| Bug | Description |
|---|
| TEMP-0291452-29156B | gs-esp: Insecure usage of /tmp in source code |
| CVE-2023-46751 | An issue was discovered in the function gdev_prn_open_printer_seekable ... |
| CVE-2023-38559 | A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_w ... |
| CVE-2023-36664 | Artifex Ghostscript through 10.01.2 mishandles permission validation f ... |
| CVE-2023-28879 | In Artifex Ghostscript through 10.01.0, there is a buffer overflow lea ... |
| CVE-2023-4042 | A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostsc ... |
| CVE-2022-2085 | A NULL pointer dereference vulnerability was found in Ghostscript, whi ... |
| CVE-2021-45949 | Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overf ... |
| CVE-2021-45944 | Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampl ... |
| CVE-2021-3781 | A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was ... |
| CVE-2020-36773 | Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-a ... |
| CVE-2020-27792 | A heap-based buffer overwrite vulnerability was found in GhostScript's ... |
| CVE-2020-21890 | Buffer Overflow vulnerability in clj_media_size function in devices/gd ... |
| CVE-2020-21710 | A divide by zero issue discovered in eps_print_page in gdevepsn.c in A ... |
| CVE-2020-17538 | A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/g ... |
| CVE-2020-16310 | A division by zero vulnerability in dot24_print_page() in devices/gdev ... |
| CVE-2020-16309 | A buffer overflow vulnerability in lxm5700m_print_page() in devices/gd ... |
| CVE-2020-16308 | A buffer overflow vulnerability in p_print_image() in devices/gdevcdj. ... |
| CVE-2020-16307 | A null pointer dereference vulnerability in devices/vector/gdevtxtw.c ... |
| CVE-2020-16306 | A null pointer dereference vulnerability in devices/gdevtsep.c of Arti ... |
| CVE-2020-16305 | A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese ... |
| CVE-2020-16304 | A buffer overflow vulnerability in image_render_color_thresh() in base ... |
| CVE-2020-16303 | A use-after-free vulnerability in xps_finish_image_path() in devices/v ... |
| CVE-2020-16302 | A buffer overflow vulnerability in jetp3852_print_page() in devices/gd ... |
| CVE-2020-16301 | A buffer overflow vulnerability in okiibm_print_page1() in devices/gde ... |
| CVE-2020-16300 | A buffer overflow vulnerability in tiff12_print_page() in devices/gdev ... |
| CVE-2020-16299 | A Division by Zero vulnerability in bj10v_print_page() in contrib/japa ... |
| CVE-2020-16298 | A buffer overflow vulnerability in mj_color_correct() in contrib/japan ... |
| CVE-2020-16297 | A buffer overflow vulnerability in FloydSteinbergDitheringC() in contr ... |
| CVE-2020-16296 | A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/ ... |
| CVE-2020-16295 | A null pointer dereference vulnerability in clj_media_size() in device ... |
| CVE-2020-16294 | A buffer overflow vulnerability in epsc_print_page() in devices/gdevep ... |
| CVE-2020-16293 | A null pointer dereference vulnerability in compose_group_nonknockout_ ... |
| CVE-2020-16292 | A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese ... |
| CVE-2020-16291 | A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Softwa ... |
| CVE-2020-16290 | A buffer overflow vulnerability in jetp3852_print_page() in devices/gd ... |
| CVE-2020-16289 | A buffer overflow vulnerability in cif_print_page() in devices/gdevcif ... |
| CVE-2020-16288 | A buffer overflow vulnerability in pj_common_print_page() in devices/g ... |
| CVE-2020-16287 | A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gd ... |
| CVE-2020-15900 | A memory corruption issue was found in Artifex Ghostscript 9.50 and 9. ... |
| CVE-2020-14373 | A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of g ... |
| CVE-2019-25059 | Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this ... |
| CVE-2019-14869 | A flaw was found in all versions of ghostscript 9.x before 9.50, where ... |
| CVE-2019-14817 | A flaw was found in, ghostscript versions prior to 9.50, in the .pdfex ... |
| CVE-2019-14813 | A flaw was found in ghostscript, versions 9.x before 9.50, in the sets ... |
| CVE-2019-14812 | A flaw was found in all ghostscript versions 9.x before 9.50, in the . ... |
| CVE-2019-14811 | A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_h ... |
| CVE-2019-10216 | In ghostscript before version 9.50, the .buildfont1 procedure did not ... |
| CVE-2019-6116 | In Artifex Ghostscript through 9.26, ephemeral or transient procedures ... |
| CVE-2019-3839 | It was found that in ghostscript some privileged operators remained ac ... |
| CVE-2019-3838 | It was found that the forceput operator could be extracted from the De ... |
| CVE-2019-3835 | It was found that the superexec operator was available in the internal ... |
| CVE-2018-19478 | In Artifex Ghostscript before 9.26, a carefully crafted PDF file can t ... |
| CVE-2018-19477 | psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attacke ... |
| CVE-2018-19476 | psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers ... |
| CVE-2018-19475 | psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attack ... |
| CVE-2018-19409 | An issue was discovered in Artifex Ghostscript before 9.26. LockSafety ... |
| CVE-2018-19134 | In Artifex Ghostscript through 9.25, the setpattern operator did not p ... |
| CVE-2018-18284 | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sand ... |
| CVE-2018-18073 | Artifex Ghostscript allows attackers to bypass a sandbox protection me ... |
| CVE-2018-17961 | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sand ... |
| CVE-2018-17183 | Artifex Ghostscript before 9.25 allowed a user-writable error exceptio ... |
| CVE-2018-16863 | It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An ... |
| CVE-2018-16802 | An issue was discovered in Artifex Ghostscript before 9.25. Incorrect ... |
| CVE-2018-16585 | An issue was discovered in Artifex Ghostscript before 9.24. The .setdi ... |
| CVE-2018-16543 | In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolutio ... |
| CVE-2018-16542 | In Artifex Ghostscript before 9.24, attackers able to supply crafted P ... |
