177 matches found
EUVD-2017-3324
Malware in sbrugna...
EUVD-2014-9617
Malware in sbrugna...
EUVD-2018-8351
Malware in sbrugna...
EUVD-2018-8322
Malware in sbrugna...
EUVD-2016-8825
Malware in sbrugna...
EUVD-2018-8602
Malware in sbrugna...
EUVD-2019-13458
Malware in sbrugna...
OESA-2024-2458 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code...
OESA-2024-2177 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur via a...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-2413)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-33871
An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp and oprp devices can have an arbitrary name for a...
DEBIAN-CVE-2024-33870
An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal via a crafted PostScript document to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ i...
ALPINE-CVE-2024-33869
An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur via a crafted PostScript document because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command output filename...
CVE-2024-33869
An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur via a crafted PostScript document because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command output filename...
Artifex Ghostscript Security Vulnerability
Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Page Description Language for Portable Document Format PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.03.1, which can be exploited to traverse paths to...
Astra Linux – Vulnerability in GhostScript
A issue was discovered in Artifex Ghostscript prior to version 10.03.1. Path traversal is possible through a specially crafted PostScript document, allowing access to arbitrary files when the current directory is within the permitted paths. For example, a transformation like ../../foo could be...
Astra Linux – Vulnerability in GhostScript
A issue was discovered in Artifex Ghostscript prior to version 10.03.1. Path traversal and command execution can occur through a crafted PostScript document due to path reduction in the base/gpmisc.c file. For example, restrictions on the use of %pipe% can be bypassed using the output filename...
Astra Linux – Vulnerability in GhostScript
A vulnerability was discovered in Artifex Ghostscript prior to version 10.03.1. The file contrib/opvp/gdevopvp.c allows for arbitrary code execution through a custom Driver library, which can be exploited using a crafted PostScript document. This occurs because the Driver parameter for opvp and...
VulnCheck KEV: CVE-2018-16509
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction...
PT-2024-6395 · Artifex +9 · Artifex Ghostscript +9
Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 10.03.1 Description: The issue is related to path reduction in the base/gpmisc.c file of Ghostscript, allowing for path traversal and command execution via a crafted PostScript document. This can lead to...