Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghostscript vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-14812
A flaw was found in all ghostscript versions 9.x prior to 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and the...
Artifex Ghostscript
Fedoraproject Fedora 31
1 Github repository
6.8
CVSSv2
CVE-2019-25059
Artifex Ghostscript up to and including 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839.
Artifex Ghostscript
Debian Debian Linux 9.0
NA
CVE-2020-27792
A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an malicious user to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corru...
Artifex Ghostscript
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2018-19478
In Artifex Ghostscript prior to 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.
Artifex Ghostscript
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2020-16308
A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote malicious user to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
Artifex Ghostscript 9.50
Artifex Ghostscript
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
NA
CVE-2023-43115
In Artifex Ghostscript up to and including 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk...
Artifex Ghostscript
Fedoraproject Fedora 38
Fedoraproject Fedora 39
1 Github repository
4.3
CVSSv2
CVE-2022-2085
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the nu...
Artifex Ghostscript 9.55.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.8
CVSSv2
CVE-2018-16513
In Artifex Ghostscript prior to 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.
Artifex Ghostscript
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Artifex Gpl Ghostscript
Pulsesecure Pulse Connect Secure
NA
CVE-2023-28879
In Artifex Ghostscript up to and including 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte ...
Artifex Ghostscript
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.8
CVSSv2
CVE-2017-11714
psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bo...
Artifex Ghostscript 9.21
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »