ImageMagick Resource Management Error Vulnerability (CNVD-2019-29429)

ImageMagick is the United States ImageMagick Studio, Inc. of a set of open source image processing software. A memory disclosure vulnerability exists in the 'ReadPSImage' function in the coders/ps.c file in ImageMagick Studio ImageMagick versions prior to 7.0.8-50. An attacker can exploit this...

Fedora Update for GraphicsMagick FEDORA-2019-da4c20882c

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: GraphicsMagick-1.3.32-1.fc30

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

MGASA-2019-0186 Updated imagemagick packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Fixed a heap-based buffer overflow in ReadMNGImage. CVE-2019-11007 Fixed a heap-based buffer overflow in WriteXWDImage. CVE-2019-11008, CVE-2019-11009...

CVE-2019-5305

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159C185 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

Double free

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159C185 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

CVE-2019-5305

CVE-2019-5305 affects the image processing module on some Huawei Mate 10 devices (before ALP-L29 9.0.0.159). The root cause is a memory double-free vulnerability that can be triggered when a user installs a malicious app and it calls a specific API, potentially leading to a system crash. Public d...

CVE-2019-5305

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159C185 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

Remote Code Execution (RCE)

Typo3/Cms is vulnerable to remote code execution. Improper configuration of the applications used for image processing allows an attacker to execute arbitrary code on the server by uploading a malicious image file containing PostScript code...

TYPO3 Multiple Vulnerabilities (TYPO3-CORE-SA-2019-011, TYPO3-CORE-SA-2019-012, TYPO3-CORE-SA-2019-013)

TYPO3 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; if description...

Remote code execution

TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick...

Possible Arbitrary Code Execution in Image Processing

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-012...

Possible Arbitrary Code Execution in Image Processing

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-012...

Possible Arbitrary Code Execution in Image Processing

Image processing, e.g. for generating thumbnails, is actually delegated to ImageMagick or GraphicsMagick for the low-level processing. Whenever ImageMagick is invoked in order to convert data the mime-type of the source is identified for invoking according coders when reading data. In case an...

Fedora Update for leptonica FEDORA-2018-4db33b3753

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Memory Corruption

OpenJDK 7 Java Runtime Environment and OpenJDK 7 Software Development Kit is vulnerable to memory corruption. It is due to an insufficient "validation of images" in share/native/sun/awt/image/awtImageRep.c, possibly involving offsets, causing 2D component to not properly process certain images...

ImageMagick heap buffer overflow vulnerability (CNVD-2019-14255)

ImageMagick Studio ImageMagick is a suite of open-source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. ImageMagick Studio A heap buffer overflow vulnerability exists in the 'WriteTIFFImage' function ...

CVE-2019-6601

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

CVE-2019-6601

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

Design/Logic Flaw

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...