CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 1CVE-2019-7395 – Debian Security Advisory 4712-1
https://notcve.org/view.php?id=CVE-2019-7395
05 Feb 2019 — In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. En ImageMagick en versiones anteriores a la 7.0.8-25, existe una vulnerabilidad de fuga de memoria en WritePSDChannel en coders/psd.c. Handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-7397 – ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
https://notcve.org/view.php?id=CVE-2019-7397
05 Feb 2019 — In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. En ImageMagick, en versiones anteriores a la 7.0.8-25, y GraphicsMagick, hasta la versión 1.3.31, existen varias vulnerabilidades de fuga de memoria en WritePDFImage en coders/pdf.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker c... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2018-20467 – ImageMagick: infinite loop in coders/bmp.c
https://notcve.org/view.php?id=CVE-2018-20467
26 Dec 2018 — In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. En coders/bmp.c en ImageMagick en versiones anteriores a la 7.0.8-16, un archivo de entradas puede resultar en un bucle infinito y un bloqueo, con un gran consumo de CPU y memoria. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación d... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-18016 – ImageMagick: memory leak in WritePCXImage in coders/pcx.c
https://notcve.org/view.php?id=CVE-2018-18016
05 Oct 2018 — ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. ImageMagick 7.0.7-28 tiene una vulnerabilidad de fuga de memoria en WritePCXImage en coders/pcx.c. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-18016 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17967 – ImageMagick: memory leak in ReadBGRImage in coders/bgr.c.
https://notcve.org/view.php?id=CVE-2018-17967
03 Oct 2018 — ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c. ImageMagick 7.0.7-28 tiene una vulnerabilidad de fuga de memoria en ReadBGRImage en coders/bgr.c. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-17967 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17965
https://notcve.org/view.php?id=CVE-2018-17965
03 Oct 2018 — ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c. ImageMagick 7.0.7-28 tiene una vulnerabilidad de fuga de memoria en WriteSGIImage en coders/sgi.c. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-17965 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17966 – ImageMagick: memory leak in WritePDBImage in coders/pdb.c
https://notcve.org/view.php?id=CVE-2018-17966
03 Oct 2018 — ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c. ImageMagick 7.0.7-28 tiene una vulnerabilidad de fuga de memoria en WritePDBImage en coders/pdb.c. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-17966 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2018-16749 – ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c
https://notcve.org/view.php?id=CVE-2018-16749
09 Sep 2018 — In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file. En ImageMagick 7.0.7-29 y anteriores, la falta de una comprobación NULL en ReadOneJNGImage en coders/png.c permite que un atacante provoque una denegación de servicio (fallo de aserción en WriteBlob y salida de la aplicación) mediante un archivo manipulado. Due to a large number of issues discovered... • https://github.com/ImageMagick/ImageMagick/issues/1119 • CWE-476: NULL Pointer Dereference CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-16750 – ImageMagick: Memory leak in the formatIPTCfromBuffer function in coders/meta.c
https://notcve.org/view.php?id=CVE-2018-16750
09 Sep 2018 — In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found. En ImageMagick 7.0.7-29 y anteriores, se ha encontrado una fuga de memoria en la función formatIPTCfromBuffer en coders/meta.c. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update includes a default policy change that disables support for the Postscript and PDF formats in ImageMagick. This policy can be overridden if nece... • http://www.securityfocus.com/bid/108492 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-16642 – ImageMagick: out-of-bounds write in InsertRow function in coders/cut.c
https://notcve.org/view.php?id=CVE-2018-16642
06 Sep 2018 — The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write. La función InsertRow en coders/cut.c en ImageMagick 7.0.7-37 permite que atacantes remotos provoquen una denegación de servicio (DoS) mediante un archivo de imagen manipulado debido a una escritura fuera de límites. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update... • https://github.com/ImageMagick/ImageMagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e • CWE-787: Out-of-bounds Write •