CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-7397 – ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
https://notcve.org/view.php?id=CVE-2019-7397
05 Feb 2019 — In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. En ImageMagick, en versiones anteriores a la 7.0.8-25, y GraphicsMagick, hasta la versión 1.3.31, existen varias vulnerabilidades de fuga de memoria en WritePDFImage en coders/pdf.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker c... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-7398 – ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c
https://notcve.org/view.php?id=CVE-2019-7398
05 Feb 2019 — In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. En ImageMagick en versiones anteriores a la 7.0.8-25, existe una vulnerabilidad de fuga de memoria en WriteDIBImage en coders/dib.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges ... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2018-20467 – ImageMagick: infinite loop in coders/bmp.c
https://notcve.org/view.php?id=CVE-2018-20467
26 Dec 2018 — In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. En coders/bmp.c en ImageMagick en versiones anteriores a la 7.0.8-16, un archivo de entradas puede resultar en un bucle infinito y un bloqueo, con un gran consumo de CPU y memoria. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación d... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-18544 – ImageMagick: memory leak in WriteMSLImage of coders/msl.c
https://notcve.org/view.php?id=CVE-2018-18544
21 Oct 2018 — There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. Hay una fuga de memoria en la función WriteMSLImage en coders/msl.c en ImageMagick 7.0.8-13 Q16, así como en la función ProcessMSLScript de coders/msl.c en GraphicsMagick en versiones anteriores a la 1.3.31. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image format... • http://hg.code.sf.net/p/graphicsmagick/code/file/233618f8fe82/ChangeLog • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18023 – Ubuntu Security Notice USN-4034-1
https://notcve.org/view.php?id=CVE-2018-18023
07 Oct 2018 — In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en ImageMagick 7.0.8-13 Q16, en la función SVGStripString de coders/svg.c que permite que atacantes provoquen una denegación de servicio (DoS) mediante un archivo de imagen SVG manipulado. It was discovered that ImageMagick incorrectly handled certai... • https://github.com/ImageMagick/ImageMagick/issues/1336 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18024 – ImageMagick: infinite loop in the ReadBMPImage function of the coders/bmp.c
https://notcve.org/view.php?id=CVE-2018-18024
07 Oct 2018 — In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. En ImageMagick 7.0.8-13 Q16, hay un bucle infinito en la función ReadBMPImage del archivo coders/bmp.c. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo bmp manipulado. • https://github.com/ImageMagick/ImageMagick/issues/1337 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-18025 – Ubuntu Security Notice USN-6980-1
https://notcve.org/view.php?id=CVE-2018-18025
07 Oct 2018 — In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en ImageMagick 7.0.8-13 Q16, en la función EncodeImage de coders/pict.c que permite que atacantes provoquen una denegación de servicio (DoS) mediante un archivo de imagen SVG manipulado. It was discovered that ImageMagick incorrectly handled certain ma... • https://github.com/ImageMagick/ImageMagick/issues/1335 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-18016 – ImageMagick: memory leak in WritePCXImage in coders/pcx.c
https://notcve.org/view.php?id=CVE-2018-18016
05 Oct 2018 — ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. ImageMagick 7.0.7-28 tiene una vulnerabilidad de fuga de memoria en WritePCXImage en coders/pcx.c. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-18016 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17965
https://notcve.org/view.php?id=CVE-2018-17965
03 Oct 2018 — ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c. ImageMagick 7.0.7-28 tiene una vulnerabilidad de fuga de memoria en WriteSGIImage en coders/sgi.c. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-17965 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17966 – ImageMagick: memory leak in WritePDBImage in coders/pdb.c
https://notcve.org/view.php?id=CVE-2018-17966
03 Oct 2018 — ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c. ImageMagick 7.0.7-28 tiene una vulnerabilidad de fuga de memoria en WritePDBImage en coders/pdb.c. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-17966 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •