Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-15908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...

7.8CVSS7.4AI score0.01916EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.3 views

SUSE CVE-2018-15908

In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...

7.3CVSS7.1AI score0.01916EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2022/01/13 6:39 a.m.49 views

CVE-2018-15908

It was discovered that the ghostscript .tempfile function did not properly handle file permissions. An attacker could possibly exploit this to exploit this to bypass the -dSAFER protection and delete files or disclose their content via a specially crafted PostScript document. Mitigation Please se...

7.8CVSS0.9AI score0.01916EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.36 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2018-1412)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.16288EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1205)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.16288EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1016)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.92499EPSS
Exploits8References2
Oracle linux
Oracle linux
added 2019/08/13 12:0 a.m.49 views

ghostscript security, bug fix, and enhancement update

9.25-2 - obsoleted old ghostscript-devel to allow clean upgrade to libgs-devel 9.25-1 - Rebase to latest upstream version bug 1636115 - Resolves: 1673399 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678172 - CVE-2019-3835 ghostscript: superexec...

9.8CVSS0.1AI score0.92499EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2019/04/09 12:0 a.m.29 views

EulerOS Virtualization 2.5.3 : ghostscript (EulerOS-SA-2019-1205)

According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was discovered that the ghostscript .tempfile function did not properly handle file permissions. An attacker could possibl...

9.8CVSS7.6AI score0.16288EPSS
Exploits4References15
OpenVAS
OpenVAS
added 2018/12/18 12:0 a.m.28 views

CentOS Update for ghostscript CESA-2018:3650 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.9AI score0.03019EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/12/14 12:0 a.m.40 views

CentOS 7 : ghostscript (CESA-2018:3650)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.8CVSS6.8AI score0.03019EPSS
Exploits0References5
Cent OS
Cent OS
added 2018/12/13 8:45 p.m.134 views

ghostscript security update

CentOS Errata and Security Advisory CESA-2018:3650 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.8CVSS6.7AI score0.03019EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2018/11/28 12:0 a.m.34 views

Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20181127)

Security Fixes : - ghostscript: .tempfile file permission issues 699657 CVE-2018-15908 - ghostscript: shadingparam incomplete type checking 699660 CVE-2018-15909 - ghostscript: missing type check in type checker 699659 CVE-2018-16511 - ghostscript: incorrect access checking in temp file handling ...

7.8CVSS6.5AI score0.03019EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/27 1:27 a.m.226 views

Important: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.8CVSS6.7AI score0.03019EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.32 views

Oracle Linux 7 : ghostscript (ELSA-2018-3650)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3650 advisory. - Resolves: 1621383 - CVE-2018-16511 ghostscript: missing type check in type checker 699659 - Resolves: 1621159 - CVE-2018-15908 ghostscript: .tempfile...

7.8CVSS6.8AI score0.03019EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2018/11/26 12:0 a.m.123 views

ghostscript security update

9.07-31.el76.1 - Remove as many non-standard operators as possible to make the codebase closer to upstream for later CVEs - Resolves: 1621383 - CVE-2018-16511 ghostscript: missing type check in type checker 699659 - Resolves: 1621159 - CVE-2018-15908 ghostscript: .tempfile file permission issues...

7.8CVSS2.3AI score0.03019EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/10/22 12:0 a.m.36 views

SUSE SLES12 Security Update : ghostscript (SUSE-SU-2018:2975-2)

This update for ghostscript to version 9.25 fixes the following issues : These security issues were fixed : CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 CVE-2018-15909: Prevent type confusio...

9.3CVSS7.2AI score0.92499EPSS
Exploits5References49
OSV
OSV
added 2018/10/18 12:51 p.m.10 views

SUSE-SU-2018:2975-2 Security update for ghostscript

This update for ghostscript to version 9.25 fixes the following issues: These security issues were fixed: - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 - CVE-2018-15909: Prevent type...

9.3CVSS8.2AI score0.92499EPSS
Exploits5References33
OpenVAS
OpenVAS
added 2018/10/06 12:0 a.m.29 views

openSUSE: Security Advisory for ghostscript (openSUSE-SU-2018:3036-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS7.4AI score0.92499EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2018/09/10 12:0 a.m.45 views

Debian DSA-4288-1 : ghostscript - security update

Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or the execution of arbitrary code if a malformed Postscript file is processed despite the dSAFER sandbox being enabled. C...

7.8CVSS6.7AI score0.03037EPSS
Exploits0References14
Cvelist
Cvelist
added 2018/08/27 5:0 p.m.28 views

CVE-2018-15908

In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files...

6.7AI score0.01916EPSS
Exploits0References7
Rows per page
Query Builder