| CVE-2018-16541 | In Artifex Ghostscript before 9.24, attackers able to supply crafted P ... |
| CVE-2018-16540 | In Artifex Ghostscript before 9.24, attackers able to supply crafted P ... |
| CVE-2018-16539 | In Artifex Ghostscript before 9.24, attackers able to supply crafted P ... |
| CVE-2018-16513 | In Artifex Ghostscript before 9.24, attackers able to supply crafted P ... |
| CVE-2018-16511 | An issue was discovered in Artifex Ghostscript before 9.24. A type con ... |
| CVE-2018-16510 | An issue was discovered in Artifex Ghostscript before 9.24. Incorrect ... |
| CVE-2018-16509 | An issue was discovered in Artifex Ghostscript before 9.24. Incorrect ... |
| CVE-2018-15911 | In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to suppl ... |
| CVE-2018-15910 | In Artifex Ghostscript before 9.24, attackers able to supply crafted P ... |
| CVE-2018-15909 | In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using ... |
| CVE-2018-15908 | In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to s ... |
| CVE-2018-11645 | psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status c ... |
| CVE-2018-10194 | The set_text_distance function in devices/vector/gdevpdts.c in the pdf ... |
| CVE-2017-15652 | Artifex Ghostscript 9.22 is affected by: Obtain Information. The impac ... |
| CVE-2017-11714 | psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the ... |
| CVE-2017-9835 | The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript ... |
| CVE-2017-9740 | The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex Ghos ... |
| CVE-2017-9739 | The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostX ... |
| CVE-2017-9727 | The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscrip ... |
| CVE-2017-9726 | The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostX ... |
| CVE-2017-9620 | The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghos ... |
| CVE-2017-9619 | The xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex G ... |
| CVE-2017-9618 | The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscrip ... |
| CVE-2017-9612 | The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS ... |
| CVE-2017-9611 | The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostX ... |
| CVE-2017-9610 | The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscrip ... |
| CVE-2017-8908 | The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 all ... |
| CVE-2017-8291 | Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remot ... |
| CVE-2017-7948 | Integer overflow in the mark_curve function in Artifex Ghostscript 9.2 ... |
| CVE-2017-7207 | The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscr ... |
| CVE-2017-6196 | Multiple use-after-free vulnerabilities in the gx_image_enum_begin fun ... |
| CVE-2017-5951 | The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Softw ... |
| CVE-2016-10317 | The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex S ... |
| CVE-2016-10220 | The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Soft ... |
| CVE-2016-10219 | The intersect function in base/gxfill.c in Artifex Software, Inc. Ghos ... |
| CVE-2016-10218 | The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF ... |
| CVE-2016-10217 | The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Gh ... |
| CVE-2016-8602 | The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 al ... |
| CVE-2016-7979 | Ghostscript before 9.21 might allow remote attackers to bypass the SAF ... |
| CVE-2016-7978 | Use-after-free vulnerability in Ghostscript 9.20 might allow remote at ... |
| CVE-2016-7977 | Ghostscript before 9.21 might allow remote attackers to bypass the SAF ... |
| CVE-2016-7976 | The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attacker ... |
| CVE-2015-3228 | Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc. ... |
| CVE-2013-5653 | The getenv and filenameforall functions in Ghostscript 9.10 ignore the ... |
| CVE-2012-4875 | Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when pro ... |
| CVE-2012-4405 | Multiple integer underflows in the icmLut_allocate function in Interna ... |
| CVE-2011-4517 | The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.90 ... |
| CVE-2011-4516 | Heap-based buffer overflow in the jpc_cox_getcompparms function in lib ... |
| CVE-2010-4820 | Untrusted search path vulnerability in Ghostscript 8.62 allows local u ... |
| CVE-2010-4054 | The gs_type2_interpret function in Ghostscript allows remote attackers ... |
| CVE-2010-2055 | Ghostscript 8.71 and earlier reads initialization files from the curre ... |
| CVE-2010-1869 | Stack-based buffer overflow in the parser function in GhostScript 8.70 ... |
| CVE-2010-1628 | Ghostscript 8.64, 8.70, and possibly other versions allows context-dep ... |
| CVE-2009-4897 | Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allo ... |
| CVE-2009-4270 | Stack-based buffer overflow in the errprintf function in base/gsmisc.c ... |
| CVE-2009-3743 | Off-by-one error in the Ins_MINDEX function in the TrueType bytecode i ... |
| CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... |
| CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... |
| CVE-2009-0792 | Multiple integer overflows in icc.c in the International Color Consort ... |
| CVE-2009-0584 | icc.c in the International Color Consortium (ICC) Format library (aka ... |
| CVE-2009-0583 | Multiple integer overflows in icc.c in the International Color Consort ... |
| CVE-2009-0196 | Heap-based buffer overflow in the big2_decode_symbol_dict function (jb ... |
| CVE-2008-6679 | Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and ... |
| CVE-2008-3522 | Buffer overflow in the jas_stream_printf function in libjasper/base/ja ... |
| CVE-2008-3520 | Multiple integer overflows in JasPer 1.900.1 might allow context-depen ... |
| CVE-2008-0411 | Stack-based buffer overflow in the zseticcspace function in zicc.c in ... |
| CVE-2007-6725 | The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly o ... |
| CVE-2007-2721 | The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG- ... |