Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2801 matches found

UbuntuCve
UbuntuCveadded 2019/11/19 10:15 p.m.28 views

CVE-2011-2924

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileg...

5.5CVSS6.9AI score0.00434EPSS
Exploits0References2
CVE
CVEadded 2019/11/19 9:20 p.m.96 views

CVE-2011-2924

CVE-2011-2924 affects the foomatic-rip filter (v4.0.12 and earlier). The flaw arises from insecure temporary file handling when rendering PostScript data in debug mode, enabling a local attacker to perform symlink attacks to overwrite arbitrary files accessible to the user running the foomatic-ri...

5.5CVSS5.2AI score0.00434EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVEadded 2019/11/19 9:20 p.m.26 views

CVE-2011-2924

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileg...

5.5CVSS7.2AI score0.00434EPSS
Exploits0
OSV
OSVadded 2019/11/19 9:15 p.m.1 views

DEBIAN-CVE-2011-2923

foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges ...

5.5CVSS7.2AI score0.00402EPSS
Exploits0References1
NVD
NVDadded 2019/11/19 9:15 p.m.20 views

CVE-2011-2923

foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges ...

5.5CVSS5.3AI score0.00402EPSS
Exploits0References4
Prion
Prionadded 2019/11/19 9:15 p.m.22 views

Design/Logic Flaw

foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges ...

3.3CVSS6.7AI score0.00402EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVEadded 2019/11/19 8:38 p.m.23 views

CVE-2011-2923

foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges ...

5.5CVSS7.2AI score0.00402EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2019/11/18 8:0 p.m.2 views

ghostscript: -dSAFER escape in .charkeys (701841)

A flaw was found in the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access...

8.8CVSS5.8AI score0.03434EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2019/11/18 8:0 p.m.93 views

Important: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS7.2AI score0.03434EPSS
Exploits0References2
OSV
OSVadded 2019/11/15 12:15 p.m.3 views

ALPINE-CVE-2019-14869

A flaw was found in all versions of ghostscript 9.x before 9.50, where the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could...

8.8CVSS6.9AI score0.03434EPSS
Exploits0References1
NVD
NVDadded 2019/11/15 12:15 p.m.19 views

CVE-2019-14869

A flaw was found in all versions of ghostscript 9.x before 9.50, where the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could...

8.8CVSS7.9AI score0.03434EPSS
Exploits0References12
OSV
OSVadded 2019/11/15 12:15 p.m.2 views

DEBIAN-CVE-2019-14869

A flaw was found in all versions of ghostscript 9.x before 9.50, where the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could...

8.8CVSS7.4AI score0.03434EPSS
Exploits0References1
Prion
Prionadded 2019/11/15 12:15 p.m.18 views

Design/Logic Flaw

A flaw was found in all versions of ghostscript 9.x before 9.50, where the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could...

6.8CVSS7.1AI score0.03434EPSS
Exploits0References12Affected Software3
CVE
CVEadded 2019/11/15 11:55 a.m.326 views

CVE-2019-14869

Summary: CVE-2019-14869 affects Ghostscript 9.x up to 9.49, where the .charkeys primitive did not properly secure privileged calls, allowing a crafted PostScript file to bypass -dSAFER and escalate/execute commands or access restricted files. The issue is rooted in insufficient isolation of privi...

8.8CVSS8.5AI score0.03434EPSS
Exploits0References12Affected Software1
AlpineLinux
AlpineLinuxadded 2019/11/15 11:55 a.m.33 views

CVE-2019-14869

A flaw was found in all versions of ghostscript 9.x before 9.50, where the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could...

8.8CVSS8.8AI score0.03434EPSS
Exploits0
Debian CVE
Debian CVEadded 2019/11/15 11:55 a.m.39 views

CVE-2019-14869

A flaw was found in all versions of ghostscript 9.x before 9.50, where the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could...

8.8CVSS7.6AI score0.03434EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2019/11/15 12:0 a.m.16 views

Ubuntu 16.04 LTS / 18.04 LTS : Ghostscript vulnerability (USN-4193-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4193-1 advisory. Paul Manfred and Lukas Schauer discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked in...

8.8CVSS7.9AI score0.03434EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2019/11/14 6:19 p.m.2 views

ghostscript: -dSAFER escape in .charkeys (701841)

A flaw was found in the .charkeys procedure, where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access...

8.8CVSS5.8AI score0.03434EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2019/11/14 6:19 p.m.123 views

Important: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS7.2AI score0.03434EPSS
Exploits0References2
Ubuntu
Ubuntuadded 2019/11/14 4:26 p.m.86 views

USN-4193-1: Ghostscript vulnerability

Paul Manfred and Lukas Schauer discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause...

8.8CVSS7.7AI score0.03434EPSS
Exploits0
Rows per page
Query Builder