5485 matches found
CVE-2024-46955
A flaw was found in Artifex Ghostscript's psi/zcolor.c component. This vulnerability allows an out-of-bounds read, potentially leading to information disclosure via improper handling of color in the Indexed color space...
CVE-2024-46954
A flaw was found in Ghostscript/base/gputf8.c. This vulnerability allows directory traversal via overlong UTF-8 encoding, potentially leading to unauthorized access to filesystem directories...
CVE-2024-46953
A flaw was found in Artifex Ghostscript base/gsdevice.c. This vulnerability allows path truncation, path traversal, and possible code execution via an integer overflow when parsing the filename format string for the output filename...
CVE-2024-46952
A flaw was found in Artifex Ghostscript's PDF XRef stream handling. This vulnerability allows a buffer overflow via crafted values in the W array of a PDF XRef stream...
CVE-2024-46951
A flaw was found in Artifex Ghostscript's psi/zcolor.c component. This vulnerability allows arbitrary code execution via an unchecked implementation pointer in the Pattern color space...
PT-2025-11336 · Unknown +4 · Ghostscript +4
Name of the Vulnerable Software and Affected Versions: Debian Linux affected versions not specified ghostscript affected versions not specified Description: The issue concerns a text buffer overflow with long characters in the DOCXWRITE and TXTWRITE devices. Recommendations: For Debian Linux,...
PT-2025-11340
Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions prior to 10.05.0 Ghostscript affected versions not specified Description A buffer overflow issue exists in Ghostscript when converting glyphs to Unicode within the psi/zbfont.c file. This can potentially lead to...
PT-2025-11337 · Unknown +7 · Ghostscript +7
Name of the Vulnerable Software and Affected Versions: Debian Linux affected versions not specified Description: The issue concerns a compression buffer overflow in NPDL devices and package vulnerabilities related to ghostscript in Debian Linux. Recommendations: At the moment, there is no...
Debian: Security Advisory (DSA-5808-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Ghostscript vulnerabilities (USN-7103-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7103-1 advisory. It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to caus...
[SECURITY] [DSA 5808-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5808-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 11, 2024 https://www.debian.org/security/faq -...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-2886)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-2812)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-2829)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-2905)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the PDF XRef Stream Handler component in the Ghostscript software suite for document processing, conversion, and generation means that a malicious actor can compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the PDF XRef StreamHandler component in the Ghostscript software for document processing, conversion, and generation is related to the execution of operations outside of the buffer. Exploiting this vulnerability could allow an attacker to influence the confidentiality,...
DSA-5808-1 ghostscript - security update
Bulletin has no description...
Debian dsa-5808 : ghostscript - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5808 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5808-1 [email protected] https://www.debian.org/securit...
CVE-2024-46956
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution...
CVE-2024-46955
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space...