High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-19	CVE-2018-17183	Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. local low complexity debian canonical artifex redhat	7.8
2018-09-10	CVE-2018-16802	An issue was discovered in Artifex Ghostscript before 9.25. local low complexity artifex debian canonical redhat	7.8
2018-09-06	CVE-2018-5391	Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. network low complexity linux redhat debian canonical microsoft f5 siemens CWE-20	7.5
2018-09-06	CVE-2018-14624	A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. network low complexity fedoraproject redhat debian	7.5
2018-09-05	CVE-2018-16540	Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. local low complexity artifex redhat debian canonical CWE-416	7.8
2018-09-05	CVE-2018-16511	Incorrect Type Conversion or Cast vulnerability in multiple products An issue was discovered in Artifex Ghostscript before 9.24. local low complexity debian artifex canonical redhat CWE-704	7.8
2018-08-30	CVE-2018-14622	Unchecked Return Value vulnerability in multiple products A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. network low complexity redhat debian canonical libtirpc-project CWE-252	7.5
2018-08-28	CVE-2018-15911	Use of Uninitialized Resource vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. local low complexity debian canonical artifex redhat pulsesecure CWE-908	7.8
2018-08-27	CVE-2018-15909	Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. local low complexity debian canonical artifex redhat pulsesecure CWE-704	7.8
2018-08-27	CVE-2018-15908	In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. local low complexity artifex debian canonical redhat	7.8