Vulnerabilities > Artifex > Ghostscript
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-16 | CVE-2022-2085 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. | 5.5 |
| 2022-04-25 | CVE-2019-25059 | Artifex Ghostscript through 9.26 mishandles .completefont. | 7.8 |
| 2022-02-16 | CVE-2021-3781 | OS Command Injection vulnerability in multiple products A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. | 9.9 |
| 2022-01-01 | CVE-2021-45944 | Use After Free vulnerability in multiple products Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). | 5.5 |
| 2022-01-01 | CVE-2021-45949 | Out-of-bounds Write vulnerability in multiple products Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). | 5.5 |
| 2020-09-03 | CVE-2020-14373 | Use After Free vulnerability in multiple products A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. | 5.5 |
| 2020-08-13 | CVE-2020-17538 | Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |
| 2020-08-13 | CVE-2020-16310 | Divide By Zero vulnerability in multiple products A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |
| 2020-08-13 | CVE-2020-16309 | Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. | 5.5 |
| 2020-08-13 | CVE-2020-16308 | Out-of-bounds Write vulnerability in multiple products A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. | 5.5 |