CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-12672 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2020-12672
06 May 2020 — GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. GraphicsMagick versiones hasta 1.3.35, presenta un desbordamiento del búfer en la región heap de la memoria en la función ReadMNGImage en el archivo coders/png.c. It was discovered that GraphicsMagick was not properly performing bounds checks when processing TGA image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted TGA image file, a... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-10938 – Debian Security Advisory 4675-1
https://notcve.org/view.php?id=CVE-2020-10938
24 Mar 2020 — GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. GraphicsMagick versiones anteriores a la versión 1.3.35, tiene un desbordamiento de enteros y un desbordamiento del búfer en la región heap de la memoria en la función HuffmanDecodeImage en el archivo magick/compress.c. Several vulnerabilities have been discovered in GraphicsMagick, a set of command-line applications to manipulate image files, which could result in inform... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 3%CPEs: 6EXPL: 0CVE-2019-12921 – Debian Security Advisory 4675-1
https://notcve.org/view.php?id=CVE-2019-12921
18 Mar 2020 — In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. En GraphicsMagick versiones anteriores a 1.3.32, el componente text filename permite a atacantes remotos leer archivos arbitrarios por medio de una imagen diseñada debido a TranslateTextEx para SVG. Several vulnerabilities have been discovered in GraphicsMagick, a set of command-line applications to manipulate image files, which could result in ... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-11506 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11506
24 Apr 2019 — In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c. En GraphicsMagick, desde la versión 1.3.30 hasta la 1.4 snapshot-20190403 Q8, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función WriteMATLABImage d... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/57ac0ae85e2a • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-11505 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11505
24 Apr 2019 — In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c. En GraphicsMagick, desde la versión 1.3.8 hasta la 1.4 snapshot-20190403 Q8, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función WritePDBImage de... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/85f5bdcd246a • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11010 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11010
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una fuga de memoria en la función ReadMPCImage de coders/mpc.c, que permite a los atacantes causar una denegación de servicio a través de un archivo de imagen elaborado. handling problems and cases of missing or incomplete input sanitising may result in denial of service, ... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/a348d9661019 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 1CVE-2019-11009 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11009
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre-lectura de búfer basada en pilas en la función ReadXWDImage de coders/xwd.c, que permite a los atacantes causar una denegación de servicio o revelación de información a través de un archivo de imagen diseñado. handling pr... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/7cff2b1792de • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 1CVE-2019-11008 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11008
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función WriteXWDImage de coders/xwd.c, que permite a los atacantes remotos causar una denegación de servicio (cierre ines... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d823d23a474b • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2019-11007 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2019-11007
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre-lectura de búfer basada en pilas en la función ReadMNGImage de coders/png.c, que permite a los atacantes causar una denegación de servicio o revelación de información a través de un mapa de color de imagen. handling problems... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/40fc71472b98 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 1CVE-2019-11006 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2019-11006
08 Apr 2019 — In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. En GraphicsMagick 1.4 snapshot-20190322 Q8, hay una sobre lectura de búfer basada en memoria dinámica (heap) en la función ReadMIFFImage de coders/miff.c, que permite a los atacantes causar una denegación de servicio o divulgación de información a través de un paquete RLE. It was dis... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f7610c1281c1 • CWE-125: Out-of-bounds Read •