Skip to main content
CVE-2020-27764 LOW PATCH Monitor

In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Red Hat Integer Overflow Imagemagick Debian Linux
NVD GitHub
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27763 LOW PATCH Monitor

A flaw was found in ImageMagick in MagickCore/resize.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
0.9%
CVE-2020-27761 LOW PATCH Monitor

WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Red Hat Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27759 LOW PATCH Monitor

In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Red Hat Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-28923 LOW PATCH Monitor

An issue was discovered in Play Framework 2.8.0 through 2.8.4. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Information Disclosure Play Framework
NVD
CVSS 3.1
2.7
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy