Lucene search
K

11 matches found

BDU FSTEC
BDU FSTEC
added 2024/07/31 12:0 a.m.4 views

The vulnerability of the software for processing, transforming, and generating documents using Ghostscript arises from the improper neutralization of special elements used in operating system commands. This allows an attacker to execute arbitrary code.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to the introduction of a specially created pipe command. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

9.9CVSS8AI score0.83913EPSS
Exploits0References6Affected Software3
Redos
Redos
added 2024/07/30 12:0 a.m.27 views

ROS-20240730-04

A vulnerability in the document processing, conversion and generation software suite Ghostscript is related to the introduction of a specially crafted pipe command. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code...

9.9CVSS7.6AI score0.83913EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.27 views

CentOS 9 : ghostscript-9.54.0-4.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ghostscript-9.54.0-4.el9 build changelog. - A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe...

9.9CVSS8.2AI score0.83913EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.4 views

SUSE CVE-2008-2933

Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' pipe characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely...

2.6CVSS6.5AI score0.02753EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:48 a.m.2 views

SUSE CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

9.8CVSS9.6AI score0.83913EPSS
Exploits0References8
OSV
OSV
added 2022/11/23 2:15 a.m.2 views

CVE-2020-23584

Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diagtracertadmin.asp " in the "PingTest" parameter that leads to command execution...

9.8CVSS6.5AI score0.41443EPSS
Exploits0References1
OSV
OSV
added 2022/02/16 7:15 p.m.1 views

ALPINE-CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

9.9CVSS7.5AI score0.83913EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/09/08 1:28 a.m.44 views

CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

9.9CVSS7.3AI score0.83913EPSS
Exploits0References2
CNVD
CNVD
added 2018/09/11 12:0 a.m.1 views

Artifex Ghostscript Code Execution Vulnerability (CNVD-2020-54493)

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

7.8CVSS8.9AI score0.02159EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2013/03/13 12:0 a.m.27 views

Ruby Gem Curl Command Execution

Curl Ruby Gem Remote command execution 3/12/2013 https://github.com/tg0/curl Specially crafted URLs can result in remote code execution: In ./lib/curl.rb the following lines: 131 cmd = "curl cookiesstore browsertype @setupparams ref "url" " 132 if @debug 133 puts cmd.red 134 end 135 result =...

0.4AI score
Exploits0
OSV
OSV
added 2009/01/15 12:0 a.m.10 views

DSA-1705-1 netatalk - arbitrary code execution

Bulletin has no description...

9.3CVSS6.3AI score0.04526EPSS
Exploits1
Rows per page
Query Builder