Filtered by vendor Artifex
Subscriptions
Total
254 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-45005 | 1 Artifex | 1 Mujs | 2024-11-21 | 9.8 Critical |
| Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. | ||||
| CVE-2021-3781 | 2 Artifex, Fedoraproject | 2 Ghostscript, Fedora | 2024-11-21 | 9.9 Critical |
| A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | ||||
| CVE-2021-37220 | 2 Artifex, Fedoraproject | 2 Mupdf, Fedora | 2024-11-21 | 5.5 Medium |
| MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input. | ||||
| CVE-2021-33796 | 1 Artifex | 1 Mujs | 2024-11-21 | 10 Critical |
| In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service. | ||||
| CVE-2020-26683 | 1 Artifex | 1 Mupdf | 2024-11-21 | 5.5 Medium |
| A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information. | ||||
| CVE-2020-26519 | 3 Artifex, Debian, Fedoraproject | 3 Mupdf, Debian Linux, Fedora | 2024-11-21 | 5.5 Medium |
| Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service. | ||||
| CVE-2020-24343 | 1 Artifex | 1 Mujs | 2024-11-21 | 7.8 High |
| Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c. | ||||
| CVE-2020-22886 | 1 Artifex | 1 Mujs | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service. | ||||
| CVE-2020-22885 | 1 Artifex | 1 Mujs | 2024-11-21 | 7.5 High |
| Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers to cause a denial of service. | ||||
| CVE-2020-21896 | 1 Artifex | 1 Mupdf | 2024-11-21 | 5.5 Medium |
| A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file. | ||||
| CVE-2020-21890 | 1 Artifex | 1 Ghostscript | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document. | ||||
| CVE-2020-21710 | 2 Artifex, Redhat | 2 Ghostscript, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file. | ||||
| CVE-2020-19609 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2024-11-21 | 5.5 Medium |
| Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service. | ||||
| CVE-2020-16600 | 1 Artifex | 1 Mupdf | 2024-11-21 | 7.8 High |
| A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer. | ||||
| CVE-2020-16310 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 5.5 Medium |
| A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
| CVE-2020-16309 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 5.5 Medium |
| A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51. | ||||
| CVE-2020-16308 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 5.5 Medium |
| A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
| CVE-2020-16307 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 5.5 Medium |
| A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51. | ||||
| CVE-2020-16306 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 5.5 Medium |
| A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51. | ||||
| CVE-2020-16305 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 5.5 Medium |
| A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||