CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 1CVE-2019-15140 – ImageMagick: Use after free in ReadMATImage in coders/mat.c
https://notcve.org/view.php?id=CVE-2019-15140
18 Aug 2019 — coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c. El archivo coders/mat.c en ImageMagick versión 7.0.8-43 Q16, permite a atacantes remotos causar una denegación de servicio (uso de memoria previamente liberada y bloqueo de aplicación) o posiblemente tener otro impacto no especificado mediante e... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-15141 – ImageMagick: heap-based buffer overflow in WriteTIFFImage in coders/tiff.c
https://notcve.org/view.php?id=CVE-2019-15141
18 Aug 2019 — WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597. En la función WriteTIFFImage en el archivo coders/tiff.c en ImageMagick versión 7.0.8-43 Q16, permite a... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13454 – ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c
https://notcve.org/view.php?id=CVE-2019-13454
09 Jul 2019 — ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. ImageMagick versión 7.0.8-54 Q16, permite la División por Cero en la función RemoveDuplicateLayers en el archivo MagickCore/layer.c. ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially cr... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-369: Divide By Zero •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-13391 – Ubuntu Security Notice USN-4192-1
https://notcve.org/view.php?id=CVE-2019-13391
07 Jul 2019 — In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels. En ImageMagick versión 7.0.8-50 Q16, la función ComplexImages en el archivo MagickCore/fourier.c, presenta una lectura excesiva del búfer en la región heap de la memoria debido a llamadas incorrectas a GetCacheViewVirtualPixels. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using Ima... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-13311 – ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error
https://notcve.org/view.php?id=CVE-2019-13311
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. ImageMagick versión 7.0.8-50 Q16 existe una vulnerabilidad de fuga de memoria en AcquireMagickMemory debido a un error en wand/mogrify.c A flaw was found in ImageMagick, containing memory leaks of AcquireMagickMemory due to a wand/mogrify.c error. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the function MogrifyImageList(). An attacker could ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-13310 – ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c
https://notcve.org/view.php?id=CVE-2019-13310
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. ImageMagick versión 7.0.8-50 Q16 tiene fugas de memoria en AcquireMagickMemory debido a un error en MagickWand/mogrify.c. A flaw was found in ImageMagick version 7.0.8-50 Q16, containing memory leaks of AcquireMagickMemory due to an error found in MagickWand/mogrify.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the function Mogrif... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-13309 – ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages
https://notcve.org/view.php?id=CVE-2019-13309
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. ImageMagick versión 7.0.8-50 Q16 tiene fugas de memoria en AcquireMagickMemory debido a la mala gestión del error NoSuchImage en CLIListOperatorImages en MagickWand/operation.c. A flaw was found in ImageMagick version 7.0.8-50 Q16, containing memory leaks of AcquireMagickMemory due to the mishandling of the NoSuchImage error in CLIListOperatorImage... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13308 – Debian Security Advisory 4712-1
https://notcve.org/view.php?id=CVE-2019-13308
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage. ImageMagick versión 7.0.8-50 Q16 presenta una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en MagickCore/fourier.c en ComplexImage. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or ... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13307 – ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows
https://notcve.org/view.php?id=CVE-2019-13307
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. ImageMagick versión 7.0.8-50 Q16 presenta una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en MagickCore/statistic.c en EvaluateImages debido a la mala gestión de las filas. A heap-based buffer overflow was discovered in ImageMagick in the way it parses images when using the evaluate-sequence option. Applications compiled against ImageMagick librar... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-13306 – ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors
https://notcve.org/view.php?id=CVE-2019-13306
05 Jul 2019 — ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. ImageMagick versión 7.0.8-50 Q16 tiene un desbordamiento de búfer basado en pila en coders/pnm.c en WritePNMImage debido a los errores de superación de límite (off-by-one). A stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to off-by-one errors. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM i... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •