CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16329
https://notcve.org/view.php?id=CVE-2018-16329
01 Sep 2018 — In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c. En ImageMagick en versiones anteriores a la 7.0.8-8, existe una desreferencia de puntero NULL en la función GetMagickProperty en MagickCore/property.c. • https://github.com/ImageMagick/ImageMagick/issues/1225 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16328 – ImageMagick: NULL pointer dereference in CheckEventLogging function in MagickCore/log.c
https://notcve.org/view.php?id=CVE-2018-16328
01 Sep 2018 — In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. En ImageMagick en versiones anteriores a la 7.0.8-8, existe una desreferencia de puntero NULL en la función CheckEventLogging en MagickCore/log.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bou... • https://github.com/ImageMagick/ImageMagick/issues/1224 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 17%CPEs: 7EXPL: 3CVE-2018-16323 – ImageMagick - Memory Leak
https://notcve.org/view.php?id=CVE-2018-16323
01 Sep 2018 — ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data. ReadXBMImage en coders/xbm.c en ImageMagick en versiones anteriores a la 7.0.8-9 deja los datos sin inicializar al procesar un archivo XBM que tiene un valor de pixel negativo. Si el código afectado se em... • https://packetstorm.news/files/id/150402 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-6405 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2018-6405
30 Jan 2018 — In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service. En la función ReadDCMImage en coders/dcm.c en ImageMagick, en versiones anteriores a la 7.0.7-23, cada variable redmap, greenmap y bluemap puede ser sobrescrita por un nuevo puntero. El puntero anterior se pierde, lo que conduce a una ... • https://github.com/ImageMagick/ImageMagick/issues/964 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 1%CPEs: 9EXPL: 0CVE-2017-1000445 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-1000445
02 Jan 2018 — ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service ImageMagick 7.0.7-1 y anteriores es vulnerable a una desreferencia de puntero NULL en el componente MagickCore. Esto podría desembocar en una denegación de servicio (DoS). It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attac... • http://www.securityfocus.com/bid/102368 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1CVE-2017-17504 – Debian Security Advisory 4204-1
https://notcve.org/view.php?id=CVE-2017-17504
11 Dec 2017 — ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage. ImageMagick en versiones anteriores a la 7.0.7-12 presenta una sobrelectura de búfer basada en memoria dinámica (heap) en coders/png.c Magick_png_read_raw_profile mediante un archivo manipulado, relacionado con ReadOneMNGImage. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick... • https://github.com/ImageMagick/ImageMagick/issues/872 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13768 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-13768
30 Aug 2017 — Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file. Una desreferencia de puntero NULL en la función IdentifyImage en MagickCore/identify.c en ImageMagick en las versiones 7.0.6-10 permite que los atacantes realicen una denegación de servicio mediante el envío de un archivo de imagen manipulado. It was discovered that ImageMagick incorrectly handled certain malformed im... • http://www.securityfocus.com/bid/100569 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13769 – Debian Security Advisory 4032-1
https://notcve.org/view.php?id=CVE-2017-13769
30 Aug 2017 — The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file. La función WriteTHUMBNAILImage en coders/thumbnail.c de ImageMagick 7.0.6-10 permite que atacantes provoquen una denegación de servicio (sobrelectura de búfer) mediante el envío de un archivo JPEG manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system u... • https://github.com/ImageMagick/ImageMagick/issues/705 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 3%CPEs: 8EXPL: 0CVE-2017-12877 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-12877
28 Aug 2017 — Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. Una vulnerabilidad de uso de memoria antes de liberación (use-after-free)en la función DestroyImage en image.c de ImageMagick para versiones anteriores a la 7.0.6-6 permite que atacantes remotos provoquen una denegación de servicio mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed ima... • http://www.openwall.com/lists/oss-security/2017/08/16/2 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 57EXPL: 0CVE-2017-13658
https://notcve.org/view.php?id=CVE-2017-13658
24 Aug 2017 — In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c. En ImageMagick en versiones anteriores a la 6.9.9-3 y 7.x en versiones anteriores a la 7.0.6-3 se ha encontrado una vulnerabilidad de falta de comprobación de valores NULL en la función ReadMATImage en coders/mat.c, que conduce a una denegación de servic... • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870019 • CWE-617: Reachable Assertion •