Total
129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-46956 | 3 Artifex, Debian, Suse | 5 Ghostscript, Debian Linux, Linux Enterprise High Performance Computing and 2 more | 2025-11-03 | N/A | 7.8 HIGH |
| An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution. | |||||
| CVE-2024-46955 | 3 Artifex, Debian, Suse | 5 Ghostscript, Debian Linux, Linux Enterprise High Performance Computing and 2 more | 2025-11-03 | N/A | 5.5 MEDIUM |
| An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space. | |||||
| CVE-2024-46953 | 3 Artifex, Debian, Suse | 5 Ghostscript, Debian Linux, Linux Enterprise High Performance Computing and 2 more | 2025-11-03 | N/A | 7.8 HIGH |
| An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution. | |||||
| CVE-2024-46951 | 3 Artifex, Debian, Suse | 5 Ghostscript, Debian Linux, Linux Enterprise High Performance Computing and 2 more | 2025-11-03 | N/A | 7.8 HIGH |
| An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution. | |||||
| CVE-2025-27836 | 1 Artifex | 1 Ghostscript | 2025-11-03 | N/A | 9.8 CRITICAL |
| An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c. | |||||
| CVE-2025-27835 | 1 Artifex | 1 Ghostscript | 2025-11-03 | N/A | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c. | |||||
| CVE-2025-27832 | 1 Artifex | 1 Ghostscript | 2025-11-03 | N/A | 9.8 CRITICAL |
| An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c. | |||||
| CVE-2025-27831 | 1 Artifex | 1 Ghostscript | 2025-11-03 | N/A | 9.8 CRITICAL |
| An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doc_common.c. | |||||
| CVE-2025-27830 | 1 Artifex | 1 Ghostscript | 2025-11-03 | N/A | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/write_t1.c and psi/zfapi.c. | |||||
| CVE-2025-59799 | 1 Artifex | 1 Ghostscript | 2025-11-03 | N/A | 4.3 MEDIUM |
| Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. | |||||
| CVE-2025-59798 | 1 Artifex | 1 Ghostscript | 2025-11-03 | N/A | 4.3 MEDIUM |
| Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. | |||||
| CVE-2017-8291 | 3 Artifex, Debian, Redhat | 8 Ghostscript, Debian Linux, Enterprise Linux Desktop and 5 more | 2025-10-22 | 6.8 MEDIUM | 7.8 HIGH |
| Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. | |||||
| CVE-2025-59800 | 1 Artifex | 1 Ghostscript | 2025-09-25 | N/A | 4.3 MEDIUM |
| In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8. | |||||
| CVE-2024-46954 | 1 Artifex | 1 Ghostscript | 2025-08-15 | N/A | 7.8 HIGH |
| An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal. | |||||
| CVE-2025-46646 | 1 Artifex | 1 Ghostscript | 2025-06-23 | N/A | 4.5 MEDIUM |
| In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954. | |||||
| CVE-2023-52722 | 1 Artifex | 1 Ghostscript | 2025-06-23 | N/A | 5.5 MEDIUM |
| An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. | |||||
| CVE-2025-48708 | 1 Artifex | 1 Ghostscript | 2025-06-20 | N/A | 4.0 MEDIUM |
| gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext. | |||||
| CVE-2020-36773 | 1 Artifex | 1 Ghostscript | 2025-05-22 | N/A | 9.8 CRITICAL |
| Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature). | |||||
| CVE-2020-27792 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2025-04-30 | N/A | 7.1 HIGH |
| A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service. | |||||
| CVE-2024-29507 | 1 Artifex | 1 Ghostscript | 2025-04-28 | N/A | 5.4 MEDIUM |
| Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters. | |||||