CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-13299 – openSUSE Security Advisory - openSUSE-SU-2019:1983-1
https://notcve.org/view.php?id=CVE-2019-13299
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel. ImageMagick versión 7.0.8-50 Q16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en MagickCore/pixel-accessor.h en GetPixelChannel. An update that fixes 30 vulnerabilities is now available. This update for ImageMagick fixes the following issues. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-13298 – openSUSE Security Advisory - openSUSE-SU-2019:1983-1
https://notcve.org/view.php?id=CVE-2019-13298
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error. ImageMagick versión 7.0.8-50 Q16, presenta un desbordamiento de búfer en la región heap de la memoria en el archivo MagickCore/pixel-accessor.h en la función SetPixelViaPixelInfo debido a un error del archivo MagickCore/enh.c. An update that fixes 30 vulnerabilities is now available. This update for ImageMagick fixes the following issues. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-13297 – ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled
https://notcve.org/view.php?id=CVE-2019-13297
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled. ImageMagick versión 7.0.8-50 Q16, presenta una lectura excesiva del búfer en la región heap de la memoria en el archivo MagickCore/threshold.c en la función AdaptiveThresholdImage porque una altura de cero se maneja inapropiadamente. A heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-13296 – openSUSE Security Advisory - openSUSE-SU-2019:1983-1
https://notcve.org/view.php?id=CVE-2019-13296
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value. ImageMagick versión 7.0.8-50 Q16, presenta pérdidas de memoria directa en la función AcquireMagickMemory debido a un error en CLIListOperatorImages en el archivo MagickWand/operation.c para un valor NULL. An update that fixes 30 vulnerabilities is now available. This update for ImageMagick fixes the following issues. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-13295 – ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled
https://notcve.org/view.php?id=CVE-2019-13295
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. ImageMagick versión 7.0.8-50 Q16, presenta una lectura excesiva del búfer en la región heap de la memoria en el archivo MagickCore/threshold.c en la función AdaptiveThresholdImage porque un ancho de cero se maneja inapropiadamente. A heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based on ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2019-12979 – imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c
https://notcve.org/view.php?id=CVE-2019-12979
26 Jun 2019 — ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función SyncImageSettings en MagickCore/image.c. Esto está relacionado con AcquireImage en magick/image.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-456: Missing Initialization of a Variable CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12978 – imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c
https://notcve.org/view.php?id=CVE-2019-12978
26 Jun 2019 — ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función ReadPANGOImage en coders/pango.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-456: Missing Initialization of a Variable CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12977 – Debian Security Advisory 4712-1
https://notcve.org/view.php?id=CVE-2019-12977
26 Jun 2019 — ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función WriteJP2Image en coders/jp2.c. Handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-12976 – imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c
https://notcve.org/view.php?id=CVE-2019-12976
26 Jun 2019 — ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. ImageMagick versión 7.0.8-34 tiene una pérdida de memoria en la función ReadPCLImage en coders/pcl.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the ReadPCLImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An attacker could abuse this fla... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-12975 – imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c
https://notcve.org/view.php?id=CVE-2019-12975
26 Jun 2019 — ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de pérdida de memoria en la función WriteDPXImage en coders/dpx.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the WriteDPXImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them cras... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •