Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5485 matches found

OSV
OSVadded 2024/07/03 11:32 a.m.15 views

SUSE-SU-2024:2292-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path bsc1226945. - CVE-2024-33870: Fixed a format string injection that could lead to command execution bsc1226944. - CVE-2024-33869: Fixed a path validation...

6.3CVSS6.7AI score0.27992EPSS
Exploits6References7
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.21 views

CVE-2024-29507

Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters...

7AI score0.00717EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.19 views

CVE-2024-33869

An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur via a crafted PostScript document because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command output filename...

6.9AI score0.00447EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/07/03 12:0 a.m.2 views

Artifex Ghostscript Security Vulnerability

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript versions prior to 10.03.1, which is caused by a path reduction in base/gpmisc.c,...

5.3CVSS9.3AI score0.00447EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.24 views

CVE-2024-33870

An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal via a crafted PostScript document to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ i...

6.7AI score0.00515EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.25 views

CVE-2024-29508

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...

0.00375EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.14 views

CVE-2024-29511

Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading and writing of error messages to arbitrary files via OCRLanguage. For example, exploitation can use debugfile /tmp/out and userpatternsfile /etc/passwd...

0.01137EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/07/03 12:0 a.m.2 views

Artifex Ghostscript 安全漏洞

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-PostScrip...

7.5CVSS7AI score0.01137EPSS
Exploits0References5
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.21 views

CVE-2024-33870

An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal via a crafted PostScript document to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ i...

0.00515EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.18 views

CVE-2024-29509

Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword e.g., for runpdf has a \000 byte in the middle...

0.01446EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.23 views

CVE-2024-29506

Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfiapplyfilter function via a long PDF filter name...

0.00909EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/07/03 12:0 a.m.2 views

Artifex Ghostscript Security Vulnerability

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Page Description Language for Portable Document Format PDL. A security vulnerability exists in Artifex Ghostscript prior to version 10.03.0, which stems from a stack-based buffer overflow...

5.4CVSS9.3AI score0.00717EPSS
Exploits0References5
CNNVD
CNNVDadded 2024/07/03 12:0 a.m.2 views

Artifex Ghostscript Formatting String Error Vulnerability

Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.03.1 that exploits a memory corruption and SAFER sandbox bypass that...

6.3CVSS9.5AI score0.27992EPSS
Exploits6References5
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.27 views

CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...

7.1AI score0.27992EPSS
Exploits6References3
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.32 views

CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...

0.27992EPSS
Exploits6References3
VulnCheck KEV
VulnCheck KEVadded 2024/07/03 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...

6.3CVSS5.8AI score0.27992EPSS
Exploits6References1
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.16 views

CVE-2024-29508

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...

6.6AI score0.00375EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/07/03 12:0 a.m.3 views

PT-2024-5149

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 10.03.1 Artifex Ghostscript version 10.02.1 and earlier Description: The issue is related to incorrect restriction of the directory path name with limited access. Exploitation can allow a remote attacker ...

8.8CVSS6.5AI score0.01446EPSS
Exploits0References44
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.22 views

CVE-2024-29511

Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading and writing of error messages to arbitrary files via OCRLanguage. For example, exploitation can use debugfile /tmp/out and userpatternsfile /etc/passwd...

7.3AI score0.01137EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.22 views

CVE-2024-29507

Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters...

0.00717EPSS
Exploits0References3
Rows per page
Query Builder