5386 matches found
Artifex Ghostscript 安全漏洞
Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.05.0, which is caused by a buffer overflow when converting glyphs to...
CVE-2025-27836
An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c...
CVE-2025-27835
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...
CVE-2025-27832
An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c...
CVE-2025-27836
An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c...
CVE-2025-27834
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...
Mageia: Security Advisory (MGASA-2025-0098)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated ghostscript packages fix security vulnerabilities
This release addresses CVEs: CVE-2025-27835, CVE-2025-27832, CVE-2025-27831, CVE-2025-27836, CVE-2025-27830, CVE-2025-27833, CVE-2025-27837, CVE-2025-27834 The 10.05.0 release deprecates the non-standard operator "selectdevice", all code should now be using the standard "setpagedevice" operator...
MGASA-2025-0098 Updated ghostscript packages fix security vulnerabilities
This release addresses CVEs: CVE-2025-27835, CVE-2025-27832, CVE-2025-27831, CVE-2025-27836, CVE-2025-27830, CVE-2025-27833, CVE-2025-27837, CVE-2025-27834 The 10.05.0 release deprecates the non-standard operator "selectdevice", all code should now be using the standard "setpagedevice" operator...
Ghostscript 9.21 Arbitrary Command Execution
Ghostscript version 9.21 exploit that leverages a flaw from 2017 to execute arbitrary commands and provides a reverse shell. ============================================================================================================================================= | Title : Ghostscript versions...
Linux Distros Unpatched Vulnerability : CVE-2024-46955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space...
Linux Distros Unpatched Vulnerability : CVE-2024-29511
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading and writing of error...
Linux Distros Unpatched Vulnerability : CVE-2023-52722
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard...
Linux Distros Unpatched Vulnerability : CVE-2023-28879
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp....
Linux Distros Unpatched Vulnerability : CVE-2024-29506
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfiapplyfilter function via a long PDF filter name. CVE-2024-29506 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2023-38559
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow flaw was found in base/gdevdevn.c:1973 in devnpcxwriterle in ghostscript. This issue may allow a local attacker to cause a denial of service v...
Linux Distros Unpatched Vulnerability : CVE-2024-33870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal via a crafted PostScript document to arbitrary files if the current...
Linux Distros Unpatched Vulnerability : CVE-2024-29509
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword e.g., for runpdf has a \000 byte in the middle. CVE-2024-29509 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2023-38560
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via...
Linux Distros Unpatched Vulnerability : CVE-2024-46954
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in decodeutf8 in base/gputf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal...