Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghostscript vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2010-1628
Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent malicious users to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter.
Artifex Gpl Ghostscript 8.64
Artifex Gpl Ghostscript 8.70
9.3
CVSSv2
CVE-2010-1869
Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent malicious users to execute arbitrary code via a crafted PostScript file.
Artifex Gpl Ghostscript 8.70
Artifex Gpl Ghostscript 8.64
1 EDB exploit
7.5
CVSSv2
CVE-1999-0155
The ghostscript command with the -dSAFER option allows remote malicious users to execute commands.
Aladdin Enterprises Ghostscript 2.6
Aladdin Enterprises Ghostscript 3.22
5
CVSSv2
CVE-2018-11645
psi/zfile.c in Artifex Ghostscript prior to 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote malicious users to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.
Artifex Ghostscript
NA
CVE-2023-38560
An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local malicious user to cause a denial of service via transforming a crafted PCL file to PDF format.
Artifex Ghostscript -
NA
CVE-2023-46751
An issue exists in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript up to and including 10.02.0 allows remote malicious users to crash the application via a dangling pointer.
Artifex Ghostscript
2.6
CVSSv2
CVE-2001-1353
ghostscript prior to 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.
Aladdin Enterprises Ghostscript
4.3
CVSSv2
CVE-2016-10218
The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
Artifex Ghostscript 9.20
6.8
CVSSv2
CVE-2017-6196
Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact vi...
Artifex Afpl Ghostscript
6.8
CVSSv2
CVE-2015-3228
Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an ...
Artifex Afpl Ghostscript
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »