Lucene search
K

330 matches found

RedHat Linux
RedHat Linux
added 2025/05/13 1:58 p.m.4 views

ghostscript: dangling pointer in gdev_prn_open_printer_seekable()

A flaw was found in Ghostscript. A remote attacker may use a specially crafted payload to trigger access to previously freed memory, which can potentially lead to remote code execution or an application crash...

7.5CVSS6.4AI score0.0153EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/05/13 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2025-1510)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.00806EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2025/05/01 11:45 a.m.13 views

USN-7473-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly bypass file path validation...

4.5CVSS5.1AI score0.00156EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/01 12:0 a.m.6 views

Ubuntu 24.04 LTS / 24.10 : Ghostscript vulnerability (USN-7473-1)

The remote Ubuntu 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7473-1 advisory. It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting...

4.5CVSS5.3AI score0.00156EPSS
Exploits0References2
CVE
CVE
added 2025/04/26 12:0 a.m.120 views

CVE-2025-46646

CVE-2025-46646 affects Artifex Ghostscript prior to 10.05.0, where decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encodings. This issue is linked to an incomplete fix for CVE-2024-46954. Affected products include Ghostscript releases before 10.05.0; multiple advisories reference upgrades...

4.5CVSS6.9AI score0.00156EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/04/26 12:0 a.m.3 views

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Page Description Language for Portable Document Format PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which stems from the improper handling of long...

4.5CVSS4.6AI score0.00156EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/04/26 12:0 a.m.12 views

CVE-2025-46646

In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...

4.5CVSS7.8AI score0.00156EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/02 12:0 a.m.8 views

The vulnerability of the bj10v_print_page() function in the contrib/japanese/gdev10v.c file of the BJ10V Device component of the software development kit for processing, transforming, and generating Ghostscript documents, allowing a malicious individual to execute arbitrary code or cause a service failure.

The vulnerability of the bj10vprintpage function in the contrib/japanese/gdev10v.c file of the BJ10V Device component of the software development kit for processing, transforming, and generating Ghostscript documents is related to the copying of buffers without checking the size of the input data...

10CVSS7.1AI score0.00579EPSS
Exploits0References19Affected Software9
BDU FSTEC
BDU FSTEC
added 2025/04/02 12:0 a.m.56 views

The vulnerability of the gp_open_scratch_file_impl() function in the files base/gp_mswin.c and base/winrtsup.cpp of the Ghostscript processing, conversion, and generation software suite allows a malicious actor to read arbitrary files.

The vulnerability of the gpopenscratchfileimpl function in the base/gpmswin.c and base/winrtsup.cpp files of the Ghostscript processing, conversion, and generation software suite is related to an incorrect path name limitation. Exploiting this vulnerability could allow a remote attacker to read...

10CVSS6AI score0.00586EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/02 12:0 a.m.5 views

The vulnerability of the txt_get_unicode() function in the devices/vector/doc_common.c file of the Ghostscript document processing, conversion, and generation software allows a hacker to execute arbitrary code.

The vulnerability of the txtgetunicode function in the devices/vector/doccommon.c file of the Ghostscript document processing, conversion, and generation software set is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an...

10CVSS7.1AI score0.00579EPSS
Exploits0References18Affected Software7
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.15 views

Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-907)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-907 advisory. The calculation of the buffer size was being done with int values, and overflowing that data type. The bug has existed since the creation of the file contrib/japanese/gdevnpdl.cThe calculation of the...

9.8CVSS7.1AI score0.00806EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/03/27 12:14 a.m.3 views

SUSE CVE-2025-27830

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/writet1.c and psi/zfapi.c...

5CVSS7.8AI score0.00281EPSS
Exploits0References4
OSV
OSV
added 2025/03/25 9:15 p.m.4 views

ALPINE-CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...

7.8CVSS7.5AI score0.00255EPSS
Exploits0References1
OSV
OSV
added 2025/03/25 9:15 p.m.12 views

CVE-2025-27832

An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c...

9.8CVSS9.7AI score
Exploits0References2
OSV
OSV
added 2025/03/25 9:15 p.m.2 views

UBUNTU-CVE-2025-27832

An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c...

9.8CVSS7.4AI score0.00806EPSS
Exploits0References4
OSV
OSV
added 2025/03/25 9:15 p.m.2 views

UBUNTU-CVE-2025-27835

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...

7.8CVSS7.3AI score0.00288EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/03/25 12:0 a.m.11 views

CVE-2025-27831

An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doccommon.c...

9.8CVSS7.7AI score0.00579EPSS
Exploits0
CNNVD
CNNVD
added 2025/03/25 12:0 a.m.3 views

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Formatting Language PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which is caused by a compression buffer overflow in the NPDL device...

9.8CVSS7.2AI score0.00806EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2025/03/06 12:0 a.m.238 views

Ghostscript 9.21 Arbitrary Command Execution

Ghostscript version 9.21 exploit that leverages a flaw from 2017 to execute arbitrary commands and provides a reverse shell. ============================================================================================================================================= | Title : Ghostscript versions...

8.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-16298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability in mjcolorcorrect in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial...

5.5CVSS6.5AI score0.01988EPSS
Exploits1References2
Rows per page
Query Builder