42 matches found
CLSA-2026-1778749215 ghostscript: Fix of 2 CVEs
CVE-2024-29508: heap pointer disclosure in pdfbasefontalloc via synthesized BaseFont name - CVE-2025-48708: argument sanitisation missed '' separator, leaking -sUserPasswordsecret values into output PDF metadata...
CLSA-2026-1776333493 ghostscript: Fix of CVE-2024-29508
CVE-2024-29508: fix heap-based pointer disclosure in pdfbasefontalloc...
📄 Qualcomm CVP Kernel Driver Pointer Disclosure / Privilege Escalation
This advisory describes a local privilege escalation vulnerability affecting the Qualcomm CVP kernel driver msmcvp, exposed through the /dev/cvp device node on Android systems using Qualcomm SoCs. The vulnerability originates from an improperly obfuscated kernel pointer returned to user space as ...
EUVD-2024-26511
Malicious code in bioql PyPI...
CVE-2018-21043
An issue was discovered on Samsung mobile devices with O8.x and P9.0 Exynos 9810 chipsets software. There is information disclosure about a kernel pointer in the g2ddrv driver because of logging. The Samsung ID is SVE-2018-13035 December 2018...
Linux Distros Unpatched Vulnerability : CVE-2024-29508
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc. CVE-2024-2950...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-2905)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-2829)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-2812)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2024-2886)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function...
EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-2829)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function...
EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2024-2905)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function...
EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-2812)
According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function...
[SECURITY] [DLA 3931-1] ghostscript security update
Debian LTS Advisory DLA-3931-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton October 22, 2024 https://wiki.debian.org/LTS Package : ghostscript Version : 9.53.3dfsg-7+deb11u8 CVE ID : CVE-2024-29508 A heap-based pointer disclosure problem was found in Ghostscript, ...
OESA-2024-2161 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in...
OESA-2024-2163 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in...
OESA-2024-2160 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in...
OESA-2024-2159 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in...
Amazon Linux 2 : ghostscript (ALAS-2024-2614)
The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2614 advisory. Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in t...
Medium: ghostscript
Issue Overview: Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfiapplyfilter function via a long PDF filter name. CVE-2024-29506 Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters...