Lucene search
K

60 matches found

OSV
OSV
added 2022/01/17 12:40 p.m.9 views

OPENSUSE-SU-2022:0088-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2021-45944: Fixed use-after-free in sampleddatasample bsc1194303 - CVE-2021-45949: Fixed heap-based buffer overflow in sampleddatafinish bsc1194304...

5.5CVSS5.8AI score0.01401EPSS
Exploits2References5
OSV
OSV
added 2021/09/23 4:49 a.m.10 views

MGASA-2021-0436 Updated ghostscript packages fix security vulnerability

Trivial -dSAFER bypass in 9.55. CVE-2021-3781...

9.9CVSS9.5AI score0.83913EPSS
Exploits0References7
OSV
OSV
added 2021/09/16 8:3 a.m.7 views

OPENSUSE-SU-2021:1273-1 Security update for ghostscript

This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123 This update was imported from the SUSE:SLE-15:Update upda...

9.9CVSS9.8AI score0.83913EPSS
Exploits0References4
OSV
OSV
added 2021/09/15 8:17 a.m.7 views

OPENSUSE-SU-2021:3044-1 Security update for ghostscript

This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123...

9.9CVSS9.8AI score0.83913EPSS
Exploits0References4
OSV
OSV
added 2020/08/04 12:19 p.m.4 views

OPENSUSE-SU-2020:1146-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - fixed CVE-2020-15900 Memory Corruption SAFER Sandbox Breakout cf. https://bugs.ghostscript.com/showbug.cgi?id=702582 bsc1174415 This update was imported from the SUSE:SLE-15:Update update project...

9.8CVSS9.5AI score0.05186EPSS
Exploits0References3
OSV
OSV
added 2019/11/20 1:27 p.m.4 views

OPENSUSE-SU-2019:2534-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code bsc1156275. This update was imported from the SUSE:SLE-15:Update update project...

8.8CVSS8.8AI score0.03434EPSS
Exploits0References3
OSV
OSV
added 2019/09/30 2:23 p.m.9 views

OPENSUSE-SU-2019:2223-1 Security update for ghostscript

This update for ghostscript fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. bsc1129180 - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators...

9.8CVSS6.6AI score0.11397EPSS
Exploits2References14
OSV
OSV
added 2019/09/10 12:51 p.m.6 views

SUSE-SU-2019:2348-1 Security update for ghostscript

This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621...

7.8CVSS7.8AI score0.02295EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.41 views

SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2018:2976-1)

This update for ghostscript to version 9.25 fixes the following issues : These security issues were fixed : CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 CVE-2018-15909: Prevent type confusio...

9.3CVSS7.2AI score0.92499EPSS
Exploits5References49
OSV
OSV
added 2018/12/12 12:37 p.m.13 views

SUSE-SU-2018:4087-1 Security update for ghostscript

This update for ghostscript to version 9.26 fixes the following issues: Security issues fixed: - CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c bsc1117327 - CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c bsc1117313 - CVE-2018-19477:...

9.8CVSS7.9AI score0.16288EPSS
Exploits6References18
Tenable Nessus
Tenable Nessus
added 2018/10/03 12:0 a.m.44 views

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2018:2975-1)

This update for ghostscript to version 9.25 fixes the following issues : These security issues were fixed : CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 CVE-2018-15909: Prevent type confusio...

9.3CVSS7.2AI score0.92499EPSS
Exploits5References49
OSV
OSV
added 2018/09/20 11:17 p.m.21 views

MGASA-2018-0378 Updated ghostscript packages fix security vulnerabilities

Updated ghostscript packages fix several security vulnerabilities including: In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files CVE-2018-15908. In Artifex Ghostscript 9.23 before 2018-08-24, a typ...

9.3CVSS7.7AI score0.92499EPSS
Exploits5References8
OSV
OSV
added 2018/07/05 6:44 a.m.6 views

SUSE-SU-2018:1884-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2018-10194: The settextdistance function did not prevent overflows in text-positioning calculation, which allowed remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted P...

7.8CVSS8.2AI score0.01905EPSS
Exploits0References3
OSV
OSV
added 2018/02/09 10:31 a.m.16 views

SUSE-SU-2018:0407-1 Security update for ghostscript

This update for ghostscript fixes several issues. These security issues were fixed: - CVE-2017-9835: The gsallocrefarray function allowed remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScri...

7.8CVSS7.6AI score0.03452EPSS
Exploits7References19
OSV
OSV
added 2017/10/05 8:8 p.m.11 views

MGASA-2017-0355 Updated ghostscript packages fix security vulnerabilities

The InsMIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document. CVE-2017-9611 The InsIP function in base/ttinterp.c...

7.8CVSS8.1AI score0.0275EPSS
Exploits5References3
OSV
OSV
added 2017/04/28 6:55 p.m.13 views

SUSE-SU-2017:1138-1 Security update for ghostscript

This update for ghostscript fixes the following security vulnerabilities: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to...

7.8CVSS7AI score0.96968EPSS
Exploits9References11
OSV
OSV
added 2016/10/11 1:8 p.m.8 views

SUSE-SU-2016:2493-1 Security update for ghostscript-library

This update for ghostscript-library fixes the following issues: - Multiple security vulnerabilities have been discovered where ghostscript's '-dsafer' flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted...

9.8CVSS8.7AI score0.06419EPSS
Exploits0References7
OSV
OSV
added 2015/08/10 2:31 p.m.3 views

MGASA-2015-0308 Updated ghostscript package fixes security vulnerability

GhostScript is vulnerable to an integer overflow when processing a crafted PostScript file using the ps2pdf command CVE-2015-3228...

6.8CVSS9.5AI score0.03748EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2003/06/17 7:47 p.m.19 views

Important: Red Hat Security Advisory: ghostscript security update

A ghostscript package fixing a command execution vulnerability is now available. GNU Ghostscript is an interpreter for the PostScript language, and is often used when printing to printers that do not have their own built-in PostScript interpreter. A flaw has been discovered in the way Ghostscript...

7.5CVSS6AI score0.0187EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2002/08/20 6:57 p.m.7 views

Important: Red Hat Security Advisory: ghostscript security update

Updated packages are available for GNU Ghostscript, which fix a vulnerability found during PostScript interpretation. Ghostscript is a program for displaying PostScript files or printing them to non-PostScript printers. An untrusted PostScript file can cause ghostscript to execute arbitrary...

7.5CVSS5.8AI score0.02109EPSS
Exploits0References1
Rows per page
Query Builder