CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-13297 – ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled
https://notcve.org/view.php?id=CVE-2019-13297
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled. ImageMagick versión 7.0.8-50 Q16, presenta una lectura excesiva del búfer en la región heap de la memoria en el archivo MagickCore/threshold.c en la función AdaptiveThresholdImage porque una altura de cero se maneja inapropiadamente. A heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-13296
https://notcve.org/view.php?id=CVE-2019-13296
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value. ImageMagick versión 7.0.8-50 Q16, presenta pérdidas de memoria directa en la función AcquireMagickMemory debido a un error en CLIListOperatorImages en el archivo MagickWand/operation.c para un valor NULL. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-13295 – ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled
https://notcve.org/view.php?id=CVE-2019-13295
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. ImageMagick versión 7.0.8-50 Q16, presenta una lectura excesiva del búfer en la región heap de la memoria en el archivo MagickCore/threshold.c en la función AdaptiveThresholdImage porque un ancho de cero se maneja inapropiadamente. A heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based on ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-13137 – Debian Security Advisory 4712-1
https://notcve.org/view.php?id=CVE-2019-13137
01 Jul 2019 — ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de fuga de memoria en la función ReadPSImage in coders/ps. Handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-13136
https://notcve.org/view.php?id=CVE-2019-13136
01 Jul 2019 — ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de desbordamiento de enteros en la función TIFFSeekCustomStream in coders/tiff.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2019-13135 – ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS
https://notcve.org/view.php?id=CVE-2019-13135
01 Jul 2019 — ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de "use of uninitialized value" en la función ReadCUTImage in coders/cut.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-456: Missing Initialization of a Variable CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-13134 – ImageMagick: a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c
https://notcve.org/view.php?id=CVE-2019-13134
01 Jul 2019 — ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de fuga de memoria en la función ReadVIFFImage in coders/viff.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bo... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-13133 – ImageMagick: a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c
https://notcve.org/view.php?id=CVE-2019-13133
01 Jul 2019 — ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de fuga de memoria en la función ReadBMPImage in coders/bmp.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bounds... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2019-12979 – imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c
https://notcve.org/view.php?id=CVE-2019-12979
26 Jun 2019 — ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función SyncImageSettings en MagickCore/image.c. Esto está relacionado con AcquireImage en magick/image.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-456: Missing Initialization of a Variable CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12978 – imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c
https://notcve.org/view.php?id=CVE-2019-12978
26 Jun 2019 — ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función ReadPANGOImage en coders/pango.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-456: Missing Initialization of a Variable CWE-665: Improper Initialization •