CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-14980 – ImageMagick: use-after-free in magick/blob.c resulting in a denial of service
https://notcve.org/view.php?id=CVE-2019-14980
12 Aug 2019 — In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. En ImageMagick versiones 7.x anteriores a 7.0.8-42 y versiones 6.x anteriores a 6.9.10-42, hay una vulnerabilidad de uso de la memoria previamente liberada en la función UnmapBlob que permite a un atacante causar una denegación de servicio mediante el envío de un archivo especialmente diseñado. ImageMagi... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 1%CPEs: 7EXPL: 1CVE-2019-13137 – Debian Security Advisory 4712-1
https://notcve.org/view.php?id=CVE-2019-13137
01 Jul 2019 — ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de fuga de memoria en la función ReadPSImage in coders/ps. Handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-13136
https://notcve.org/view.php?id=CVE-2019-13136
01 Jul 2019 — ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de desbordamiento de enteros en la función TIFFSeekCustomStream in coders/tiff.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 21EXPL: 0CVE-2019-13135 – ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS
https://notcve.org/view.php?id=CVE-2019-13135
01 Jul 2019 — ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de "use of uninitialized value" en la función ReadCUTImage in coders/cut.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-456: Missing Initialization of a Variable CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-13134 – ImageMagick: a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c
https://notcve.org/view.php?id=CVE-2019-13134
01 Jul 2019 — ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de fuga de memoria en la función ReadVIFFImage in coders/viff.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bo... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-13133 – ImageMagick: a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c
https://notcve.org/view.php?id=CVE-2019-13133
01 Jul 2019 — ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c. ImageMagick en versiones anteriores a la 7.0.8-50 tiene una vulnerabilidad de fuga de memoria en la función ReadBMPImage in coders/bmp.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bounds... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-12805 – ImageMagick: memory exhaustion in function ReadTIFFImage causing denial of service
https://notcve.org/view.php?id=CVE-2017-12805
09 May 2019 — In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. En ImageMagick versión 7.0.6-6, se encontró una vulnerabilidad de agotamiento de la memoria en la función ReadTIFFImage, que permite a los atacantes generar una Denegación de Servicio (DoS). It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a special... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-12806 – ImageMagick: memory exhaustion in function format8BIM causing denial of service
https://notcve.org/view.php?id=CVE-2017-12806
09 May 2019 — In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service. En ImageMagick 7.0.6-6, se encontró una vulnerabilidad de agotamiento de memoria en la función format8BIM, que permite a los atacantes causar una denegación de servicio. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2019-10131 – ImageMagick: off-by-one read in formatIPTCfromBuffer function in coders/meta.c
https://notcve.org/view.php?id=CVE-2019-10131
30 Apr 2019 — An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. Se encontró una vulnerabilidad de lectura off-by-one en ImageMagick anterior a la versión 7.0.7-28 en la función formatIPTCfromBuffer en coders/meta.c. Un atacante local puede utilizar este fallo para leer más allá del final del búfer o para bloquear el programa. An off-by... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html • CWE-193: Off-by-one Error •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-10714
https://notcve.org/view.php?id=CVE-2019-10714
02 Apr 2019 — LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV. En ImageMagick, en versiones anteriores a la 7.0.8-32, LocaleLowercase en MagickCore/locale.c permite un acceso fuera de límties, conduciendo a un SIGSEGV. • https://github.com/ImageMagick/ImageMagick/commit/07eebcd72f45c8fd7563d3f9ec5d2bed48f65f36 • CWE-125: Out-of-bounds Read •