Shodan
Vulnerabilities
Vulnerable Software
Artifex:  >> Ghostscript  >> 2.7  Security Vulnerabilities
CVE-2025-27832
An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-03-25
CVE-2025-27833
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs for a long TTF font name to pdf/pdf_fmap.c.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-25
CVE-2025-27834
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdf_func.c.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-25
CVE-2024-46952
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
CVSS Score
7.8
EPSS Score
0.001
Published
2024-11-10
CVE-2024-46953
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-11-10
CVE-2024-46954
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-11-10
CVE-2024-46955
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-11-10
CVE-2024-46956
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.004
Published
2024-11-10
CVE-2024-46951
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-11-10
CVE-2024-29507
Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-07-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved