CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 1CVE-2019-11006 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2019-11006
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre lectura de búfer basada en memoria dinámica (heap) en la función ReadMIFFImage de coders/miff.c, que permite a los atacantes causar una denegación de servicio o divulgación de información a través de un paquete RLE. It was dis... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f7610c1281c1 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 1CVE-2019-11005 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11005
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. Se ha detectado una vulnerabilidad de desbordamiento de búfer basado en pila en GraphicsMagick 1.4 snapshot-20190322 Q8 en la función SVGStartElement en coders/svg.c. Esta vulnerabilidad permitiría a un atacante remoto generar ... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b6fb77d7d54d • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-7397 – ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
https://notcve.org/view.php?id=CVE-2019-7397
05 Feb 2019 — In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. En ImageMagick, en versiones anteriores a la 7.0.8-25, y GraphicsMagick, hasta la versión 1.3.31, existen varias vulnerabilidades de fuga de memoria en WritePDFImage en coders/pdf.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker c... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-18544 – ImageMagick: memory leak in WriteMSLImage of coders/msl.c
https://notcve.org/view.php?id=CVE-2018-18544
21 Oct 2018 — There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. Hay una fuga de memoria en la función WriteMSLImage en coders/msl.c en ImageMagick 7.0.8-13 Q16, así como en la función ProcessMSLScript de coders/msl.c en GraphicsMagick en versiones anteriores a la 1.3.31. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image format... • http://hg.code.sf.net/p/graphicsmagick/code/file/233618f8fe82/ChangeLog • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9018 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2018-9018
25 Mar 2018 — In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file. En GraphicsMagick 1.3.28 hay una división entre cero en la fucnción ReadMNGImage en coders/png.c. Los atacantes remotos podrían aprovechar esta vulnerabilidad para provocar un cuerre inesperado y una denegación de servicio (DoS) mediante un archivo mng manipulado. It was discovered that GraphicsMagi... • http://www.securityfocus.com/bid/103526 • CWE-369: Divide By Zero •