesar un archivo XBM que tiene un valor de pixel negativo. Si el código afectado se em... • https://packetstorm.news/files/id/150402 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •