9.23

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-13	CVE-2020-16290	Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. local low complexity artifex debian canonical CWE-787	5.5
2020-08-13	CVE-2020-16289	Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. local low complexity artifex debian canonical CWE-787	5.5
2020-08-13	CVE-2020-16288	Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. local low complexity artifex debian canonical CWE-120	5.5
2020-08-13	CVE-2020-16287	Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. local low complexity artifex debian canonical CWE-787	5.5
2019-11-27	CVE-2019-14812	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex fedoraproject CWE-732	7.8
2019-11-27	CVE-2019-10216	In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat	7.8
2019-11-15	CVE-2019-14869	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. network low complexity artifex fedoraproject opensuse CWE-732	8.8
2019-09-06	CVE-2019-14813	Incorrect Authorization vulnerability in multiple products A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. network low complexity artifex redhat fedoraproject opensuse debian CWE-863 critical	9.8
2019-09-03	CVE-2019-14817	Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat opensuse fedoraproject debian CWE-863	7.8
2019-09-03	CVE-2019-14811	Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat fedoraproject opensuse debian CWE-863	7.8