Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2801 matches found

NVD
NVDadded 2018/09/06 2:29 p.m.19 views

CVE-2018-16585

An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing e.g., after the startup phase. This leads to memory corruption, allowing remote attackers able to supply crafted...

7.8CVSS8.1AI score0.00496EPSS
Exploits0References8
OSV
OSVadded 2018/09/06 2:29 p.m.6 views

CVE-2018-16585

An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing e.g., after the startup phase. This leads to memory corruption, allowing remote attackers able to supply crafted...

7.8CVSS8.2AI score
Exploits0References8
Cvelist
Cvelistadded 2018/09/06 1:0 p.m.23 views

CVE-2018-16585

An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing e.g., after the startup phase. This leads to memory corruption, allowing remote attackers able to supply crafted...

7.3AI score0.00496EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2018/09/06 1:0 p.m.28 views

CVE-2018-16585

An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing e.g., after the startup phase. This leads to memory corruption, allowing remote attackers able to supply crafted...

7.8CVSS8.6AI score0.00496EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2018/09/06 5:50 a.m.43 views

CVE-2018-16540

It was discovered that the ghostscript PDF14 compositor did not properly handle the copying of a device. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScrip...

9.3CVSS1.9AI score0.9181EPSS
Exploits4References2
RedhatCVE
RedhatCVEadded 2018/09/06 5:50 a.m.31 views

CVE-2018-16541

It was discovered that the ghostscript device cleanup did not properly handle devices replaced with a null device. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted...

7.3CVSS2.8AI score0.00454EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2018/09/06 5:49 a.m.36 views

CVE-2018-16543

It was discovered that the ghostscript gssetresolution and gsgetresolution procedures were available, although they have dangerous side effects. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript...

7.8CVSS2.9AI score0.00219EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2018/09/06 5:20 a.m.25 views

CVE-2018-16510

It was discovered that ghostscript did not properly handle certain error conditions related to the SC and CS PDF operators. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a speciall...

7.8CVSS4.5AI score0.00223EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2018/09/06 4:49 a.m.41 views

CVE-2018-16542

It was discovered that ghostscript did not properly handle certain stack overflow error conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript...

9.3CVSS1.9AI score0.9181EPSS
Exploits4References2
RedhatCVE
RedhatCVEadded 2018/09/06 1:19 a.m.45 views

CVE-2018-16509

It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document. Mitigation ImageMagick relies on...

9.3CVSS0.3AI score0.9181EPSS
Exploits4References2
RedhatCVE
RedhatCVEadded 2018/09/06 1:19 a.m.29 views

CVE-2018-16513

It was discovered that the ghostscript did not properly validate the operands passed to the setcolor function. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted...

7.8CVSS1.8AI score0.00255EPSS
Exploits0References2
Metasploit
Metasploitadded 2018/09/06 12:56 a.m.49 views

Ghostscript Failed Restore Command Execution

This module exploits a -dSAFER bypass in Ghostscript to execute arbitrary commands by handling a failed restore grestore in PostScript to disable LockSafetyParams and avoid invalidaccess. This vulnerability is reachable via libraries such as ImageMagick. This module requires Metasploit:...

7.8CVSS7.8AI score0.9181EPSS
Exploits4
UbuntuCve
UbuntuCveadded 2018/09/06 12:0 a.m.24 views

CVE-2018-16585

An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing e.g., after the startup phase. This leads to memory corruption, allowing remote attackers able to supply crafted...

7.8CVSS6.8AI score0.00496EPSS
Exploits0References3
CNVD
CNVDadded 2018/09/06 12:0 a.m.0 views

Artifex Ghostscript Information Disclosure Vulnerability (CNVD-2020-54498)

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

5.5CVSS7.6AI score0.00352EPSS
Exploits0References1
CNVD
CNVDadded 2018/09/06 12:0 a.m.1 views

Artifex Ghostscript Type Obfuscation Vulnerability (CNVD-2020-54497)

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

7.8CVSS7.7AI score0.00255EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2018/09/06 12:0 a.m.26 views

Ghostscript Failed Restore Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule /dev/tty' include Msf::Exploit::FILEFORMAT include Msf::Exploit::CmdStager include Msf::Exploit::Powershell def initializeinfo =...

Exploits0
CNVD
CNVDadded 2018/09/06 12:0 a.m.1 views

Artifex Ghostscript Denial of Service Vulnerability (CNVD-2020-54475)

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

5.5CVSS8.6AI score0.00454EPSS
Exploits0References1
OSV
OSVadded 2018/09/06 12:0 a.m.0 views

UBUNTU-CVE-2018-16585

An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing e.g., after the startup phase. This leads to memory corruption, allowing remote attackers able to supply crafted...

7.8CVSS6.7AI score0.00496EPSS
Exploits0References4
CNVD
CNVDadded 2018/09/06 12:0 a.m.1 views

Artifex Ghostscript Denial of Service Vulnerability (CNVD-2020-54476)

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

5.5CVSS7.7AI score0.00426EPSS
Exploits0References1
OSV
OSVadded 2018/09/05 6:29 p.m.11 views

CVE-2018-16539

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable...

5.5CVSS7.3AI score
Exploits0References8
Rows per page
Query Builder