MiracleLinux 9 : ghostscript-9.54.0-11.el9 (AXSA:2023-6559:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6559:04 advisory. Ghostscript: GhostPDL can lead to remote code execution via crafted PostScript documents CVE-2023-43115 Tenable has extracted the preceding description block...

SUSE CVE-2010-4820

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055...

ghostscript: incomplete fix for CVE-2018-16509

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document...

CVE-2018-16509

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction...

Code execution via PDF and PS in KDE

Command contained in PS and PDF files may be eceuted...