CVE-2024-11344 Type confusion vulnerability in the Postscript interpreter in various Lexmark devices

A type confusion vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

CVE-2024-11345 Heap-based memory vulnerability in the Postscript interpreter in various Lexmark devices

A heap-based memory vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

CVE-2024-11345

CVE-2024-11345 affects Lexmark printers with a heap-based memory vulnerability in the PostScript interpreter that can allow remote code execution. Multiple third-party feeds (NVD, Red Hat, Tenable, OpenVAS, CIRCL, CVEList, VulnEnrichment) describe it consistently as a heap-based flaw in Lexmark P...

PT-2025-6505 · Lexmark · Lexmark International Xc

Name of the Vulnerable Software and Affected Versions: Lexmark International CX, XC, CS, et. Al. Postscript interpreter modules affected versions not specified Description: The issue is related to an integer overflow or wraparound vulnerability in the Postscript interpreter modules of Lexmark...

PT-2025-6504 · Lexmark · Lexmark International Xc

Name of the Vulnerable Software and Affected Versions: Lexmark International CX, XC, CS, et. Al. versions 001.001:0 through 081.231 Lexmark International CX, XC, CS, et. Al. versions ..P001 through ..P233 Lexmark International CX, XC, CS, et. Al. versions ..P001 through ..P759 Lexmark Internation...

OESA-2025-1051 enscript security update

GNU enscript is a computer program that converts text files to PostScript, RTF, or HTML formats. If no input files are given, enscript processes standard input. Enscript can be extended to handle different output media and it has many options which can be used to customize print-outs. Security...

Amazon Linux 2 : ghostscript (ALAS-2024-2708)

The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2708 advisory. PS interpreter - check the type of the Pattern Implementation NOTE:...

Important: ghostscript

Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...

USN-7138-1 ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-7138-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code...

OESA-2024-2458 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code...

OESA-2024-2457 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and...

OESA-2024-2455 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and...

USN-7103-1 ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-46951, CVE-2024-46953, CVE-2024-46955, CVE-2024-46956 It was discovered...

USN-7103-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-46951, CVE-2024-46953, CVE-2024-46955, CVE-2024-46956 It was discovered...

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

CVE-2024-46956

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution...

ghostscript bug fix update

An update is available for ghostscript. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Ghostscript suite contains utilities for rendering PostScript and PDF...

UBUNTU-CVE-2024-46478

HTMLDOC v1.9.18 contains a buffer overflow in parsepre function,ps-pdf.cxx:5681...

Advisory ROSA-SA-2024-2494

Software: ghostscript 9.25 OS: rosa-server79 packageevrstring: ghostscript-9.25-5.0.1.res7 CVE-ID: CVE-2024-33871 BDU-ID: 2024-05064 CVE-Crit: HIGH CVE-DESC.: A vulnerability exists in the contrib/opvp/gdevopvp.c component of the Ghostscript processing, conversion, and document generation softwar...