CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16641
https://notcve.org/view.php?id=CVE-2018-16641
06 Sep 2018 — ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c. ImageMagick 7.0.8-6 tiene una vulnerabilidad de fuga de memoria en la función TIFFWritePhotoshopLayers en coders/tiff.c. • https://github.com/ImageMagick/ImageMagick/commit/256825d4eb33dc301496710d15cf5a7ae924088b • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-16642 – ImageMagick: out-of-bounds write in InsertRow function in coders/cut.c
https://notcve.org/view.php?id=CVE-2018-16642
06 Sep 2018 — The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write. La función InsertRow en coders/cut.c en ImageMagick 7.0.7-37 permite que atacantes remotos provoquen una denegación de servicio (DoS) mediante un archivo de imagen manipulado debido a una escritura fuera de límites. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update... • https://github.com/ImageMagick/ImageMagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-16643 – ImageMagick: missing check for fputc function in multiple files
https://notcve.org/view.php?id=CVE-2018-16643
06 Sep 2018 — The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file. Las funciones ReadDCMImage en coders/dcm.c, ReadPWPImage en coders/pwp.c, ReadCALSImage en coders/cals.c y ReadPICTImage en coders/pict.c en ImageMagick 7.0.8-4 no comprueban el valor de retorno de la función f... • https://github.com/ImageMagick/ImageMagick/commit/6b6bff054d569a77973f2140c0e86366e6168a6c • CWE-20: Improper Input Validation CWE-252: Unchecked Return Value •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-16644 – ImageMagick: improper check for length in ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c
https://notcve.org/view.php?id=CVE-2018-16644
06 Sep 2018 — There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image. Hay una falta de comprobaciones de longitud en las funciones ReadDCMImage de coders/dcm.c y ReadPICTImage de coders/pict.c en ImageMagick 7.0.8-11, lo que permite que los atacantes remotos provoquen una denegación de servicio (DoS) mediante una imagen manipulada. Due to a large number of i... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-16645 – ImageMagick: Out-of-memory ReadBMPImage of coders/bmp.c and ReadDIBImage of codes/dib.c
https://notcve.org/view.php?id=CVE-2018-16645
06 Sep 2018 — There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file. Hay un problema de asignación de memoria excesiva en las funciones ReadBMPImage en coders/bmp.c y ReadDIBImage en coders/dib.c en ImageMagick 7.0.8-11, que permite que los atacantes remotos provoquen una denegación de servicio (DoS) mediante una imagen manipulada. It was disco... • https://github.com/ImageMagick/ImageMagick/commit/ecb31dbad39ccdc65868d5d2a37f0f0521250832 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-16412
https://notcve.org/view.php?id=CVE-2018-16412
03 Sep 2018 — ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. ImageMagick 7.0.8-11 Q16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función ParseImageResourceBlocks en coders/psd.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-16413 – Ubuntu Security Notice USN-6980-1
https://notcve.org/view.php?id=CVE-2018-16413
03 Sep 2018 — ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. ImageMagick 7.0.8-11 Q16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función PushShortPixel en MagickCore/quantum-private.h cuando se llama desde la función ParseImageResourceBlocks en coders/psd.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user o... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16328 – ImageMagick: NULL pointer dereference in CheckEventLogging function in MagickCore/log.c
https://notcve.org/view.php?id=CVE-2018-16328
01 Sep 2018 — In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. En ImageMagick en versiones anteriores a la 7.0.8-8, existe una desreferencia de puntero NULL en la función CheckEventLogging en MagickCore/log.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bou... • https://github.com/ImageMagick/ImageMagick/issues/1224 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16329
https://notcve.org/view.php?id=CVE-2018-16329
01 Sep 2018 — In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c. En ImageMagick en versiones anteriores a la 7.0.8-8, existe una desreferencia de puntero NULL en la función GetMagickProperty en MagickCore/property.c. • https://github.com/ImageMagick/ImageMagick/issues/1225 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 74%CPEs: 7EXPL: 3CVE-2018-16323 – ImageMagick - Memory Leak
https://notcve.org/view.php?id=CVE-2018-16323
01 Sep 2018 — ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data. ReadXBMImage en coders/xbm.c en ImageMagick en versiones anteriores a la 7.0.8-9 deja los datos sin inicializar al procesar un archivo XBM que tiene un valor de pixel negativo. Si el código afectado se em... • https://packetstorm.news/files/id/150402 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •