Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-11645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the...

5.3CVSS7.3AI score0.02582EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.31 views

Oracle Linux 7 : ghostscript (ELSA-2019-2281)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2281 advisory. - Resolves: 1673399 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678172 - CVE-2019-3835 ghostscript: superexec...

9.8CVSS6.9AI score0.92499EPSS
Exploits13References2
OpenVAS
OpenVAS
added 2021/05/03 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2021-1788)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.23453EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.58 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2020-1240)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.23453EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-2151)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.23453EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.29 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0250)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ghostscript packages installed that are affected by multiple vulnerabilities: - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to...

9.8CVSS7.2AI score0.11397EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.36 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0203)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ghostscript packages installed that are affected by multiple vulnerabilities: - psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to...

9.8CVSS7.1AI score0.11397EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.35 views

Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: ghostscript 9.25. Security Fixes : - ghostscript: status command permitted with -dSAFER in psi/zfile.c allowing attackers to identify the size and existence of files CVE-2018-11645 C Tenable Network Security, Inc. The...

5.3CVSS6.6AI score0.02582EPSS
Exploits0References2
Debian
Debian
added 2018/11/10 3:45 p.m.38 views

[SECURITY] [DSA 4336-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4336-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 10, 2018 https://www.debian.org/security/faq -...

6.8CVSS1.9AI score0.16288EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2018/06/05 8:1 a.m.39 views

CVE-2018-11645

Ghostscript did not honor the -dSAFER option when executing the "status" instruction, which can be used to retrieve information such as a file's existence and size. A specially crafted postscript document could use this flow to gain information on the targeted system's filesystem content...

5.3CVSS1.9AI score0.02582EPSS
Exploits0References1
OSV
OSV
added 2018/06/01 12:29 p.m.13 views

CVE-2018-11645

psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977...

5.3CVSS7.5AI score
Exploits0References6
NVD
NVD
added 2018/06/01 12:29 p.m.19 views

CVE-2018-11645

psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977...

5.3CVSS7AI score0.02582EPSS
Exploits0References6
CVE
CVE
added 2018/06/01 12:0 p.m.184 views

CVE-2018-11645

Ghostscript (psi/zfile.c) before 9.21rc1 permits the status command even with -dSAFER, enabling remote attackers to determine the existence and size of arbitrary files. This CVE (CVE-2018-11645) is referenced in multiple advisories; upstream context ties it to Ghostscript’s handling of SAFER and ...

5.3CVSS6.8AI score0.02582EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2018/06/01 12:0 p.m.22 views

CVE-2018-11645

psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977...

7.7AI score0.02582EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2018/06/01 12:0 a.m.37 views

CVE-2018-11645

psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977...

5.3CVSS6.9AI score0.02582EPSS
Exploits0References2
Rows per page
Query Builder