CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 1CVE-2019-11006 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2019-11006
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre lectura de búfer basada en memoria dinámica (heap) en la función ReadMIFFImage de coders/miff.c, que permite a los atacantes causar una denegación de servicio o divulgación de información a través de un paquete RLE. It was dis... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f7610c1281c1 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 1CVE-2019-11005 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11005
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. Se ha detectado una vulnerabilidad de desbordamiento de búfer basado en pila en GraphicsMagick 1.4 snapshot-20190322 Q8 en la función SVGStartElement en coders/svg.c. Esta vulnerabilidad permitiría a un atacante remoto generar ... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b6fb77d7d54d • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-7397 – ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
https://notcve.org/view.php?id=CVE-2019-7397
05 Feb 2019 — In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. En ImageMagick, en versiones anteriores a la 7.0.8-25, y GraphicsMagick, hasta la versión 1.3.31, existen varias vulnerabilidades de fuga de memoria en WritePDFImage en coders/pdf.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker c... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-18544 – ImageMagick: memory leak in WriteMSLImage of coders/msl.c
https://notcve.org/view.php?id=CVE-2018-18544
21 Oct 2018 — There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. Hay una fuga de memoria en la función WriteMSLImage en coders/msl.c en ImageMagick 7.0.8-13 Q16, así como en la función ProcessMSLScript de coders/msl.c en GraphicsMagick en versiones anteriores a la 1.3.31. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image format... • http://hg.code.sf.net/p/graphicsmagick/code/file/233618f8fe82/ChangeLog • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-6799
https://notcve.org/view.php?id=CVE-2018-6799
07 Feb 2018 — The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used. La función AcquireCacheNexus en magick/pixel_cache.c en GraphicsMagick en versiones anteriores a la 1.3.28 permite que los atacantes remotos provoquen una denegación de servicio (sobrescritura de memoria dinámica o heap) o posiblemente provoquen... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b41e2efce6d3 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-10799
https://notcve.org/view.php?id=CVE-2017-10799
03 Jul 2017 — When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). Cuando GraphicsMagick 1.3.25 procesa una imagen DPX (con metadatos que indican un gran ancho) en coders/dpx.c, puede ocurrir una denegación de servicio (OOM) en ReadDPXImage(). • http://hg.code.sf.net/p/graphicsmagick/code/rev/f10b9bb3ca62 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-10800
https://notcve.org/view.php?id=CVE-2017-10800
03 Jul 2017 — When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data. Cuando GraphicsMagick 1.3.25 procesa una imagen MATLAB en coders/mat.c, puede ocurrir una denegación de servicio (OOM) en ReadMATImage() si el tamaño especificado para un objeto MAT es más grande que la cantidad real de datos. • http://hg.code.sf.net/p/graphicsmagick/code/rev/e5761e3a2012 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-10794 – Ubuntu Security Notice USN-4206-1
https://notcve.org/view.php?id=CVE-2017-10794
02 Jul 2017 — When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode. Cuando GraphicsMagick 1.3.25 procesa una imagen RGB TIFF (con metadatos que indican una única muestra por píxel) en coders/tiff.c, ocurre un desbordamiento de búfer. Esto está relacionado con QuantumTransferMode. It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use thi... • http://www.securityfocus.com/bid/99355 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6335 – Ubuntu Security Notice USN-4206-1
https://notcve.org/view.php?id=CVE-2017-6335
14 Mar 2017 — The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file. La función QuantumTransferMode en coders/tiff.c en GraphicsMagick 1.3.25 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites y caída de la aplicación) a través de un pequeño valor de muestras por píxel en un ar... • http://www.openwall.com/lists/oss-security/2017/02/28/2 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2016-8682 – Debian Security Advisory 3746-1
https://notcve.org/view.php?id=CVE-2016-8682
26 Dec 2016 — The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header. La función ReadSCTImage en coders/sct.c en GraphicsMagick 1.3.25 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de una cabecera SCT manipulada. Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can cause denial of service attacks, re... • http://hg.code.sf.net/p/graphicsmagick/code/rev/0a0dfa81906d • CWE-125: Out-of-bounds Read •