CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-17540 – ImageMagick: heap-based buffer overflow in ReadPSInfo in coders/ps.c
https://notcve.org/view.php?id=CVE-2019-17540
14 Oct 2019 — ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. ImageMagick versiones anteriores a 7.0.8-54, presenta un desbordamiento de búfer en la región heap de la memoria en la función ReadPSInfo en el archivo coders/ps.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, o... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-17547
https://notcve.org/view.php?id=CVE-2019-17547
14 Oct 2019 — In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free. En ImageMagick versiones anteriores a 7.0.8-62, la función TraceBezier en el archivo MagickCore/draw.c presenta una vulnerabilidad de uso de la memoria previamente liberada. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-17541 – ImageMagick: Use after free in ReadICCProfile function in coders/jpeg.c
https://notcve.org/view.php?id=CVE-2019-17541
14 Oct 2019 — ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c. ImageMagick versiones anteriores a 7.0.8-55, presenta una vulnerabilidad de uso de la memoria previamente liberada de la función DestroyStringInfo en el archivo MagickCore/string.c porque el administrador de errores es manejado inapropiadamente en el archivo coders/jpeg.c. ImageMagick is an image display and manipulation tool for the X Window System that can ... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16708 – ImageMagick: memory leak in magick/xwindow.c
https://notcve.org/view.php?id=CVE-2019-16708
23 Sep 2019 — ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo magick/xwindow.c, relacionada con la función XCreateImage. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or potentially leak sensitive information. Th... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-16709 – ImageMagick: memory leak in coders/dps.c
https://notcve.org/view.php?id=CVE-2019-16709
23 Sep 2019 — ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo coders/dps.c, como es demostrado mediante la función XCreateImage. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bounds write, and ... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16710 – ImageMagick: memory leak in coders/dot.c
https://notcve.org/view.php?id=CVE-2019-16710
23 Sep 2019 — ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo coders/dot.c, como es demostrado mediante la función AcquireMagickMemory en archivo MagickCore/memory.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information ... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16711 – ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c
https://notcve.org/view.php?id=CVE-2019-16711
23 Sep 2019 — ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. ImageMagick versión 7.0.8-40, presenta una pérdida de memoria en la función Huffman2DEncodeImage en el archivo coders/ps2.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user inv... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-16712 – ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c
https://notcve.org/view.php?id=CVE-2019-16712
23 Sep 2019 — ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. ImageMagick versión 7.0.8-43, presenta una pérdida de memoria en la función Huffman2DEncodeImage en el archivo coders/ps3.c, como es demostrado mediante WritePS3Image. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a d... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16713 – ImageMagick: memory leak in coders/dot.c
https://notcve.org/view.php?id=CVE-2019-16713
23 Sep 2019 — ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. ImageMagick versión 7.0.8-43, presenta una pérdida de memoria en el archivo coders/dot.c, como es demostrado mediante la función PingImage en el archivo MagickCore/constitut.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, n... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 1CVE-2019-15139 – ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c
https://notcve.org/view.php?id=CVE-2019-15139
18 Aug 2019 — The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472. El componente de análisis de imagen XWD (archivo de volcado de ventana X Window System) en ImageMagick versión 7.0.8-41 Q16, permite a atacantes causar una denegación de servicio (bloqueo de a... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-125: Out-of-bounds Read •