Lucene search
K

243 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 6:50 p.m.11 views

CVE-2022-35877

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

9.8CVSS7.2AI score0.00869EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:50 p.m.12 views

CVE-2022-35886

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacke...

8.8CVSS7AI score0.01241EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:50 p.m.20 views

CVE-2022-35244

A format string injection vulnerability exists in the XCMD getVarHA functionality of abode systems, inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to memory corruption, information disclosure, and denial of service. An attacker can send a malicious XML payload ...

9.8CVSS6.8AI score0.01261EPSS
Exploits1References1
NVD
NVD
added 2024/10/22 5:15 p.m.24 views

CVE-2024-9129

In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered. Reported by Dylan Marino...

9.3CVSS0.00408EPSS
Exploits0References1
CVE
CVE
added 2024/10/22 5:9 p.m.43 views

CVE-2024-9129

CVE-2024-9129 affects Zend Server versions 8.5 and earlier than 9.2. The vulnerability is a format string injection in Zend Server. According to the provided metrics, the CVSS 4.0 base score is 9.3 (CRITICAL) with NETWORK attack vector, no privileges required, no user interaction, and impacts to ...

9.3CVSS7.2AI score0.00408EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/22 5:9 p.m.9 views

CVE-2024-9129 Format String Injection in Zend Server

In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered. Reported by Dylan Marino...

9.3CVSS7.4AI score0.00408EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/22 5:9 p.m.31 views

CVE-2024-9129 Format String Injection in Zend Server

In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered. Reported by Dylan Marino...

9.3CVSS0.00408EPSS
Exploits0References1
OSV
OSV
added 2024/09/20 11:9 a.m.4 views

OESA-2024-2162 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in...

6.3CVSS7.3AI score0.27992EPSS
Exploits6References3
OSV
OSV
added 2024/09/20 11:9 a.m.4 views

OESA-2024-2163 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in...

6.3CVSS7.3AI score0.27992EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.21 views

EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2024-2413)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint...

6.3CVSS7.3AI score0.27992EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.28 views

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-2364)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint...

6.3CVSS7.3AI score0.27992EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.26 views

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-2389)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint...

6.3CVSS7.3AI score0.27992EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2024/09/09 1:35 a.m.32 views

Moderate: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

6.3CVSS7.1AI score0.27992EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2024/09/09 12:0 a.m.22 views

RHEL 9 : ghostscript (RHSA-2024:6466)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6466 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap...

6.3CVSS7.5AI score0.27992EPSS
Exploits6References9
Tenable Nessus
Tenable Nessus
added 2024/09/04 12:0 a.m.28 views

AlmaLinux 9 : ghostscript (ALSA-2024:6197)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6197 advisory. ghostscript: format string injection leads to shell command execution SAFER bypass CVE-2024-29510 ghostscript: path traversal and command execution due to...

6.3CVSS7.3AI score0.27992EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2024/09/03 10:32 a.m.26 views

Moderate: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

6.3CVSS7.1AI score0.27992EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2024/09/03 10:32 a.m.6 views

ghostscript: format string injection leads to shell command execution (SAFER bypass)

A flaw in Ghostscript has been identified where the uniprint device allows users to pass various string fragments as device options. These strings, particularly upWriteComponentCommands and upYMoveCommand, are treated as format strings for gpfprintf and gssnprintf. This lack of restriction permit...

6.3CVSS6AI score0.27992EPSS
Exploits6References4
Oracle linux
Oracle linux
added 2024/09/03 12:0 a.m.322 views

ghostscript security update

9.54.0-17 - RHEL-44759 CVE-2024-33870 ghostscript: path traversal to arbitrary files if the current directory is in the permitted paths - RHEL-44745 CVE-2024-33869 ghostscript: path traversal and command execution due to path reduction - RHEL-44731 CVE-2024-29510 ghostscript: format string...

6.3CVSS6.8AI score0.27992EPSS
Exploits6
OSV
OSV
added 2024/09/03 12:0 a.m.31 views

ALSA-2024:6197 Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: format string injection leads to shell command execution SAFER bypass...

6.3CVSS7AI score0.27992EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2024/07/04 12:0 a.m.29 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ghostscript (SUSE-SU-2024:2292-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2292-1 advisory. - CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path bsc1226945....

6.3CVSS7.5AI score0.27992EPSS
Exploits6References10
Rows per page
Query Builder