Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ArtifexGhostscript

126 matches found

CVE
CVEadded 2017/04/03 5:59 a.m.86 views

CVE-2016-10219

The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

5.5CVSS5.8AI score0.00935EPSS
CVE
CVEadded 2017/07/28 5:29 a.m.86 views

CVE-2017-11714

psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_relo...

7.8CVSS6.7AI score0.0032EPSS
CVE
CVEadded 2017/07/26 7:29 p.m.86 views

CVE-2017-9611

The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

7.8CVSS7.9AI score0.00376EPSS
CVE
CVEadded 2024/11/10 9:15 p.m.84 views

CVE-2024-46951

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

7.8CVSS7.1AI score0.00062EPSS
CVE
CVEadded 2023/08/22 7:16 p.m.83 views

CVE-2020-21710

A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file.

5.5CVSS5.3AI score0.00375EPSS
CVE
CVEadded 2017/05/23 4:29 a.m.80 views

CVE-2016-7977

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.

5.5CVSS7AI score0.01521EPSS
CVE
CVEadded 2017/04/03 5:59 a.m.78 views

CVE-2016-10220

The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module.

5.5CVSS5.8AI score0.00935EPSS
CVE
CVEadded 2025/03/25 9:15 p.m.78 views

CVE-2025-27830

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/write_t1.c and psi/zfapi.c.

7.8CVSS7.4AI score0.00017EPSS
CVE
CVEadded 2017/04/14 6:59 p.m.77 views

CVE-2016-8602

The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.

7.8CVSS8.9AI score0.00312EPSS
CVE
CVEadded 2024/11/10 10:15 p.m.77 views

CVE-2024-46953

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

7.8CVSS7.2AI score0.00062EPSS
CVE
CVEadded 2025/03/25 9:15 p.m.77 views

CVE-2025-27833

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs for a long TTF font name to pdf/pdf_fmap.c.

7.8CVSS7.3AI score0.00017EPSS
CVE
CVEadded 2017/05/23 4:29 a.m.76 views

CVE-2016-7979

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.

9.8CVSS9.6AI score0.00828EPSS
CVE
CVEadded 2024/02/04 6:16 p.m.71 views

CVE-2020-36773

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).

9.8CVSS9.4AI score0.00138EPSS
CVE
CVEadded 2024/07/03 6:15 p.m.71 views

CVE-2024-29506

Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.

8.8CVSS7.5AI score0.00084EPSS
CVE
CVEadded 2024/11/10 10:15 p.m.71 views

CVE-2024-46954

An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.

8.4CVSS6.4AI score0.00057EPSS
CVE
CVEadded 2025/03/25 9:15 p.m.69 views

CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdf_func.c.

7.8CVSS7.3AI score0.00005EPSS
CVE
CVEadded 2025/03/25 9:15 p.m.68 views

CVE-2025-27837

An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.

9.8CVSS7AI score0.00103EPSS
CVE
CVEadded 2024/07/03 7:15 p.m.67 views

CVE-2024-29507

Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters.

5.4CVSS7.7AI score0.00058EPSS
CVE
CVEadded 2025/05/23 4:15 a.m.66 views

CVE-2025-48708

gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.

4CVSS4.4AI score0.00005EPSS
CVE
CVEadded 2024/07/03 6:15 p.m.64 views

CVE-2024-29509

Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle.

8.8CVSS7.2AI score0.0045EPSS
CVE
CVEadded 2024/11/10 10:15 p.m.63 views

CVE-2024-46952

An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).

8.4CVSS6.9AI score0.00026EPSS
CVE
CVEadded 2024/11/10 10:15 p.m.63 views

CVE-2024-46955

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

5.5CVSS6.4AI score0.00051EPSS
CVE
CVEadded 2017/04/03 5:59 a.m.55 views

CVE-2016-10218

The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

5.5CVSS5.8AI score0.00374EPSS
CVE
CVEadded 2017/05/12 7:29 a.m.55 views

CVE-2017-8908

The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document.

5.5CVSS5.5AI score0.00374EPSS
CVE
CVEadded 2019/05/23 3:29 p.m.47 views

CVE-2017-15652

Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga (imagemagick used that). The attack vector is: Someone must open a postscript file though gho...

5.5CVSS5.5AI score0.00271EPSS
CVE
CVEadded 2017/04/19 2:59 p.m.46 views

CVE-2017-7948

Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document.

7.8CVSS7.2AI score0.00226EPSS
Total number of security vulnerabilities126