Suse: >> Linux Enterprise Server For Sap >> 12 Security Vulnerabilities
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-11-10
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-11-10
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-11-10
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-11-10
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-03-15