Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2025-1510)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7473-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly bypass file path validation...

Ubuntu 24.04 LTS / 24.10 : Ghostscript vulnerability (USN-7473-1)

The remote Ubuntu 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7473-1 advisory. It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Page Description Language for Portable Document Format PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which stems from the improper handling of long...

CVE-2025-46646

CVE-2025-46646 affects Artifex Ghostscript prior to 10.05.0, where decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encodings. This issue is linked to an incomplete fix for CVE-2024-46954. Affected products include Ghostscript releases before 10.05.0; multiple advisories reference upgrades...

CVE-2025-46646

In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...

The vulnerability of the bj10v_print_page() function in the contrib/japanese/gdev10v.c file of the BJ10V Device component of the software development kit for processing, transforming, and generating Ghostscript documents, allowing a malicious individual to execute arbitrary code or cause a service failure.

The vulnerability of the bj10vprintpage function in the contrib/japanese/gdev10v.c file of the BJ10V Device component of the software development kit for processing, transforming, and generating Ghostscript documents is related to the copying of buffers without checking the size of the input data...

The vulnerability of the gp_open_scratch_file_impl() function in the files base/gp_mswin.c and base/winrtsup.cpp of the Ghostscript processing, conversion, and generation software suite allows a malicious actor to read arbitrary files.

The vulnerability of the gpopenscratchfileimpl function in the base/gpmswin.c and base/winrtsup.cpp files of the Ghostscript processing, conversion, and generation software suite is related to an incorrect path name limitation. Exploiting this vulnerability could allow a remote attacker to read...

The vulnerability of the txt_get_unicode() function in the devices/vector/doc_common.c file of the Ghostscript document processing, conversion, and generation software allows a hacker to execute arbitrary code.

The vulnerability of the txtgetunicode function in the devices/vector/doccommon.c file of the Ghostscript document processing, conversion, and generation software set is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an...

Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-907)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-907 advisory. The calculation of the buffer size was being done with int values, and overflowing that data type. The bug has existed since the creation of the file contrib/japanese/gdevnpdl.cThe calculation of the...

SUSE CVE-2025-27830

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/writet1.c and psi/zfapi.c...

CVE-2025-27832

An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c...

ALPINE-CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...

UBUNTU-CVE-2025-27835

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...

UBUNTU-CVE-2025-27832

An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Formatting Language PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which is caused by a compression buffer overflow in the NPDL device...

CVE-2025-27831

An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doccommon.c...

Ghostscript 9.21 Arbitrary Command Execution

Ghostscript version 9.21 exploit that leverages a flaw from 2017 to execute arbitrary commands and provides a reverse shell. ============================================================================================================================================= | Title : Ghostscript versions...

Linux Distros Unpatched Vulnerability : CVE-2020-16298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability in mjcolorcorrect in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial...

Linux Distros Unpatched Vulnerability : CVE-2020-16292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability in mjrastercmd in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of...