Vulnerabilities > Artifex > Ghostscript

DATE CVE VULNERABILITY TITLE RISK
2024-11-10 CVE-2024-46952 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian CWE-120
7.8
7.8
2024-11-10 CVE-2024-46953 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-190
7.8
7.8
2024-11-10 CVE-2024-46954 Path Traversal vulnerability in Artifex Ghostscript
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex CWE-22
7.8
7.8
2024-11-10 CVE-2024-46955 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-125
5.5
5.5
2024-11-10 CVE-2024-46956 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-125
7.8
7.8
2024-11-10 CVE-2024-46951 Access of Uninitialized Pointer vulnerability in multiple products
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-824
7.8
7.8
2024-07-03 CVE-2024-29506 Out-of-bounds Write vulnerability in Artifex Ghostscript
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.
network
low complexity
artifex CWE-787
8.8
8.8
2024-07-03 CVE-2024-29508 Unspecified vulnerability in Artifex Ghostscript
Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.
local
low complexity
artifex
3.3
3.3
2024-07-03 CVE-2024-29509 Out-of-bounds Write vulnerability in Artifex Ghostscript
Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle.
network
low complexity
artifex CWE-787
8.8
8.8
2024-02-04 CVE-2020-36773 Use After Free vulnerability in Artifex Ghostscript
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).
network
low complexity
artifex CWE-416
critical
 9.8
9.8