5485 matches found
USN-7138-1 ghostscript vulnerabilities
It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code...
Ubuntu 16.04 LTS / 18.04 LTS : Ghostscript vulnerabilities (USN-7138-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7138-1 advisory. It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to...
CVE-2024-53863
CVE-2024-53863 affects Synapse prior to 1.120.1. Enabling dynamic_thumbnails or handling a crafted request could trigger decoding/thumbnail generation of uncommon image formats, potentially invoking external decoders (e.g., Ghostscript) and expanding the attack surface. The vulnerability is mitig...
CVE-2024-53863 Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders
Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for...
CVE-2024-53863 Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders
Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for...
CVE-2024-53863 Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders
Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for...
PT-2024-35961 · Unknown +3 · Ghostscript +3
Name of the Vulnerable Software and Affected Versions: Synapse versions prior to 1.120.1 Description: Synapse is an open-source Matrix homeserver. Enabling the dynamic thumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image...
Debian: Security Advisory (DLA-3965-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3965-1] ghostscript security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3965-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 24, 2024 https://wiki.debian.org/LTS -...
DLA-3965-1 ghostscript - security update
Bulletin has no description...
Debian dla-3965 : ghostscript - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3965 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3965-1 [email protected]...
Astra Linux – Vulnerability in GhostScript
Artifex Ghostscript before version 10.03.0 has a heap-based overflow issue when PDFPassword e.g., for runpdf contains a \000 byte in it...
Astra Linux – Vulnerability in GhostScript
Artifex Ghostscript before version 10.03.0 sometimes suffers from a stack-based buffer overflow due to the CIDFSubstPath and CIDFSubstFont parameters...
Astra Linux – Vulnerability in GhostScript
Artifex Ghostscript prior to version 10.03.0 has a stack-based buffer overflow in the pdfiapplyfilter function due to a long PDF filter name...
Astra Linux – Vulnerability in GhostScript
A issue was discovered in psi/zcolor.c in Artifex Ghostscript prior to version 10.04.0. There is a buffer overflow vulnerability when reading colors from the indexed color space...
Astra Linux – Vulnerability in GhostScript
Artifex Ghostscript before version 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...
Astra Linux – Vulnerability in GhostScript
A issue was discovered in psi/zfile.c in Artifex Ghostscript prior to version 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution...
Astra Linux – Vulnerability in GhostScript
A issue was discovered in pdf/pdfxref.c in Artifex Ghostscript prior to version 10.04.0. There is a buffer overflow that occurs during the handling of a PDF XRef stream related to W array values...
Astra Linux – Vulnerability in GhostScript
A issue was discovered in psi/zcolor.c in Artifex Ghostscript prior to version 10.04.0. An unchecked Implementation pointer in the Pattern color space could lead to arbitrary code execution...
OESA-2024-2458 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code...