243 matches found
CVE-2024-29510
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...
DEBIAN-CVE-2024-29510
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...
CVE-2024-29510
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...
SUSE-SU-2024:2292-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path bsc1226945. - CVE-2024-33870: Fixed a format string injection that could lead to command execution bsc1226944. - CVE-2024-33869: Fixed a path validation...
VulnCheck KEV: CVE-2024-29510
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...
CVE-2024-29510
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...
CVE-2024-29510
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...
CVE-2024-29510
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. Recent assessments: cdelafuente-r7 at August 13, 2024 10:25am UTC reported: Ghostscript is vulnerable to a critical format string vulnerability that affects...
SUSE SLES12 Security Update : ghostscript (SUSE-SU-2024:2276-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2276-1 advisory. - CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path bsc1226945. - CVE-2024-33870: Fixed a format...
SUSE-SU-2024:2276-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path bsc1226945. - CVE-2024-33870: Fixed a format string injection that could lead to command execution bsc1226944. - CVE-2024-33869: Fixed a path validation...
Astra Linux – Vulnerability in GhostScript
Artifex Ghostscript prior to version 10.03.1 allows for memory corruption, and enables SAFER sandbox bypass, through format string injection using a uniprint device...
PT-2024-4558
Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions prior to 10.03.1 Description The vulnerability in Artifex Ghostscript is related to a format string injection in the uniprint device, which can lead to memory corruption and allow an attacker to bypass the -dSAFER...
UBUNTU-CVE-2024-29510
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...
CVE-2023-25492
A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API...
Format string
A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API...
CVE-2023-25492
Lenovo XClarity Controller (XCC) is affected by CVE-2023-25492, a format-string injection vulnerability in the XCC web interface API that could allow a remote authenticated attacker to trigger a denial of service or other undefined behavior. The issue is confirmed across multiple advisories (Red ...
CVE-2023-25492
A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API...
CVE-2023-25492
A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API...
PT-2023-20111 · Xcc · Xcc
Name of the Vulnerable Software and Affected Versions: XCC affected versions not specified Description: A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interfa...
CVE-2022-35885
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacke...