Lucene search
K

551 matches found

NVD
NVD
added 2020/12/08 10:15 p.m.19 views

CVE-2020-27750

A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char and math division by zero. This would...

5.5CVSS5.6AI score0.00982EPSS
Exploits1References3
OSV
OSV
added 2020/12/08 10:15 p.m.25 views

CVE-2020-27750

A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char and math division by zero. This would...

5.5CVSS6.1AI score
Exploits0References3
OSV
OSV
added 2020/12/08 10:15 p.m.23 views

CVE-2020-25674

WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...

5.5CVSS6.4AI score
Exploits0References3
OSV
OSV
added 2020/12/08 10:15 p.m.27 views

CVE-2020-27751

A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long as well as a shift exponent that is too large for 64-bit type...

3.3CVSS6.2AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/12/08 10:15 p.m.27 views

CVE-2020-27756

In ParseMetaGeometry of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses...

5.5CVSS6.8AI score0.00833EPSS
Exploits1References2
Prion
Prion
added 2020/12/08 10:15 p.m.19 views

Design/Logic Flaw

A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long. This would most likely lead to an impact to application availability, but...

4.3CVSS3.4AI score0.01124EPSS
Exploits1References3Affected Software2
Prion
Prion
added 2020/12/08 10:15 p.m.25 views

Design/Logic Flaw

A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long as well as a shift exponent that is too large for 64-bit type...

4.3CVSS3.4AI score0.01114EPSS
Exploits1References3Affected Software2
Prion
Prion
added 2020/12/08 10:15 p.m.19 views

Design/Logic Flaw

A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char and math division by zero. This would...

4.3CVSS5.3AI score0.00982EPSS
Exploits1References3Affected Software2
UbuntuCve
UbuntuCve
added 2020/12/08 10:15 p.m.26 views

CVE-2020-27751

A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long as well as a shift exponent that is too large for 64-bit type...

4.3CVSS6.7AI score0.01114EPSS
Exploits1References2
Prion
Prion
added 2020/12/08 10:15 p.m.23 views

Heap overflow

WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...

4.3CVSS5.6AI score0.01016EPSS
Exploits1References3Affected Software2
UbuntuCve
UbuntuCve
added 2020/12/08 10:15 p.m.16 views

CVE-2020-27758

A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long. This would most likely lead to an impact to application availability, but...

4.3CVSS6.7AI score0.01124EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2020/12/08 10:15 p.m.27 views

CVE-2020-27750

A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char and math division by zero. This would...

5.5CVSS6.8AI score0.00982EPSS
Exploits1References4
Prion
Prion
added 2020/12/08 10:15 p.m.18 views

Heap overflow

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data...

5.8CVSS6.4AI score0.01073EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2020/12/08 10:15 p.m.28 views

CVE-2020-27752

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data...

7.1CVSS7.4AI score0.01073EPSS
Exploits1References1
Prion
Prion
added 2020/12/08 10:15 p.m.23 views

Design/Logic Flaw

A floating point math calculation in ScaleAnyToQuantum of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The flaw could be triggered by a crafted input file under certain conditions when it is processed by...

4.3CVSS3.5AI score0.01072EPSS
Exploits1References3Affected Software2
UbuntuCve
UbuntuCve
added 2020/12/08 10:15 p.m.37 views

CVE-2020-25674

WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...

5.5CVSS6.9AI score0.01016EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2020/12/08 10:15 p.m.23 views

CVE-2020-25676

In CatromWeights, MeshInterpolate, InterpolatePixelChannel, InterpolatePixelChannels, and InterpolatePixelInfo, which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor function. These calculations produced...

5.5CVSS6.8AI score0.01172EPSS
Exploits1References4
Prion
Prion
added 2020/12/08 10:15 p.m.26 views

Design/Logic Flaw

In ParseMetaGeometry of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses...

4.3CVSS5.1AI score0.00833EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2020/12/08 9:57 p.m.35 views

CVE-2020-27753

There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported tha...

5.5CVSS6AI score0.00852EPSS
Exploits1
Cvelist
Cvelist
added 2020/12/08 9:57 p.m.27 views

CVE-2020-27752

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data...

6.7AI score0.01073EPSS
Exploits1References1
Rows per page
Query Builder