CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.8CVSS7.4AI score0.00127EPSS

UBUNTU-CVE-2024-46951

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution...

7.8CVSS7.3AI score0.00108EPSS

UBUNTU-CVE-2024-46953

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string for the output filename results in path truncation, and possible path traversal and code execution...

8.4CVSS7.1AI score0.00129EPSS

UBUNTU-CVE-2024-46954

An issue was discovered in decodeutf8 in base/gputf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal...

Exploits0References3

OSV•added 2024/10/30 12:0 a.m.•1 views

UBUNTU-CVE-2024-46952

An issue was discovered in pdf/pdfxref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream related to W array values...

8.4CVSS7.4AI score0.00065EPSS

Exploits0References3

5.5CVSS5.8AI score0.00044EPSS

UBUNTU-CVE-2024-46955

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space...

OSV•added 2024/10/30 12:0 a.m.•1 views

UBUNTU-CVE-2024-46956

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution...

7.8CVSS7.4AI score0.00301EPSS

7.8CVSS7.9AI score0.00127EPSS

SUSE CVE-2024-46951

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution...

Exploits0References8

7.8CVSS7.5AI score0.00065EPSS

SUSE CVE-2024-46952

An issue was discovered in pdf/pdfxref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream related to W array values...

7.8CVSS7.9AI score0.00108EPSS

SUSE CVE-2024-46953

Exploits0References8

SUSE CVE•added 2024/10/23 1:24 p.m.•2 views

SUSE CVE-2024-46954

An issue was discovered in decodeutf8 in base/gputf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal...

7.8CVSS7AI score0.00129EPSS

5.5CVSS7AI score0.00044EPSS

SUSE CVE-2024-46955

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space...

7.8CVSS7.9AI score0.00301EPSS

SUSE CVE-2024-46956

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution...

Exploits0References8

OSV•added 2024/10/23 12:0 a.m.•16 views

OPENSUSE-SU-2024:14423-1 ghostscript-10.04.0-1.1 on GA media

These are all security issues fixed in the ghostscript-10.04.0-1.1 package on the GA media of openSUSE Tumbleweed...

8.4CVSS6.8AI score0.00301EPSS

Debian•added 2024/10/22 8:36 a.m.•11 views

[SECURITY] [DLA 3931-1] ghostscript security update

Debian LTS Advisory DLA-3931-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton October 22, 2024 https://wiki.debian.org/LTS Package : ghostscript Version : 9.53.3dfsg-7+deb11u8 CVE ID : CVE-2024-29508 A heap-based pointer disclosure problem was found in Ghostscript, ...

3.3CVSS6AI score0.00047EPSS

Exploits0

Tenable Nessus•added 2024/10/22 12:0 a.m.•14 views

Debian dla-3931 : ghostscript - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3931 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3931-1 [email protected] https://www.debian.org/lts/security/...

3.3CVSS5.6AI score0.00047EPSS

OpenVAS•added 2024/10/22 12:0 a.m.•12 views

Debian: Security Advisory (DLA-3931-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS7.1AI score0.00047EPSS

Exploits0References2

OSV•added 2024/10/22 12:0 a.m.•92 views

DLA-3931-1 ghostscript - security update

Bulletin has no description...

3.3CVSS4AI score0.00047EPSS

Exploits0

OpenVAS•added 2024/10/07 12:0 a.m.•14 views

Mageia: Security Advisory (MGASA-2024-0326)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS6.5AI score0.00301EPSS