Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex ghostscript vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-7207
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
Artifex Ghostscript 9.20
5.3
CVSSv3
CVE-2018-11645
psi/zfile.c in Artifex Ghostscript prior to 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote malicious users to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.
Artifex Ghostscript
NA
CVE-2023-52722
An issue exists in Artifex Ghostscript up to and including 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard.
NA
CVE_2023_36664
Ghostscript command injection vulnerability PoC (CVE-2023-36664) Vulnerability disclosed in Ghostscript prior to version 10.01.2 leads to code execution (CVSS score 9.8). Official vulnerability description: Artifex Ghostscript through 10.01.2 mishandles permission validation for...
1 Github repository
NA
CVE-2015-3228
Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an ...
Artifex Afpl Ghostscript
NA
CVE-2013-6629
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo up to and including 1.3.0, as used in Google Chrome prior to 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that fol...
Google Chrome
Oracle Solaris 11.3
Artifex Gpl Ghostscript
Libjpeg-turbo Libjpeg-turbo
Fedoraproject Fedora 18
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Firefox Esr
NA
CVE-2012-4875
Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote malicious users to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to ...
Artifex Gpl Ghostscript 9.04
NA
CVE-2010-4054
The gs_type2_interpret function in Ghostscript allows remote malicious users to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043.
Artifex Afpl Ghostscript 7.00
Artifex Afpl Ghostscript 6.50
Artifex Afpl Ghostscript 6.01
Artifex Afpl Ghostscript 6.0
Artifex Ghostscript Fonts 8.11
Artifex Gpl Ghostscript 8.01
Artifex Ghostscript Fonts 6.0
Artifex Gpl Ghostscript 8.62
Artifex Gpl Ghostscript 8.63
Artifex Afpl Ghostscript 8.50
Artifex Afpl Ghostscript 8.14
Artifex Afpl Ghostscript 8.13
Artifex Afpl Ghostscript 8.12
Artifex Gpl Ghostscript 8.51
Artifex Gpl Ghostscript 8.54
Artifex Gpl Ghostscript 8.71
Artifex Afpl Ghostscript 8.53
Artifex Afpl Ghostscript 7.03
Artifex Gpl Ghostscript 8.70
Artifex Afpl Ghostscript 8.52
Artifex Afpl Ghostscript 8.00
Artifex Gpl Ghostscript 8.50
NA
CVE-2009-3743
Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript prior to 8.71 allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an ...
Artifex Gpl Ghostscript 8.64
Artifex Afpl Ghostscript 7.00
Artifex Afpl Ghostscript 6.50
Artifex Afpl Ghostscript 8.14
Artifex Afpl Ghostscript 8.13
Artifex Gpl Ghostscript 8.01
Artifex Ghostscript Fonts 6.0
Artifex Gpl Ghostscript 8.54
Artifex Afpl Ghostscript 8.53
Artifex Afpl Ghostscript 6.01
Artifex Afpl Ghostscript 6.0
Artifex Afpl Ghostscript 8.12
Artifex Afpl Ghostscript 8.11
Artifex Afpl Ghostscript 8.52
Artifex Afpl Ghostscript 8.00
Artifex Gpl Ghostscript 8.15
Artifex Gpl Ghostscript 8.60
Artifex Gpl Ghostscript 8.61
Artifex Gpl Ghostscript 8.56
Artifex Gpl Ghostscript 8.62
Artifex Gpl Ghostscript 8.63
Artifex Afpl Ghostscript 8.54
NA
CVE-2010-2055
Ghostscript 8.71 and previous versions reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using...
Artifex Afpl Ghostscript 7.03
Artifex Afpl Ghostscript 7.00
Artifex Afpl Ghostscript 6.50
Artifex Afpl Ghostscript 6.01
Artifex Gpl Ghostscript 8.01
Artifex Ghostscript Fonts 6.0
Artifex Gpl Ghostscript 8.62
Artifex Gpl Ghostscript 8.63
Artifex Afpl Ghostscript 8.14
Artifex Afpl Ghostscript 8.13
Artifex Afpl Ghostscript 8.12
Artifex Afpl Ghostscript 8.11
Artifex Gpl Ghostscript 8.51
Artifex Gpl Ghostscript 8.54
Artifex Afpl Ghostscript 8.53
Artifex Afpl Ghostscript 8.54
Artifex Gpl Ghostscript
Artifex Afpl Ghostscript 7.04
Artifex Afpl Ghostscript 6.0
Artifex Afpl Ghostscript 8.52
Artifex Afpl Ghostscript 8.50
Artifex Afpl Ghostscript 8.00
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »