|
209381
|
5.5 |
MEDIUM
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstra…
|
-
|
CVE-2020-25676
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209382
|
3.3 |
LOW
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer over…
|
-
|
CVE-2020-25675
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209383
|
5.5 |
MEDIUM
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible f…
|
-
|
CVE-2020-25674
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209384
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a cra…
|
-
|
CVE-2020-25667
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209385
|
3.3 |
LOW
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. …
|
-
|
CVE-2020-25666
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209386
|
5.5 |
MEDIUM
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on i…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-25665
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209387
|
6.1 |
MEDIUM
Local
|
imagemagick
fedoraproject
|
imagemagick
fedora
|
In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-pr…
|
-
|
CVE-2020-25664
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209388
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() w…
|
-
|
CVE-2020-25663
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209389
|
9.8 |
CRITICAL
Network
|
online_bus_booking_system_project
|
online_bus_booking_system
|
Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page. By placing SQL injection payload on the login page attackers can bypass the authentication and can …
|
CWE-89
SQL Injection
|
CVE-2020-25889
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209390
|
7.5 |
HIGH
Network
|
openldap
redhat
netapp
|
openldap
enterprise_linux
cloud_backup
solidfire_baseboard_management_controller_firmware
|
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sen…
|
-
|
CVE-2020-25692
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
