Vulnerabilities > Redhat > Enterprise Linux Server AUS > 7.6

DATE CVE VULNERABILITY TITLE RISK
2018-09-19 CVE-2018-17183 Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.
local
low complexity
debian canonical artifex redhat
7.8
7.8
2018-09-10 CVE-2018-16802 An issue was discovered in Artifex Ghostscript before 9.25.
local
low complexity
artifex debian canonical redhat
7.8
7.8
2018-09-06 CVE-2018-14624 A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16.
network
low complexity
fedoraproject redhat debian
7.5
7.5
2018-09-05 CVE-2018-16541 Use After Free vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.
local
low complexity
artifex canonical debian redhat CWE-416
5.5
5.5
2018-09-05 CVE-2018-16540 Use After Free vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
local
low complexity
artifex redhat debian canonical CWE-416
7.8
7.8
2018-09-05 CVE-2018-16539 Information Exposure vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.
local
low complexity
artifex canonical debian redhat CWE-200
5.5
5.5
2018-09-05 CVE-2018-16511 Incorrect Type Conversion or Cast vulnerability in multiple products
An issue was discovered in Artifex Ghostscript before 9.24.
local
low complexity
debian artifex canonical redhat CWE-704
7.8
7.8
2018-08-28 CVE-2018-15911 Use of Uninitialized Resource vulnerability in multiple products
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. 		7.8
7.8
2018-08-27 CVE-2018-15909 Incorrect Type Conversion or Cast vulnerability in multiple products
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. 		7.8
7.8
2018-08-27 CVE-2018-15908 In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.
local
low complexity
artifex debian canonical redhat
7.8
7.8