CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0CVE-2019-14981 – ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c
https://notcve.org/view.php?id=CVE-2019-14981
12 Aug 2019 — In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file. En ImageMagick versiones 7.x anteriores a 7.0.8-41 y versiones 6.x anteriores a 6.9.10-41, hay una vulnerabilidad de división por cero en la función MeanShiftImage. Permite a un atacante causar una denegación de servicio mediante el envío de un archivo especialmente diseñado. ImageMagick is an image ... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-14980 – ImageMagick: use-after-free in magick/blob.c resulting in a denial of service
https://notcve.org/view.php?id=CVE-2019-14980
12 Aug 2019 — In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. En ImageMagick versiones 7.x anteriores a 7.0.8-42 y versiones 6.x anteriores a 6.9.10-42, hay una vulnerabilidad de uso de la memoria previamente liberada en la función UnmapBlob que permite a un atacante causar una denegación de servicio mediante el envío de un archivo especialmente diseñado. ImageMagi... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13454 – ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c
https://notcve.org/view.php?id=CVE-2019-13454
09 Jul 2019 — ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. ImageMagick versión 7.0.8-54 Q16, permite la División por Cero en la función RemoveDuplicateLayers en el archivo MagickCore/layer.c. ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially cr... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-369: Divide By Zero •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-13391 – Ubuntu Security Notice USN-4192-1
https://notcve.org/view.php?id=CVE-2019-13391
07 Jul 2019 — In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels. En ImageMagick versión 7.0.8-50 Q16, la función ComplexImages en el archivo MagickCore/fourier.c, presenta una lectura excesiva del búfer en la región heap de la memoria debido a llamadas incorrectas a GetCacheViewVirtualPixels. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using Ima... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-13311 – ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error
https://notcve.org/view.php?id=CVE-2019-13311
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. ImageMagick versión 7.0.8-50 Q16 existe una vulnerabilidad de fuga de memoria en AcquireMagickMemory debido a un error en wand/mogrify.c A flaw was found in ImageMagick, containing memory leaks of AcquireMagickMemory due to a wand/mogrify.c error. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the function MogrifyImageList(). An attacker could ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-13310 – ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c
https://notcve.org/view.php?id=CVE-2019-13310
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. ImageMagick versión 7.0.8-50 Q16 tiene fugas de memoria en AcquireMagickMemory debido a un error en MagickWand/mogrify.c. A flaw was found in ImageMagick version 7.0.8-50 Q16, containing memory leaks of AcquireMagickMemory due to an error found in MagickWand/mogrify.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the function Mogrif... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-13309 – ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages
https://notcve.org/view.php?id=CVE-2019-13309
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. ImageMagick versión 7.0.8-50 Q16 tiene fugas de memoria en AcquireMagickMemory debido a la mala gestión del error NoSuchImage en CLIListOperatorImages en MagickWand/operation.c. A flaw was found in ImageMagick version 7.0.8-50 Q16, containing memory leaks of AcquireMagickMemory due to the mishandling of the NoSuchImage error in CLIListOperatorImage... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13308 – Debian Security Advisory 4712-1
https://notcve.org/view.php?id=CVE-2019-13308
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage. ImageMagick versión 7.0.8-50 Q16 presenta una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en MagickCore/fourier.c en ComplexImage. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13307 – ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows
https://notcve.org/view.php?id=CVE-2019-13307
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. ImageMagick versión 7.0.8-50 Q16 presenta una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en MagickCore/statistic.c en EvaluateImages debido a la mala gestión de las filas. A heap-based buffer overflow was discovered in ImageMagick in the way it parses images when using the evaluate-sequence option. Applications compiled against ImageMagick librar... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13306 – ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors
https://notcve.org/view.php?id=CVE-2019-13306
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. ImageMagick versión 7.0.8-50 Q16 tiene un desbordamiento de búfer basado en pila en coders/pnm.c en WritePNMImage debido a los errores de superación de límite (off-by-one). A stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to off-by-one errors. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM i... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •