Lucene search
K

330 matches found

CVE
CVE
added 2024/10/22 5:9 p.m.43 views

CVE-2024-9129

CVE-2024-9129 affects Zend Server versions 8.5 and earlier than 9.2. The vulnerability is a format string injection in Zend Server. According to the provided metrics, the CVSS 4.0 base score is 9.3 (CRITICAL) with NETWORK attack vector, no privileges required, no user interaction, and impacts to ...

9.3CVSS7.2AI score0.00408EPSS
Exploits0References1
OSV
OSV
added 2024/09/20 11:9 a.m.4 views

OESA-2024-2162 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in...

6.3CVSS7.3AI score0.27974EPSS
Exploits6References3
OSV
OSV
added 2024/09/20 11:9 a.m.4 views

OESA-2024-2163 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in...

6.3CVSS7.3AI score0.27974EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.21 views

EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2024-2413)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint...

6.3CVSS7.3AI score0.27974EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.26 views

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-2389)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint...

6.3CVSS7.3AI score0.27974EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.28 views

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-2364)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint...

6.3CVSS7.3AI score0.27974EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2024/09/09 1:35 a.m.32 views

Moderate: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

6.3CVSS7.1AI score0.27974EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2024/09/09 12:0 a.m.22 views

RHEL 9 : ghostscript (RHSA-2024:6466)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6466 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap...

6.3CVSS7.5AI score0.27974EPSS
Exploits6References9
Tenable Nessus
Tenable Nessus
added 2024/09/04 12:0 a.m.28 views

AlmaLinux 9 : ghostscript (ALSA-2024:6197)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6197 advisory. ghostscript: format string injection leads to shell command execution SAFER bypass CVE-2024-29510 ghostscript: path traversal and command execution due to...

6.3CVSS7.3AI score0.27974EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2024/09/03 10:32 a.m.26 views

Moderate: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

6.3CVSS7.1AI score0.27974EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2024/09/03 10:32 a.m.6 views

ghostscript: format string injection leads to shell command execution (SAFER bypass)

A flaw in Ghostscript has been identified where the uniprint device allows users to pass various string fragments as device options. These strings, particularly upWriteComponentCommands and upYMoveCommand, are treated as format strings for gpfprintf and gssnprintf. This lack of restriction permit...

6.3CVSS6AI score0.27974EPSS
Exploits6References4
OSV
OSV
added 2024/09/03 12:0 a.m.31 views

ALSA-2024:6197 Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: format string injection leads to shell command execution SAFER bypass...

6.3CVSS7AI score0.27974EPSS
Exploits6References8
Oracle linux
Oracle linux
added 2024/09/03 12:0 a.m.322 views

ghostscript security update

9.54.0-17 - RHEL-44759 CVE-2024-33870 ghostscript: path traversal to arbitrary files if the current directory is in the permitted paths - RHEL-44745 CVE-2024-33869 ghostscript: path traversal and command execution due to path reduction - RHEL-44731 CVE-2024-29510 ghostscript: format string...

6.3CVSS6.8AI score0.27974EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2024/07/04 12:0 a.m.29 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ghostscript (SUSE-SU-2024:2292-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2292-1 advisory. - CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path bsc1226945....

6.3CVSS7.5AI score0.27974EPSS
Exploits6References10
OSV
OSV
added 2024/07/03 7:15 p.m.2 views

DEBIAN-CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...

6.3CVSS6.8AI score0.27974EPSS
Exploits6References1
NVD
NVD
added 2024/07/03 7:15 p.m.76 views

CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...

6.3CVSS0.27974EPSS
Exploits6References4
OSV
OSV
added 2024/07/03 11:32 a.m.15 views

SUSE-SU-2024:2292-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path bsc1226945. - CVE-2024-33870: Fixed a format string injection that could lead to command execution bsc1226944. - CVE-2024-33869: Fixed a path validation...

6.3CVSS6.7AI score0.27974EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.34 views

SUSE SLES12 Security Update : ghostscript (SUSE-SU-2024:2276-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2276-1 advisory. - CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path bsc1226945. - CVE-2024-33870: Fixed a format...

6.3CVSS7.5AI score0.27974EPSS
Exploits6References10
OSV
OSV
added 2024/07/03 12:0 a.m.31 views

CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...

6.3CVSS7AI score0.27974EPSS
Exploits6References6
Cvelist
Cvelist
added 2024/07/03 12:0 a.m.35 views

CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...

0.27974EPSS
Exploits6References3
Rows per page
Query Builder