Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5485 matches found

CNNVD
CNNVDadded 2024/07/03 12:0 a.m.2 views

Artifex Ghostscript Security Vulnerability

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript and Portable Document Format page description languages. A security vulnerability exists in Artifex Ghostscript prior to version 10.03.0, which results from a heap-based pointer disclosure in the...

3.3CVSS4.9AI score0.00375EPSS
Exploits0References5
CNNVD
CNNVDadded 2024/07/03 12:0 a.m.2 views

Artifex Ghostscript Security Vulnerability

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Page Description Language for Portable Document Format PDL. A security vulnerability exists in Artifex Ghostscript prior to version 10.03.0, which is caused by a stack-based buffer overflow...

8.8CVSS7.1AI score0.00909EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2024/07/03 12:0 a.m.3 views

PT-2024-5149

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 10.03.1 Artifex Ghostscript version 10.02.1 and earlier Description: The issue is related to incorrect restriction of the directory path name with limited access. Exploitation can allow a remote attacker ...

8.8CVSS6.5AI score0.01446EPSS
Exploits0References44
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.15 views

CVE-2024-29508

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...

6.6AI score0.00375EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.23 views

CVE-2024-29509

Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword e.g., for runpdf has a \000 byte in the middle...

7AI score0.01446EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.23 views

CVE-2024-33870

An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal via a crafted PostScript document to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ i...

6.7AI score0.00515EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.27 views

CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...

7.1AI score0.27974EPSS
Exploits6References3
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.25 views

CVE-2024-33871

An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp and oprp devices can have an arbitrary name for a...

7.5AI score0.01425EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/07/03 12:0 a.m.21 views

CVE-2024-29506

Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfiapplyfilter function via a long PDF filter name...

7.3AI score0.00909EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.21 views

CVE-2024-33871

An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp and oprp devices can have an arbitrary name for a...

0.01425EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.13 views

CVE-2024-29511

Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading and writing of error messages to arbitrary files via OCRLanguage. For example, exploitation can use debugfile /tmp/out and userpatternsfile /etc/passwd...

0.01137EPSS
Exploits0References3
CVE
CVEadded 2024/07/03 12:0 a.m.81 views

CVE-2024-29509

CVE-2024-29509 affects Artifex Ghostscript before 10.03.0, where a heap-based overflow occurs when PDFPassword (e.g., for runpdf) contains a embedded NUL byte in the middle. This can lead to corruption or potential code execution as described in public disclosures. The vulnerability is attributed...

8.8CVSS7.2AI score0.01446EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2024/07/03 12:0 a.m.83 views

CVE-2024-29507

CVE-2024-29507 affects Artifex Ghostscript prior to 10.03.0. The vulnerability is described in multiple sources as a heap-based pointer disclosure observable in a constructed BaseFont name within pdf_base_font_alloc, in addition to the already noted stack-based issues (CIDFSubstPath/CIDFSubstFont...

5.4CVSS7.7AI score0.00717EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2024/07/03 12:0 a.m.98 views

CVE-2024-29506

Artifex Ghostscript is affected by CVE-2024-29506: Ghostscript before 10.03.0 contains a stack-based buffer overflow in pdfi_apply_filter() triggered by a long PDF filter name. Impact, per available references, includes potential memory corruption with high-severity risk; exploitation details are...

8.8CVSS7.5AI score0.00909EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2024/07/03 12:0 a.m.174 views

CVE-2024-29508

CVE-2024-29508 affects Artifex Ghostscript prior to 10.03.0. The issue is a heap-based pointer disclosure observable in a constructed BaseFont name, in the function pdf_base_font_alloc. Documents consistently describe this Ghostscript vulnerability as enabling information leakage. The CVSSv3.1 ve...

3.3CVSS6.5AI score0.00375EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.32 views

CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...

0.27974EPSS
Exploits6References3
ATTACKERKB
ATTACKERKBadded 2024/07/03 12:0 a.m.146 views

CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. Recent assessments: cdelafuente-r7 at August 13, 2024 10:25am UTC reported: Ghostscript is vulnerable to a critical format string vulnerability that affects...

6.3CVSS7.5AI score0.27974EPSS
In wildExploits6References4
Cvelist
Cvelistadded 2024/07/03 12:0 a.m.19 views

CVE-2024-29507

Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters...

0.00717EPSS
Exploits0References3
OSV
OSVadded 2024/07/03 12:0 a.m.13 views

OPENSUSE-SU-2024:14090-1 ghostscript-10.03.1-1.1 on GA media

These are all security issues fixed in the ghostscript-10.03.1-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS7.5AI score0.27974EPSS
Exploits6References5
Debian CVE
Debian CVEadded 2024/07/03 12:0 a.m.28 views

CVE-2024-29506

Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfiapplyfilter function via a long PDF filter name...

8.8CVSS7.1AI score0.00909EPSS
Exploits0
Rows per page
Query Builder