CVSS: 7.0EPSS: 0%CPEs: 10EXPL: 2CVE-2019-7307 – Apport contains a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml
https://notcve.org/view.php?id=CVE-2019-7307
09 Jul 2019 — Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on the system and so cause Apport to include the contents of this other file in the resulting crash report. The crash report could then be read by that user either by causing it to be uploaded and reported to Launchpad,... • https://packetstorm.news/files/id/172858 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-13311 – ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error
https://notcve.org/view.php?id=CVE-2019-13311
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. ImageMagick versión 7.0.8-50 Q16 existe una vulnerabilidad de fuga de memoria en AcquireMagickMemory debido a un error en wand/mogrify.c A flaw was found in ImageMagick, containing memory leaks of AcquireMagickMemory due to a wand/mogrify.c error. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the function MogrifyImageList(). An attacker could ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-13310 – ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c
https://notcve.org/view.php?id=CVE-2019-13310
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. ImageMagick versión 7.0.8-50 Q16 tiene fugas de memoria en AcquireMagickMemory debido a un error en MagickWand/mogrify.c. A flaw was found in ImageMagick version 7.0.8-50 Q16, containing memory leaks of AcquireMagickMemory due to an error found in MagickWand/mogrify.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the function Mogrif... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-13309 – ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages
https://notcve.org/view.php?id=CVE-2019-13309
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. ImageMagick versión 7.0.8-50 Q16 tiene fugas de memoria en AcquireMagickMemory debido a la mala gestión del error NoSuchImage en CLIListOperatorImages en MagickWand/operation.c. A flaw was found in ImageMagick version 7.0.8-50 Q16, containing memory leaks of AcquireMagickMemory due to the mishandling of the NoSuchImage error in CLIListOperatorImage... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13308 – Debian Security Advisory 4712-1
https://notcve.org/view.php?id=CVE-2019-13308
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage. ImageMagick versión 7.0.8-50 Q16 presenta una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en MagickCore/fourier.c en ComplexImage. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13307 – ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows
https://notcve.org/view.php?id=CVE-2019-13307
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. ImageMagick versión 7.0.8-50 Q16 presenta una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en MagickCore/statistic.c en EvaluateImages debido a la mala gestión de las filas. A heap-based buffer overflow was discovered in ImageMagick in the way it parses images when using the evaluate-sequence option. Applications compiled against ImageMagick librar... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13306 – ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors
https://notcve.org/view.php?id=CVE-2019-13306
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. ImageMagick versión 7.0.8-50 Q16 tiene un desbordamiento de búfer basado en pila en coders/pnm.c en WritePNMImage debido a los errores de superación de límite (off-by-one). A stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to off-by-one errors. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM i... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-13305 – ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error
https://notcve.org/view.php?id=CVE-2019-13305
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error. ImageMagick versión 7.0.8-50 Q16 tiene un desbordamiento de búfer basado en pila en coders/pnm.c en WritePNMImag debido al mal uso de strncpy y un error por un paso. A stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to a misplaced strncpy and off-by-one errors. Applications compiled against ImageMagick libraries that... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-13304 – ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment
https://notcve.org/view.php?id=CVE-2019-13304
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment. ImageMagick versión 7.0.8-50 Q16 tiene un desbordamiento de búfer basado en pila en coders/pnm.c en WritePNMImage debido a una asignación modificada. A stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to a misplaced assignment. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM images may be ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 2CVE-2019-13301 – ImageMagick: memory leaks in AcquireMagickMemory
https://notcve.org/view.php?id=CVE-2019-13301
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error. ImageMagick versión 7.0.8-50 Q16 tiene fugas de memoria en AcquireMagickMemory debido a un error de AnnotateImage. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or potentially leak sensitive information. These v... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •