CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13300 – ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns
https://notcve.org/view.php?id=CVE-2019-13300
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns. ImageMagick versión 7.0.8-50 Q16 tiene un desbordamiento de búfer basado en memoria dinámica (heap) en MagickCore/statistic.c en EvaluateImages debido a la gestión incorrecta de las columnas. A heap-based buffer overflow was discovered in ImageMagick in the way it applies a value with arithmetic, relational, or logical operators to an image due to mishandling columns. Applica... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-13299
https://notcve.org/view.php?id=CVE-2019-13299
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel. ImageMagick versión 7.0.8-50 Q16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en MagickCore/pixel-accessor.h en GetPixelChannel. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-13298
https://notcve.org/view.php?id=CVE-2019-13298
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error. ImageMagick versión 7.0.8-50 Q16, presenta un desbordamiento de búfer en la región heap de la memoria en el archivo MagickCore/pixel-accessor.h en la función SetPixelViaPixelInfo debido a un error del archivo MagickCore/enh.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-13297 – ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled
https://notcve.org/view.php?id=CVE-2019-13297
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled. ImageMagick versión 7.0.8-50 Q16, presenta una lectura excesiva del búfer en la región heap de la memoria en el archivo MagickCore/threshold.c en la función AdaptiveThresholdImage porque una altura de cero se maneja inapropiadamente. A heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-13296
https://notcve.org/view.php?id=CVE-2019-13296
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value. ImageMagick versión 7.0.8-50 Q16, presenta pérdidas de memoria directa en la función AcquireMagickMemory debido a un error en CLIListOperatorImages en el archivo MagickWand/operation.c para un valor NULL. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-13295 – ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled
https://notcve.org/view.php?id=CVE-2019-13295
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. ImageMagick versión 7.0.8-50 Q16, presenta una lectura excesiva del búfer en la región heap de la memoria en el archivo MagickCore/threshold.c en la función AdaptiveThresholdImage porque un ancho de cero se maneja inapropiadamente. A heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based on ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-13137 – Debian Security Advisory 4712-1
https://notcve.org/view.php?id=CVE-2019-13137
01 Jul 2019 — ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de fuga de memoria en la función ReadPSImage in coders/ps. Handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-13136
https://notcve.org/view.php?id=CVE-2019-13136
01 Jul 2019 — ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de desbordamiento de enteros en la función TIFFSeekCustomStream in coders/tiff.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2019-13135 – ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS
https://notcve.org/view.php?id=CVE-2019-13135
01 Jul 2019 — ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de "use of uninitialized value" en la función ReadCUTImage in coders/cut.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-456: Missing Initialization of a Variable CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-13134 – ImageMagick: a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c
https://notcve.org/view.php?id=CVE-2019-13134
01 Jul 2019 — ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de fuga de memoria en la función ReadVIFFImage in coders/viff.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bo... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •