Lucene search
K

33 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-11506

Malware in sbrugna...

7.8CVSS7.2AI score0.01088EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/07/12 12:0 a.m.20 views

RHEL 8 : ghostscript (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ghostscript: Mishandling of .completefont incomplete fix for CVE-2019-3839 CVE-2019-25059 - Ghostscript...

7.8CVSS8.6AI score0.01756EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.27 views

RHEL 8 : ghostscript (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ghostscript: Mishandling of .completefont incomplete fix for CVE-2019-3839 CVE-2019-25059 - In Artifex...

7.4AI score0.01888EPSS
Exploits0References2
Veracode
Veracode
added 2022/05/08 9:5 a.m.33 views

Authorization Bypass

ghostscript is vulnerable to authorization bypass. An attacker is able to access privileged operators using a malicious PostScript file to gain access to the file system outside of the contraints imposed by the -dSAFER option. This vulnerability exists after applying the fix for CVE-2019-3839...

7.8CVSS4.6AI score0.01756EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/05/02 12:0 a.m.30 views

Debian DLA-2989-1 : ghostscript - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2989 advisory. - Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839. CVE-2019-25059 - It was found...

7.8CVSS7.5AI score0.43901EPSS
Exploits2References7
RedhatCVE
RedhatCVE
added 2022/04/25 1:22 p.m.53 views

CVE-2019-25059

Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839...

7.8CVSS1.5AI score0.01756EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2019:2460-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.11397EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2019:2478-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.11397EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.41 views

CentOS 8 : ghostscript (CESA-2019:0971)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:0971 advisory. - ghostscript: superexec operator is available 700585 CVE-2019-3835 - ghostscript: forceput in DefineResource is still accessible 700576 CVE-2019-3838 ...

7.8CVSS6.7AI score0.43901EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1731)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.01756EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1576)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.01756EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1613)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.43901EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/10/01 12:0 a.m.33 views

openSUSE Security Update : ghostscript (openSUSE-2019-2222)

This update for ghostscript fixes the following issues : Security issues fixed : - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. bsc1129180 - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators...

9.8CVSS6.4AI score0.11397EPSS
Exploits2References13
Tenable Nessus
Tenable Nessus
added 2019/09/25 12:0 a.m.26 views

Fedora 30 : ghostscript (2019-953fc0f16d)

rebase to latest upstream version 9.27 - security fixes added for : - CVE-2019-14811 bug 1747908 - CVE-2019-14812 bug 1747907 - CVE-2019-14813 bug 1747906 - CVE-2019-14817 bug 1747909 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...

9.8CVSS7.4AI score0.43901EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2019/09/24 12:0 a.m.30 views

EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2019-2031)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the...

7.8CVSS6.7AI score0.01888EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2019/08/13 12:0 a.m.51 views

ghostscript security, bug fix, and enhancement update

9.25-2 - obsoleted old ghostscript-devel to allow clean upgrade to libgs-devel 9.25-1 - Rebase to latest upstream version bug 1636115 - Resolves: 1673399 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678172 - CVE-2019-3835 ghostscript: superexec...

9.8CVSS0.1AI score0.92499EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.40 views

Oracle Linux 8 : ghostscript (ELSA-2019-0971)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-0971 advisory. - Resolves: 1692798 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678170 - CVE-2019-3835 ghostscript:...

7.8CVSS6.8AI score0.43901EPSS
Exploits2References4
Oracle linux
Oracle linux
added 2019/07/30 12:0 a.m.37 views

ghostscript security update

9.25-2.1 - Resolves: 1692798 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - Resolves: 1678170 - CVE-2019-3835 ghostscript: superexec operator is available 700585 - Resolves: 1691414 - CVE-2019-3838 ghostscript: forceput in DefineResource is still accessible...

7.8CVSS2.7AI score0.43901EPSS
Exploits2
OSV
OSV
added 2019/06/10 7:17 p.m.18 views

MGASA-2019-0188 Updated ghostscript packages fix security vulnerability

It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscrip...

7.8CVSS7.6AI score0.01756EPSS
Exploits0References3
Mageia
Mageia
added 2019/06/10 7:17 p.m.57 views

Updated ghostscript packages fix security vulnerability

It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscrip...

7.8CVSS3.7AI score0.01756EPSS
Exploits0References2
Rows per page
Query Builder