38 matches found
CVE-2026-12755
Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controlled host, exposing PAM provider credentials as a NTLMv2...
CVE-2026-12755
Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controlled host, exposing PAM provider credentials as a NTLMv2...
EUVD-2025-209206
An issue was discovered in Biztalk360 before 11.5. Because of mishandling of user-provided input in an upload mechanism, an authenticated attacker is able to write files outside of the destination directory and/or coerce an authentication from the service, aka Directory Traversal...
EUVD-2025-209203
An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input in a path to be read by the server, a Super User attacker is able to read files on the system and/or coerce an authentication from the service, aka Directory Traversal...
CVE-2025-59709
An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input in a path to be read by the server, a Super User attacker is able to read files on the system and/or coerce an authentication from the service, aka Directory Traversal...
CVE-2025-59709
An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input in a path to be read by the server, a Super User attacker is able to read files on the system and/or coerce an authentication from the service, aka Directory Traversal...
CVE-2025-59709
CVE-2025-59709 affects BizTalk360 up to version 11.5. The issue arises from mishandling user-provided input in a server-side path, enabling a Super User to read arbitrary files on the system and potentially coerce authentication, i.e., a Directory Traversal. The CVSSv3.1 metrics indicate a networ...
Malicious AI
Interesting: Summary: An AI agent of unknown ownership autonomously wrote and published a personalized hit piece about me after I rejected its code, attempting to damage my reputation and shame me into accepting its changes into a mainstream python library. This represents a first-of-its-kind cas...
OESA-2026-1226 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfwritecmap in...
OESA-2026-1222 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfwritecmap in...
EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2026-1047)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size...
EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2026-1026)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size...
Unity Linux 20.1070e Security Update: ghostscript (UTSA-2025-993322)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993322 advisory. Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value. Tenable has extracted...
SUSE-SU-2025:4148-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2025-59798: Fixed stack-based buffer overflow in pdfwritecmap in devices/vector/gdevpdtw.c. bsc1250353 - CVE-2025-59799: Fixed stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value...
Security update for ghostscript
This update for ghostscript fixes the following issues: CVE-2025-59798: Fixed stack-based buffer overflow in pdfwritecmap in devices/vector/gdevpdtw.c. bsc1250353 CVE-2025-59799: Fixed stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value. bsc1250354...
SUSE-SU-2025:4125-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2025-59798: Fixed stack-based buffer overflow in pdfwritecmap in devices/vector/gdevpdtw.c. bsc1250353 - CVE-2025-59799: Fixed stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value...
Important: ghostscript
Issue Overview: Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfwritecmap in devices/vector/gdevpdtw.c. CVE-2025-59798 Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value...
Artifex Ghostscript pdfmark_coerce_dest function stack buffer overflow vulnerability
Artifex Ghostscript is the United States Artifex company's set of Adobe-based, PostScript and portable document format page description language and compiled into the free software. Artifex Ghostscript pdfmarkcoercedest function has a stack buffer overflow vulnerability, there is no detailed...
CVE-2025-59799
Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value...
SUSE CVE-2025-59799
Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value...