Vulnerabilities > Artifex > Ghostscript > 9.25

DATE CVE VULNERABILITY TITLE RISK
2020-08-13 CVE-2020-16292 Out-of-bounds Write vulnerability in multiple products
A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-787
5.5
5.5
2020-08-13 CVE-2020-16291 Out-of-bounds Write vulnerability in multiple products
A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-787
5.5
5.5
2020-08-13 CVE-2020-16290 Out-of-bounds Write vulnerability in multiple products
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-787
5.5
5.5
2020-08-13 CVE-2020-16289 Out-of-bounds Write vulnerability in multiple products
A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-787
5.5
5.5
2020-08-13 CVE-2020-16288 Classic Buffer Overflow vulnerability in multiple products
A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-120
5.5
5.5
2020-08-13 CVE-2020-16287 Out-of-bounds Write vulnerability in multiple products
A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-787
5.5
5.5
2019-11-27 CVE-2019-14812 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
local
low complexity
artifex fedoraproject CWE-732
7.8
7.8
2019-11-27 CVE-2019-10216 In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
local
low complexity
artifex redhat
7.8
7.8
2019-11-15 CVE-2019-14869 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
network
low complexity
artifex fedoraproject opensuse CWE-732
8.8
8.8
2019-09-06 CVE-2019-14813 Incorrect Authorization vulnerability in multiple products
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
network
low complexity
artifex redhat fedoraproject opensuse debian CWE-863
critical
 9.8
9.8