Vulnerabilities > Artifex > Ghostscript > 9.25
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-13 | CVE-2020-16292 | Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |
2020-08-13 | CVE-2020-16291 | Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |
2020-08-13 | CVE-2020-16290 | Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |
2020-08-13 | CVE-2020-16289 | Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |
2020-08-13 | CVE-2020-16288 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |
2020-08-13 | CVE-2020-16287 | Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |
2019-11-27 | CVE-2019-14812 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 7.8 |
2019-11-27 | CVE-2019-10216 | In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 7.8 |
2019-11-15 | CVE-2019-14869 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 8.8 |
2019-09-06 | CVE-2019-14813 | Incorrect Authorization vulnerability in multiple products A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 9.8 |