CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12977 – Debian Security Advisory 4712-1
https://notcve.org/view.php?id=CVE-2019-12977
26 Jun 2019 — ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función WriteJP2Image en coders/jp2.c. Handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-12976 – imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c
https://notcve.org/view.php?id=CVE-2019-12976
26 Jun 2019 — ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. ImageMagick versión 7.0.8-34 tiene una pérdida de memoria en la función ReadPCLImage en coders/pcl.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the ReadPCLImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An attacker could abuse this fla... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-12975 – imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c
https://notcve.org/view.php?id=CVE-2019-12975
26 Jun 2019 — ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de pérdida de memoria en la función WriteDPXImage en coders/dpx.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the WriteDPXImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them cras... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12974 – imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service
https://notcve.org/view.php?id=CVE-2019-12974
26 Jun 2019 — A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image. Una desreferencia de puntero NULL en la función ReadPANGOImage en coders/pango.c y la función ReadVIDImage en coders/vid.c en ImageMagick versión 7.0.8-34 permite a los atacantes remotos provocar una denegación de servicio a través de una imagen diseñada. It was discovered that ImageMagick i... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-12805 – ImageMagick: memory exhaustion in function ReadTIFFImage causing denial of service
https://notcve.org/view.php?id=CVE-2017-12805
09 May 2019 — In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. En ImageMagick versión 7.0.6-6, se encontró una vulnerabilidad de agotamiento de la memoria en la función ReadTIFFImage, que permite a los atacantes generar una Denegación de Servicio (DoS). It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a special... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-12806 – ImageMagick: memory exhaustion in function format8BIM causing denial of service
https://notcve.org/view.php?id=CVE-2017-12806
09 May 2019 — In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service. En ImageMagick 7.0.6-6, se encontró una vulnerabilidad de agotamiento de memoria en la función format8BIM, que permite a los atacantes causar una denegación de servicio. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2019-10131 – ImageMagick: off-by-one read in formatIPTCfromBuffer function in coders/meta.c
https://notcve.org/view.php?id=CVE-2019-10131
30 Apr 2019 — An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. Se encontró una vulnerabilidad de lectura off-by-one en ImageMagick anterior a la versión 7.0.7-28 en la función formatIPTCfromBuffer en coders/meta.c. Un atacante local puede utilizar este fallo para leer más allá del final del búfer o para bloquear el programa. An off-by... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html • CWE-193: Off-by-one Error •
CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 1CVE-2019-11598 – ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure
https://notcve.org/view.php?id=CVE-2019-11598
29 Apr 2019 — In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c. En ImageMagick versión 7.0.8-40 Q16, Hay una lectura excesiva de búfer en la región heap de la memoria en la función WritePNMImage del archivo coders/pnm.c, que permite que un atacante genere una Denegación de Servicio ... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 3%CPEs: 1EXPL: 1CVE-2019-11597 – ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure
https://notcve.org/view.php?id=CVE-2019-11597
29 Apr 2019 — In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. ImageMagick en la versión 7.0.8-43 Q16, tiene una sobre-lectura de búfer basada en pilas en la función WriteTIFFImage de coders/tiff.c, que permite a un atacante causar una denegación de servicio o posiblemente la divulgación de información a través de un archivo de imagen diseña... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 4%CPEs: 1EXPL: 1CVE-2019-11472 – ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component
https://notcve.org/view.php?id=CVE-2019-11472
23 Apr 2019 — ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first. ReadXWDImage en coders/xwd.c en el componente de análisis de imágenes XWD de ImageMagick 7.0.8-41 Q16 permite a los atacantes causar una denegación de servicio (error de división por cero) al crear un archivo de imagen XWD en el que el encabezado indica ni L... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html • CWE-248: Uncaught Exception CWE-369: Divide By Zero •