Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghostscript vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-14551
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
Imagemagick Imagemagick 7.0.8-7
Canonical Ubuntu Linux 18.04
8.8
CVSSv3
CVE-2023-43115
In Artifex Ghostscript up to and including 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk...
Artifex Ghostscript
Fedoraproject Fedora 38
Fedoraproject Fedora 39
1 Github repository
8.8
CVSSv3
CVE-2021-24684
The WordPress PDF Light Viewer Plugin WordPress plugin prior to 1.4.12 allows users with Author roles to execute arbitrary OS command on the server via OS Command Injection when invoking Ghostscript.
Teamlead Pdf-light-viewer
8.8
CVSSv3
CVE-2019-14869
A flaw was found in all versions of ghostscript 9.x prior to 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScri...
Artifex Ghostscript
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
8.8
CVSSv3
CVE-2016-7976
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote malicious users to execute arbitrary code via crafted userparams.
Artifex Ghostscript 9.18
Artifex Ghostscript 9.20
3 Github repositories
7.8
CVSSv3
CVE-2020-21890
Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote malicious users to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document.
Artifex Ghostscript 9.50
7.8
CVSSv3
CVE-2023-36664
Artifex Ghostscript up to and including 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
Artifex Ghostscript
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5 Github repositories
7.8
CVSSv3
CVE-2019-25059
Artifex Ghostscript up to and including 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839.
Artifex Ghostscript
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2022-1350
A vulnerability classified as problematic was found in GhostPCL 9.55.0. This vulnerability affects the function chunk_free_object of the file gsmchunk.c. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user in...
Artifex Ghostpcl 9.55.0
7.8
CVSSv3
CVE-2020-16303
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote malicious user to escalate privileges via a crafted PDF file. This is fixed in v9.51.
Artifex Ghostscript 9.50
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »