High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-27	CVE-2019-10216	In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat	7.8
2019-11-15	CVE-2019-14869	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. network low complexity artifex fedoraproject opensuse CWE-732	8.8
2019-09-03	CVE-2019-14817	Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat opensuse fedoraproject debian CWE-863	7.8
2019-09-03	CVE-2019-14811	Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat fedoraproject opensuse debian CWE-863	7.8
2019-08-14	CVE-2019-14975	Out-of-bounds Read vulnerability in Artifex Mupdf Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. local low complexity artifex CWE-125	7.1
2019-07-04	CVE-2019-13290	Out-of-bounds Write vulnerability in Artifex Mupdf 1.15.0 Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. local low complexity artifex CWE-787	7.8
2019-05-16	CVE-2019-3839	It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. local low complexity artifex debian opensuse fedoraproject canonical redhat	7.8
2019-04-22	CVE-2019-11413	Uncontrolled Recursion vulnerability in Artifex Mujs 1.0.5 An issue was discovered in Artifex MuJS 1.0.5. network low complexity artifex CWE-674	7.5
2019-04-22	CVE-2019-11412	Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Artifex MuJS 1.0.5. network low complexity artifex fedoraproject CWE-670	7.5
2019-03-21	CVE-2019-6116	In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. local low complexity artifex fedoraproject canonical debian opensuse redhat	7.8