CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-7524
https://notcve.org/view.php?id=CVE-2016-7524
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. El archivo coders/meta.c en ImageMagick permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites) por medio de un archivo diseñado. • http://www.openwall.com/lists/oss-security/2016/09/22/2 https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537422 https://bugzilla.redhat.com/show_bug.cgi?id=1378762 https://github.com/ImageMagick/ImageMagick/commit/97c9f438a9b3454d085895f4d1f66389fd22a0fb https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6 https://github.com/ImageMagick/ImageMagick/issues/96 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2016-7523
https://notcve.org/view.php?id=CVE-2016-7523
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. El archivo coders/meta.c en ImageMagick permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites) por medio de un archivo diseñado. • http://www.openwall.com/lists/oss-security/2016/09/22/2 https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537420 https://bugzilla.redhat.com/show_bug.cgi?id=1378754 https://github.com/ImageMagick/ImageMagick/issues/94 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-19948 – ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c
https://notcve.org/view.php?id=CVE-2019-19948
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. En ImageMagick versión 7.0.8-43 Q16, se presenta un desbordamiento de búfer en la región heap de la memoria en la función WriteSGIImage del archivo coders/sgi.c. A heap-based buffer overflow flaw was discovered in ImageMagick when writing SGI images with improper columns and rows properties. An attacker may trick a victim user into downloading a malicious image file and running it through ImageMagick, possibly executing code onto the victim user's system. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html https://github.com/ImageMagick/ImageMagick/issues/1562 https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html https://usn.ubuntu.com/4549-1 https://www.debian.org/security/2020/dsa-4712 https://www.debian.org/security/2020/dsa-4715 https://access.redhat.com/security/cve/CVE-2019-19948 https://bugzilla.redhat.com/show_bug.cgi?id=1793177 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19952
https://notcve.org/view.php?id=CVE-2019-19952
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage. En ImageMagick versión 7.0.9-7 Q16, se presenta un uso de la memoria previamente liberada en la función MngInfoDiscardObject del archivo coders/png.c, relacionado con ReadOneMNGImage. • https://github.com/ImageMagick/ImageMagick/issues/1791 • CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 1CVE-2019-19949 – ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c
https://notcve.org/view.php?id=CVE-2019-19949
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. En ImageMagick versión 7.0.8-43 Q16, se presenta una lectura excesiva de búfer en la región heap de la memoria en la función WritePNGImage del archivo coders/png.c, relacionada con Magick_png_write_raw_profile y LocaleNCompare. An out-of-bounds read was discovered in ImageMagick when writing PNG images. An attacker may abuse this flaw to trick a victim user into downloading a malicious image file and running it through ImageMagick, causing the application to crash. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html https://github.com/ImageMagick/ImageMagick/issues/1561 https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4549-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-19949 https://bugzilla.redhat.com/show_bug.cgi?id=1792480 • CWE-125: Out-of-bounds Read •