Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex gpl ghostscript vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2021-3781
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript in...
Artifex Ghostscript 9.52
Artifex Ghostscript 9.50
Artifex Ghostscript 9.53.3
Artifex Ghostscript 9.54.0
Fedoraproject Fedora 34
1 Github repository
9.3
CVSSv2
CVE-2012-4875
Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote malicious users to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to ...
Artifex Gpl Ghostscript 9.04
9.3
CVSSv2
CVE-2009-3743
Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript prior to 8.71 allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an ...
Artifex Gpl Ghostscript 8.64
Artifex Afpl Ghostscript 7.00
Artifex Afpl Ghostscript 6.50
Artifex Afpl Ghostscript 8.14
Artifex Afpl Ghostscript 8.13
Artifex Gpl Ghostscript 8.01
Artifex Ghostscript Fonts 6.0
Artifex Gpl Ghostscript 8.54
Artifex Afpl Ghostscript 8.53
Artifex Afpl Ghostscript 6.01
Artifex Afpl Ghostscript 6.0
Artifex Afpl Ghostscript 8.12
Artifex Afpl Ghostscript 8.11
Artifex Afpl Ghostscript 8.52
Artifex Afpl Ghostscript 8.00
Artifex Gpl Ghostscript 8.15
Artifex Gpl Ghostscript 8.60
Artifex Gpl Ghostscript 8.61
Artifex Gpl Ghostscript 8.56
Artifex Gpl Ghostscript 8.62
Artifex Gpl Ghostscript 8.63
Artifex Afpl Ghostscript 8.54
9.3
CVSSv2
CVE-2009-4897
Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and previous versions allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name.
Artifex Gpl Ghostscript 8.63
Artifex Gpl Ghostscript 8.62
Artifex Gpl Ghostscript 8.61
Artifex Afpl Ghostscript 8.13
Artifex Afpl Ghostscript 8.12
Artifex Gpl Ghostscript 8.56
Artifex Gpl Ghostscript 8.57
Artifex Afpl Ghostscript 7.00
Artifex Afpl Ghostscript 6.0
Artifex Afpl Ghostscript 8.52
Artifex Afpl Ghostscript 8.51
Artifex Gpl Ghostscript 8.15
Artifex Gpl Ghostscript 8.50
Artifex Gpl Ghostscript 8.71
Artifex Afpl Ghostscript 8.53
Artifex Gpl Ghostscript
Artifex Afpl Ghostscript 8.50
Artifex Afpl Ghostscript 8.14
Artifex Ghostscript Fonts 8.11
Artifex Gpl Ghostscript 8.01
Artifex Afpl Ghostscript 8.54
Artifex Afpl Ghostscript 7.04
9.3
CVSSv2
CVE-2010-1628
Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent malicious users to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter.
Artifex Gpl Ghostscript 8.64
Artifex Gpl Ghostscript 8.70
9.3
CVSSv2
CVE-2010-1869
Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent malicious users to execute arbitrary code via a crafted PostScript file.
Artifex Gpl Ghostscript 8.70
Artifex Gpl Ghostscript 8.64
1 EDB exploit
7.5
CVSSv2
CVE-2019-14813
A flaw was found in ghostscript, versions 9.x prior to 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then h...
Artifex Ghostscript
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Openshift Container Platform 4.1
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
7.2
CVSSv2
CVE-2010-2055
Ghostscript 8.71 and previous versions reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using...
Artifex Afpl Ghostscript 7.03
Artifex Afpl Ghostscript 7.00
Artifex Afpl Ghostscript 6.50
Artifex Afpl Ghostscript 6.01
Artifex Gpl Ghostscript 8.01
Artifex Ghostscript Fonts 6.0
Artifex Gpl Ghostscript 8.62
Artifex Gpl Ghostscript 8.63
Artifex Afpl Ghostscript 8.14
Artifex Afpl Ghostscript 8.13
Artifex Afpl Ghostscript 8.12
Artifex Afpl Ghostscript 8.11
Artifex Gpl Ghostscript 8.51
Artifex Gpl Ghostscript 8.54
Artifex Afpl Ghostscript 8.53
Artifex Afpl Ghostscript 8.54
Artifex Gpl Ghostscript
Artifex Afpl Ghostscript 7.04
Artifex Afpl Ghostscript 6.0
Artifex Afpl Ghostscript 8.52
Artifex Afpl Ghostscript 8.50
Artifex Afpl Ghostscript 8.00
6.8
CVSSv2
CVE-2020-16303
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote malicious user to escalate privileges via a crafted PDF file. This is fixed in v9.51.
Artifex Ghostscript 9.50
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6.8
CVSSv2
CVE-2019-14812
A flaw was found in all ghostscript versions 9.x prior to 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and the...
Artifex Ghostscript
Fedoraproject Fedora 31
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »