CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 1CVE-2019-11009 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11009
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre-lectura de búfer basada en pilas en la función ReadXWDImage de coders/xwd.c, que permite a los atacantes causar una denegación de servicio o revelación de información a través de un archivo de imagen diseñado. handling pr... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/7cff2b1792de • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 1CVE-2019-11008 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11008
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función WriteXWDImage de coders/xwd.c, que permite a los atacantes remotos causar una denegación de servicio (cierre ines... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d823d23a474b • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 1%CPEs: 8EXPL: 0CVE-2019-11007 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11007
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre-lectura de búfer basada en pilas en la función ReadMNGImage de coders/png.c, que permite a los atacantes causar una denegación de servicio o revelación de información a través de un mapa de color de imagen. handling problems... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/40fc71472b98 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 1CVE-2019-11006 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2019-11006
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre lectura de búfer basada en memoria dinámica (heap) en la función ReadMIFFImage de coders/miff.c, que permite a los atacantes causar una denegación de servicio o divulgación de información a través de un paquete RLE. It was dis... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f7610c1281c1 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 1CVE-2019-11005 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11005
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. Se ha detectado una vulnerabilidad de desbordamiento de búfer basado en pila en GraphicsMagick 1.4 snapshot-20190322 Q8 en la función SVGStartElement en coders/svg.c. Esta vulnerabilidad permitiría a un atacante remoto generar ... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b6fb77d7d54d • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-7397 – ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
https://notcve.org/view.php?id=CVE-2019-7397
05 Feb 2019 — In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. En ImageMagick, en versiones anteriores a la 7.0.8-25, y GraphicsMagick, hasta la versión 1.3.31, existen varias vulnerabilidades de fuga de memoria en WritePDFImage en coders/pdf.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker c... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-20189 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2018-20189
17 Dec 2018 — In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization. En GraphicsMagick 1.3.31, la función ReadDIBImage de coders/dib.c tiene una vulnerabilidad que permite un cierre inesperado y una denegación de servicio (DoS) mediante un archivo dib que está manipulado par... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e2b406589 • CWE-20: Improper Input Validation •