CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-16412
https://notcve.org/view.php?id=CVE-2018-16412
03 Sep 2018 — ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. ImageMagick 7.0.8-11 Q16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función ParseImageResourceBlocks en coders/psd.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 2CVE-2018-16413 – Ubuntu Security Notice USN-6980-1
https://notcve.org/view.php?id=CVE-2018-16413
03 Sep 2018 — ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. ImageMagick 7.0.8-11 Q16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función PushShortPixel en MagickCore/quantum-private.h cuando se llama desde la función ParseImageResourceBlocks en coders/psd.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user o... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16329
https://notcve.org/view.php?id=CVE-2018-16329
01 Sep 2018 — In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c. En ImageMagick en versiones anteriores a la 7.0.8-8, existe una desreferencia de puntero NULL en la función GetMagickProperty en MagickCore/property.c. • https://github.com/ImageMagick/ImageMagick/issues/1225 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16328 – ImageMagick: NULL pointer dereference in CheckEventLogging function in MagickCore/log.c
https://notcve.org/view.php?id=CVE-2018-16328
01 Sep 2018 — In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. En ImageMagick en versiones anteriores a la 7.0.8-8, existe una desreferencia de puntero NULL en la función CheckEventLogging en MagickCore/log.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bou... • https://github.com/ImageMagick/ImageMagick/issues/1224 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 17%CPEs: 7EXPL: 3CVE-2018-16323 – ImageMagick - Memory Leak
https://notcve.org/view.php?id=CVE-2018-16323
01 Sep 2018 — ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data. ReadXBMImage en coders/xbm.c en ImageMagick en versiones anteriores a la 7.0.8-9 deja los datos sin inicializar al procesar un archivo XBM que tiene un valor de pixel negativo. Si el código afectado se em... • https://packetstorm.news/files/id/150402 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-15607 – ImageMagick: CPU Exhaustion via crafted input file
https://notcve.org/view.php?id=CVE-2018-15607
21 Aug 2018 — In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. En ImageMagick 7.0.8-11 Q16, un archivo de entrada pequeño 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36... • http://www.securityfocus.com/bid/105137 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-14551 – Ubuntu Security Notice USN-3785-1
https://notcve.org/view.php?id=CVE-2018-14551
23 Jul 2018 — The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption. La función ReadMATImageV4 en coders/mat.c en ImageMagick 7.0.8-7 emplea una variable no inicializada, lo que conduce a una corrupción de memoria. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update includes a default policy change that disables support for the Postscript and PDF formats in ImageMagick. This p... • https://github.com/ImageMagick/ImageMagick/issues/1221 • CWE-787: Out-of-bounds Write CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-14434 – ImageMagick: memory leak for a colormap in WriteMPCImage in coders/mpc.c
https://notcve.org/view.php?id=CVE-2018-14434
20 Jul 2018 — ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. ImageMagick 7.0.8-4 tiene una fuga de memoria en un mapa de color en WriteMPCImage en coders/mpc.c. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update includes a default policy change that disables support for the Postscript and PDF formats in ImageMagick. This policy can be overridden if necessary by using an alternate ImageMagick policy configurat... • https://github.com/ImageMagick/ImageMagick/issues/1192 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-14435 – ImageMagick: memory leak in DecodeImage in coders/pcd.c
https://notcve.org/view.php?id=CVE-2018-14435
20 Jul 2018 — ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. ImageMagick 7.0.8-4 tiene una fuga de memoria en DecodeImage en coders/pcd.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://github.com/ImageMagick/ImageMagick/issues/1193 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-14436 – ImageMagick: memory leak in ReadMIFFImage in coders/miff.c
https://notcve.org/view.php?id=CVE-2018-14436
20 Jul 2018 — ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c. ImageMagick 7.0.8-4 tiene una fuga de memoria en ReadMIFFImage en coders/miff.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://github.com/ImageMagick/ImageMagick/issues/1191 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •