Vulnerabilities > Artifex > Ghostscript > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-05 | CVE-2018-16539 | Information Exposure vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | 5.5 |
| 2018-06-01 | CVE-2018-11645 | Information Exposure vulnerability in Artifex Ghostscript psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977. | 5.3 |
| 2017-05-23 | CVE-2016-7977 | Information Exposure vulnerability in Artifex Ghostscript Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document. | 5.5 |
| 2017-05-12 | CVE-2017-8908 | Out-of-bounds Read vulnerability in Artifex Ghostscript 9.21 The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document. | 5.5 |
| 2017-04-03 | CVE-2017-5951 | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. | 5.5 |
| 2017-04-03 | CVE-2016-10220 | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. | 5.5 |
| 2017-04-03 | CVE-2016-10219 | Divide By Zero vulnerability in Artifex Ghostscript 9.20 The intersect function in base/gxfill.c in Artifex Software, Inc. | 5.5 |
| 2017-04-03 | CVE-2016-10218 | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. | 5.5 |
| 2017-04-03 | CVE-2016-10217 | Use After Free vulnerability in Artifex Ghostscript 9.20 The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. | 5.5 |
| 2017-03-21 | CVE-2017-7207 | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The mem_get_bits_rectangle function in Artifex Software, Inc. | 5.5 |