Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5485 matches found

OSV
OSVadded 2019/11/27 2:15 p.m.2 views

ALPINE-CVE-2019-14812

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the...

7.8CVSS7.1AI score0.02473EPSS
Exploits0References1
NVD
NVDadded 2019/11/27 2:15 p.m.28 views

CVE-2019-14812

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the...

7.8CVSS8.6AI score0.02473EPSS
Exploits0References6
OSV
OSVadded 2019/11/27 2:15 p.m.1 views

DEBIAN-CVE-2019-14812

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the...

7.8CVSS7.5AI score0.02473EPSS
Exploits0References1
OSV
OSVadded 2019/11/27 2:15 p.m.31 views

CVE-2019-14812

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the...

7.8CVSS7.1AI score0.02473EPSS
Exploits0References6
Prion
Prionadded 2019/11/27 2:15 p.m.30 views

Command injection

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the...

6.8CVSS7.2AI score0.02473EPSS
Exploits0References6Affected Software2
AlpineLinux
AlpineLinuxadded 2019/11/27 1:50 p.m.49 views

CVE-2019-14812

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the...

7.8CVSS9.1AI score0.02473EPSS
Exploits0
Debian CVE
Debian CVEadded 2019/11/27 1:50 p.m.46 views

CVE-2019-14812

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the...

7.8CVSS7.8AI score0.02473EPSS
Exploits0
CVE
CVEadded 2019/11/27 1:50 p.m.215 views

CVE-2019-14812

CVE-2019-14812 affects Ghostscript before 9.50. A flaw in .setuserparams2 allows bypassing -dSAFER, enabling a crafted PostScript file to access the filesystem or run commands. Mitigation: update Ghostscript to 9.50 or later (validated advisories reference ALAS2-2021-1598 and related vendor notic...

7.8CVSS8.8AI score0.02473EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2019/11/27 1:50 p.m.23 views

CVE-2019-14812

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to the...

7.3CVSS8.9AI score0.02473EPSS
Exploits0References6
NVD
NVDadded 2019/11/27 1:15 p.m.27 views

CVE-2019-10216

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of...

7.8CVSS7.4AI score0.02295EPSS
Exploits0References3
OSV
OSVadded 2019/11/27 1:15 p.m.3 views

ALPINE-CVE-2019-10216

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of...

7.8CVSS7AI score0.02295EPSS
Exploits0References1
OSV
OSVadded 2019/11/27 1:15 p.m.3 views

DEBIAN-CVE-2019-10216

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of...

7.8CVSS7.6AI score0.02295EPSS
Exploits0References1
OSV
OSVadded 2019/11/27 1:15 p.m.23 views

CVE-2019-10216

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of...

7.8CVSS6.7AI score0.02295EPSS
Exploits0References3
Prion
Prionadded 2019/11/27 1:15 p.m.25 views

Authentication flaw

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of...

6.8CVSS6.9AI score0.02295EPSS
Exploits0References3Affected Software9
CVE
CVEadded 2019/11/27 12:10 p.m.394 views

CVE-2019-10216

CVE-2019-10216 concerns GPL Ghostscript. The vulnerability is in the .buildfont1 procedure, which did not properly secure privileged calls, allowing a crafted PostScript file to bypass -dSAFER and escalate privileges to access restricted files. Affected: Ghostscript prior to 9.50. Impact: potenti...

7.8CVSS7.6AI score0.02295EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2019/11/27 12:10 p.m.25 views

CVE-2019-10216

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of...

7.3CVSS7.7AI score0.02295EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2019/11/27 12:10 p.m.39 views

CVE-2019-10216

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of...

7.8CVSS7.6AI score0.02295EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2019/11/27 12:10 p.m.39 views

CVE-2019-10216

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of...

7.8CVSS7.8AI score0.02295EPSS
Exploits0
OpenVAS
OpenVASadded 2019/11/26 12:0 a.m.27 views

Fedora Update for ghostscript FEDORA-2019-7debdd1807

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.4AI score0.43901EPSS
Exploits4References2
Tenable Nessus
Tenable Nessusadded 2019/11/25 12:0 a.m.43 views

Oracle Linux 8 : ghostscript (ELSA-2019-3890)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3890 advisory. 9.25-5.1 - 1769342 - CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys Tenable has extracted the preceding description block directly from the Oracle Linu...

8.8CVSS7.5AI score0.03434EPSS
Exploits0References2
Rows per page
Query Builder