CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 1CVE-2019-11009 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11009
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre-lectura de búfer basada en pilas en la función ReadXWDImage de coders/xwd.c, que permite a los atacantes causar una denegación de servicio o revelación de información a través de un archivo de imagen diseñado. handling pr... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/7cff2b1792de • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 1CVE-2019-11008 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11008
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función WriteXWDImage de coders/xwd.c, que permite a los atacantes remotos causar una denegación de servicio (cierre ines... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d823d23a474b • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 1%CPEs: 8EXPL: 0CVE-2019-11007 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11007
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre-lectura de búfer basada en pilas en la función ReadMNGImage de coders/png.c, que permite a los atacantes causar una denegación de servicio o revelación de información a través de un mapa de color de imagen. handling problems... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/40fc71472b98 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 1CVE-2019-11006 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2019-11006
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre lectura de búfer basada en memoria dinámica (heap) en la función ReadMIFFImage de coders/miff.c, que permite a los atacantes causar una denegación de servicio o divulgación de información a través de un paquete RLE. It was dis... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f7610c1281c1 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 1CVE-2019-11005 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11005
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. Se ha detectado una vulnerabilidad de desbordamiento de búfer basado en pila en GraphicsMagick 1.4 snapshot-20190322 Q8 en la función SVGStartElement en coders/svg.c. Esta vulnerabilidad permitiría a un atacante remoto generar ... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b6fb77d7d54d • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-7397 – ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
https://notcve.org/view.php?id=CVE-2019-7397
05 Feb 2019 — In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. En ImageMagick, en versiones anteriores a la 7.0.8-25, y GraphicsMagick, hasta la versión 1.3.31, existen varias vulnerabilidades de fuga de memoria en WritePDFImage en coders/pdf.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker c... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-20189 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2018-20189
17 Dec 2018 — In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization. En GraphicsMagick 1.3.31, la función ReadDIBImage de coders/dib.c tiene una vulnerabilidad que permite un cierre inesperado y una denegación de servicio (DoS) mediante un archivo dib que está manipulado par... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e2b406589 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-18544 – ImageMagick: memory leak in WriteMSLImage of coders/msl.c
https://notcve.org/view.php?id=CVE-2018-18544
21 Oct 2018 — There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. Hay una fuga de memoria en la función WriteMSLImage en coders/msl.c en ImageMagick 7.0.8-13 Q16, así como en la función ProcessMSLScript de coders/msl.c en GraphicsMagick en versiones anteriores a la 1.3.31. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image format... • http://hg.code.sf.net/p/graphicsmagick/code/file/233618f8fe82/ChangeLog • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9018 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2018-9018
25 Mar 2018 — In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file. En GraphicsMagick 1.3.28 hay una división entre cero en la fucnción ReadMNGImage en coders/png.c. Los atacantes remotos podrían aprovechar esta vulnerabilidad para provocar un cuerre inesperado y una denegación de servicio (DoS) mediante un archivo mng manipulado. It was discovered that GraphicsMagi... • http://www.securityfocus.com/bid/103526 • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 1%CPEs: 4EXPL: 1CVE-2017-18229 – Ubuntu Security Notice USN-4266-1
https://notcve.org/view.php?id=CVE-2017-18229
14 Mar 2018 — An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations. Se ha descubierto un problema en GraphicsMagick 1.3.26. Se ha encontrado una vulnerabilidad de error de asignación en la función ReadTIFFImage en coders/tiff.c, lo que permite que atacantes provoquen una de... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/752c0b41fa32 • CWE-770: Allocation of Resources Without Limits or Throttling •