Security Bulletin: EDB PGAI Databases is affected by Multiple Vulnerabilities.

Summary Multiple Vulnerabilities found in EDB PGAI Databases 18.0. It has been addressed in 18.2. Hence, IBM strongly recommends upgrading to 18.2. Vulnerability Details CVEID:CVE-2021-25317 DESCRIPTION: A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterpri...

Linux Distros Unpatched Vulnerability : CVE-2022-35649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote...

(Pwn2Own) HP LaserJet Pro MFP 3301fdw PostScript File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP LaserJet Pro MFP 3301fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of PostScript data. The issue results from th...

USN-7103-1 ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-46951, CVE-2024-46953, CVE-2024-46955, CVE-2024-46956 It was discovered...

CLSA-2024-1720178510 cups: Fix of CVE-2023-4504

CVE-2023-4504: scanps: check for null terminator after backslash character...

RHEL 9 : cups (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cups: insecure permissions of /var/log/cups allows for symlink attacks CVE-2021-25317 - cups, libppd:...

OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow

...

(Pwn2Own) Lexmark CX331adwe PostScript File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of PostScript data. The issue results from the lack of...

CVE-2023-44464

pretix before 2023.7.2 allows Pillow to parse EPS files...

USN-6391-2 cups vulnerability

USN-6391-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a...

CVE-2022-35649

The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in...

Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Bridge PostScript Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

PT-2022-5146 · Moodle +3 · Moodle +3

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified GhostScript versions prior to 9.50 Description: The issue occurs due to improper input validation when parsing PostScript code, resulting in a remote code execution risk. An omitted execution parameter...

Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Adobe Acrobat Pro DC PostScript JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Acrobat Pro DC PostScript Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Acrobat Pro DC PostScript File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Artifex Ghostscript Denial of Service Vulnerability (CNVD-2020-54476)

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

ghostscript code execution

Application is executed by relative path upon .ps file parsing...