CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-14138
https://notcve.org/view.php?id=CVE-2017-14138
04 Sep 2017 — ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors. ImageMagick 7.0.6-5 tiene una vulnerabilidad de fuga de memoria en ReadWEBPImage in coders/webp.c ya que la memoria no se libera en algunos casos de error, tal y como lo demuestran los errores VP8. • https://github.com/ImageMagick/ImageMagick/issues/639 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1CVE-2017-12693 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-12693
01 Sep 2017 — The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file. La función ReadBMPImage en coders/bmp.c de ImageMagick 7.0.6-6 permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante un archivo BMP manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a ... • https://github.com/ImageMagick/ImageMagick/issues/652 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1CVE-2017-12692 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-12692
01 Sep 2017 — The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file. La función ReadVIFFImage en coders/viff.c de ImageMagick 7.0.6-6 permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante un archivo VIFF manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into open... • https://github.com/ImageMagick/ImageMagick/issues/653 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2017-12691 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-12691
01 Sep 2017 — The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. La función ReadOneLayer en coders/xcf.c de ImageMagick 7.0.6-6 permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a speciall... • https://github.com/ImageMagick/ImageMagick/issues/656 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-14060 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14060
31 Aug 2017 — In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file. En ImageMagick 7.0.6-10,existe una vulnerabilidad de desreferencia de puntero NULL en la función ReadCUTImage en coders/cut.c que podría permitir a un atacante provocar una denegación de servicio (en la función QueueAut... • https://github.com/ImageMagick/ImageMagick/issues/710 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13768 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-13768
30 Aug 2017 — Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file. Una desreferencia de puntero NULL en la función IdentifyImage en MagickCore/identify.c en ImageMagick en las versiones 7.0.6-10 permite que los atacantes realicen una denegación de servicio mediante el envío de un archivo de imagen manipulado. It was discovered that ImageMagick incorrectly handled certain malformed im... • http://www.securityfocus.com/bid/100569 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13769 – Debian Security Advisory 4032-1
https://notcve.org/view.php?id=CVE-2017-13769
30 Aug 2017 — The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file. La función WriteTHUMBNAILImage en coders/thumbnail.c de ImageMagick 7.0.6-10 permite que atacantes provoquen una denegación de servicio (sobrelectura de búfer) mediante el envío de un archivo JPEG manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system u... • https://github.com/ImageMagick/ImageMagick/issues/705 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13758 – Debian Security Advisory 4032-1
https://notcve.org/view.php?id=CVE-2017-13758
29 Aug 2017 — In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c. En ImageMagick 7.0.6-10 hay un desbordamiento de búfer basado en montículos en la función TracePoint() en MagickCore/draw.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code w... • http://www.securitytracker.com/id/1039246 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12875 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-12875
29 Aug 2017 — The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file. La función WritePixelCachePixels en ImageMagick 7.0.6-6 permite que atacantes remotos provoquen una denegación de servicio (consumo de CPU) mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an a... • https://github.com/ImageMagick/ImageMagick/issues/659 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12876 – Gentoo Linux Security Advisory 201711-07
https://notcve.org/view.php?id=CVE-2017-12876
28 Aug 2017 — Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. Una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica en enhance.c en ImageMagick en versiones anteriores a la 7.0.6-6 permite que atacantes remotos provoquen una denegación de servicio mediante un archivo manipulado. Multiple vulnerabilities have been found in ImageMagick, the worst of which may allow remote attackers to cause a Denial of Service ... • http://www.openwall.com/lists/oss-security/2017/08/16/3 • CWE-787: Out-of-bounds Write •