Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
psi vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-20375
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote malicious users to inject arbitrary web script or HTML via the value parameter in a localization (loc) command to elogd.c.
Psi Electronic Logbook 3.1.4
4.3
CVSSv2
CVE-2019-20376
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote malicious users to inject arbitrary web script or HTML via a crafted SVG document to elogd.c.
Psi Electronic Logbook 3.1.4
4.3
CVSSv2
CVE-2019-3835
It was found that the superexec operator was available in the internal dictionary in ghostscript prior to 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
Artifex Ghostscript
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Ansible Tower 3.3
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Opensuse Leap 15.1
4.3
CVSSv2
CVE-2019-3838
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript prior to 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
Artifex Ghostscript
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Ansible Tower 3.3
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 42.3
Opensuse Leap 15.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-16723
A Cross-site Scripting issue exists in PHOENIX CONTACT FL COMSERVER BASIC 232/422/485, FL COMSERVER UNI 232/422/485, FL COMSERVER BAS 232/422/485-T, FL COMSERVER UNI 232/422/485-T, FL COM SERVER RS232, FL COM SERVER RS485, and PSI-MODEM/ETH (running firmware versions before 1.99,...
Phoenixcontact Fl Comserver Basic 232 Firmware 2.40
Phoenixcontact Fl Comserver Uni 422 Firmware 2.40
Phoenixcontact Fl Comserver Bas 485-t Firmware 2.40
Phoenixcontact Fl Com Server Rs232 Firmware 1.99
Phoenixcontact Fl Com Server Rs485 Firmware 1.99
Phoenixcontact Psi-modem\\/eth Firmware 2.20
Phoenixcontact Fl Comserver Basic 422 Firmware 2.40
Phoenixcontact Fl Comserver Basic 485 Firmware 2.40
Phoenixcontact Fl Comserver Uni 485-t Firmware 2.40
Phoenixcontact Fl Comserver Uni 485 Firmware 2.40
Phoenixcontact Fl Comserver Uni 232 Firmware 2.40
Phoenixcontact Fl Comserver Bas 422 Firmware 2.40
Phoenixcontact Fl Comserver Bas 232 Firmware 2.40
4.3
CVSSv2
CVE-2017-5593
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote malicious user to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. Thi...
Psi-plus Psi\\+ 0.16.563.580
Psi-plus Psi\\+ 0.16.571.627
2.1
CVSSv2
CVE-2020-14373
A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.
Artifex Ghostscript 9.25
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
NA
CVE-2023-52722
An issue exists in Artifex Ghostscript up to and including 10.01.0. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3