Lucene search
K

2807 matches found

RedHat Linux
RedHat Linux
added 5 days ago5 views

cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network

A flaw was found in OpenPrinting CUPS. An unauthorized client can exploit this vulnerability by sending a specially crafted print job to a shared PostScript queue without authentication. The server improperly handles the page-border value, allowing an attacker to embed and reparse malicious text ...

7.5CVSS6.7AI score0.00502EPSS
Exploits1References5
OSV
OSV
added 2026/07/06 6:31 a.m.5 views

OESA-2026-2873 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classifie...

5.3CVSS5.2AI score0.00388EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, failed to sanitize the input before writing it into the PostScript header. An attacker can provide a...

5.7CVSS7.3AI score0.00161EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 1:27 p.m.2 views

SUSE-SU-2026:2584-1 Security update for exiv2

This update for exiv2 fixes the following issues - CVE-2021-34334: DoS due to integer overflow in loop counter bsc1189338. - CVE-2026-25884: out-of-bounds read in CrwMap: decode0x0805 bsc1259083. - CVE-2026-27596: integer overflow in LoaderNative: getData leads to out-of-bounds read bsc1259084. -...

8.1CVSS6.6AI score0.01104EPSS
Exploits1References9
GithubExploit
GithubExploit
added 2026/06/19 5:29 a.m.93 views

imagemagick-gs-delegate-hijack-poc

ImageMagick Ghostscript Delegate Search Path PoC This reposit...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/05/24 1:10 a.m.13 views

[SECURITY] Fedora 42 Update: evince-48.1-2.fc42

Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...

8.4CVSS7AI score0.00741EPSS
Exploits0
Fedora
Fedora
added 2026/05/21 1:29 a.m.12 views

[SECURITY] Fedora 43 Update: evince-48.1-2.fc43

Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...

8.4CVSS5.8AI score0.00529EPSS
Exploits0
Fedora
Fedora
added 2026/05/21 12:57 a.m.12 views

[SECURITY] Fedora 44 Update: evince-48.1-5.fc44

Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...

8.4CVSS5.8AI score0.00529EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in cups

Due to a failure in validating the length provided by a PPD PostScript document crafted by an attacker, CUPS and libppd are vulnerable to a heap-based buffer overflow, potentially leading to code execution. This issue has been fixed in CUPS version 2.4.7, released in September 2023...

7CVSS7.3AI score0.00663EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in GhostScript

In Artifex Ghostscript version 10.01.2, the gdevijs.c file in GhostPDL can lead to remote code execution through crafted PostScript documents. This occurs because the IJS device can be switched, or the IjsServer parameter can be changed, after SAFER has been activated. NOTE: It is a documented ri...

8.8CVSS8.6AI score0.0468EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in GhostScript

In Artifex Ghostscript version 10.01.0, there is a buffer overflow that may lead to corruption of data within the PostScript interpreter, specifically in the bcp/sbcp.c file. This issue affects functions such as BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled just...

9.8CVSS8.4AI score0.06341EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free software available as a ready-to-run binary distribution or as source code that you can use, copy, modify, and distribute in both open and proprietary applications. In affected versions, Postscript files may be read and written when specifically excluded by a module policy in...

4.4CVSS6.5AI score0.00353EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in pillow

A issue was discovered in Pillow prior to version 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to handle any combination of \r and \n as line endings. This implementation uses a quadratic method of accumulating lines while searching for a line ending. A malicious EPS...

7.5CVSS6.6AI score0.02293EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.10 views

Unity Linux 20.1070e Security Update: ImageMagick (UTSA-2026-017464)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017464 advisory. ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and...

4.4CVSS6.7AI score0.00353EPSS
Exploits0References4
OSV
OSV
added 2026/04/30 9:18 a.m.9 views

CLSA-2026-1777540724 cups: Fix of CVE-2023-4504

CVE-2023-4504: fix heap-based buffer overflow in cups raster-interpret PPD PostScript scanner; scanps in filter/interpret.c now returns NULL on a lone trailing backslash escape sequence rather than reading past the buffer terminator...

7CVSS6AI score0.00663EPSS
Exploits2References1
OSV
OSV
added 2026/04/29 2:23 p.m.68 views

CLSA-2026-1777462768 cups: Fix of CVE-2023-4504

CVE-2023-4504: validate PPD PostScript input length to prevent heap-based buffer overflow in raster-interpret.c...

7CVSS6AI score0.00663EPSS
Exploits2References1
OSV
OSV
added 2026/04/28 4:20 p.m.8 views

CLSA-2026-1777393200 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from IPP option values and allowlist PPD keywords returned by filters so a remote attacker cannot inject cupsFilter/cupsFilter2 entries on a shared PostScript queue and gain code execution as the cupsd user...

7.5CVSS6.4AI score0.00502EPSS
Exploits1References1
OSV
OSV
added 2026/04/28 4:14 p.m.33 views

CLSA-2026-1777392877 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from IPP option values and allowlist PPD keywords returned by filters so a remote attacker cannot inject cupsFilter/cupsFilter2 entries on a shared PostScript queue and gain code execution as the cupsd user...

7.5CVSS6.4AI score0.00502EPSS
Exploits1References1
Fedora
Fedora
added 2026/04/25 1:53 a.m.10 views

[SECURITY] Fedora 44 Update: pspp-2.1.1-5.fc44

PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure...

9.8CVSS5.2AI score0.00258EPSS
Exploits5
SUSE Linux
SUSE Linux
added 2026/04/24 2:25 p.m.6 views

Security update for cups

This update for cups fixes the following issues: CVE-2026-34980: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network bsc1261569. CVE-2026-34990: Local print admin token disclosure using temporary printers bsc1261568. Patch Instructions: To install th...

7.8CVSS6.2AI score0.00502EPSS
Exploits2References8
Rows per page
Query Builder