VYPR

Vendor CVEs

Artifex

All CVEs

270 total · sorted by risk
  • CVE-2017-9610HigJul 26, 2017
    risk 0.51cvss 7.8epss 0.02

    The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

  • CVE-2017-7975HigApr 19, 2017
    risk 0.51cvss 7.8epss 0.02

    Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly…

  • CVE-2017-7948HigApr 19, 2017
    risk 0.51cvss 7.8epss 0.02

    Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document.

  • CVE-2016-8602HigApr 14, 2017
    risk 0.51cvss 7.8epss 0.03

    The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.

  • CVE-2016-10317HigApr 3, 2017
    risk 0.51cvss 7.8epss 0.02

    The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript…

  • CVE-2017-6196HigFeb 24, 2017
    risk 0.51cvss 7.8epss 0.02

    Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a…

  • CVE-2017-5628HigJan 30, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file.

  • CVE-2017-5627HigJan 30, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsR_setproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the js_pushstring function in jsrun.c when parsing a…

  • CVE-2016-10132HigMar 24, 2017
    risk 0.49cvss 7.5epss 0.02

    regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation.

  • CVE-2016-9108HigFeb 3, 2017
    risk 0.49cvss 7.5epss 0.03

    Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression.

  • CVE-2016-9109HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. NOTE: this vulnerability exists due to an incomplete fix for CVE-2016-7563.

  • CVE-2016-7564HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to cause a denial of service (crash) via crafted input.

  • CVE-2016-7563HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.01

    The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input.

  • CVE-2016-9294HigNov 12, 2016
    risk 0.49cvss 7.5epss 0.03

    Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent attackers to conduct "denial of service (application crash)" attacks by using the "malformed labeled break/continue in JavaScript" approach, related to a "NULL pointer…

  • CVE-2016-7506HigOct 29, 2016
    risk 0.49cvss 7.5epss 0.02

    An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition.

  • CVE-2016-9017HigOct 28, 2016
    risk 0.49cvss 7.5epss 0.02

    Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction…

  • CVE-2025-15569HigFeb 10, 2026
    risk 0.46cvss 7.0epss 0.00

    A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function get_system_dpi of the file platform/x11/win_main.c. This manipulation causes uncontrolled search path. The attack requires local access. The attack is considered to have high…

  • CVE-2017-7976HigApr 19, 2017
    risk 0.46cvss 7.1epss 0.01

    Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information…

  • CVE-2017-7885HigApr 17, 2017
    risk 0.46cvss 7.1epss 0.01

    Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a…

  • CVE-2026-3308HigMar 31, 2026
    risk 0.44cvss 7.8epss 0.00

    An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdf_load_image_imp' function. This allows a heap out-of-bounds write that could be exploited for…

  • CVE-2017-9216MedMay 24, 2017
    risk 0.43cvss 6.5epss 0.03

    libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.

  • CVE-2018-1000039MedMay 24, 2018
    risk 0.41cvss 6.3epss 0.02

    In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.

  • CVE-2018-6191MedJan 24, 2018
    risk 0.39cvss 5.5epss 0.05

    The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation.

  • CVE-2018-5759MedJan 24, 2018
    risk 0.39cvss 5.5epss 0.05

    jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted file.

  • CVE-2018-16648MedSep 6, 2018
    risk 0.36cvss 5.5epss 0.01

    In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.

  • CVE-2018-16647MedSep 6, 2018
    risk 0.36cvss 5.5epss 0.01

    In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.

  • CVE-2018-16542MedSep 5, 2018
    risk 0.36cvss 5.5epss 0.02

    In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.

  • CVE-2018-16541MedSep 5, 2018
    risk 0.36cvss 5.5epss 0.01

    In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.

  • CVE-2018-16539MedSep 5, 2018
    risk 0.36cvss 5.5epss 0.01

    In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.

  • CVE-2018-1000040MedMay 24, 2018
    risk 0.36cvss 5.5epss 0.01

    In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.

  • CVE-2018-1000037MedMay 24, 2018
    risk 0.36cvss 5.5epss 0.02

    In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.

  • CVE-2018-1000036MedMay 24, 2018
    risk 0.36cvss 5.5epss 0.01

    In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.

  • CVE-2018-6544MedFeb 2, 2018
    risk 0.36cvss 5.5epss 0.02

    pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.

  • CVE-2018-6192MedJan 24, 2018
    risk 0.36cvss 5.5epss 0.02

    In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.

  • CVE-2018-6187MedJan 24, 2018
    risk 0.36cvss 5.5epss 0.02

    In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.

  • CVE-2016-7977MedMay 23, 2017
    risk 0.36cvss 5.5epss 0.05

    Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.

  • CVE-2017-8908MedMay 12, 2017
    risk 0.36cvss 5.5epss 0.01

    The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document.

  • CVE-2017-5951MedApr 3, 2017
    risk 0.36cvss 5.5epss 0.02

    The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

  • CVE-2016-10220MedApr 3, 2017
    risk 0.36cvss 5.5epss 0.02

    The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module.

  • CVE-2016-10219MedApr 3, 2017
    risk 0.36cvss 5.5epss 0.02

    The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

  • CVE-2016-10218MedApr 3, 2017
    risk 0.36cvss 5.5epss 0.01

    The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

  • CVE-2016-10217MedApr 3, 2017
    risk 0.36cvss 5.5epss 0.01

    The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module.

  • CVE-2017-7207MedMar 21, 2017
    risk 0.36cvss 5.5epss 0.02

    The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.

  • CVE-2016-10247MedMar 16, 2017
    risk 0.36cvss 5.5epss 0.02

    Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

  • CVE-2016-10246MedMar 16, 2017
    risk 0.36cvss 5.5epss 0.02

    Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

  • CVE-2013-5653MedMar 7, 2017
    risk 0.36cvss 5.5epss 0.02

    The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.

  • CVE-2016-8674MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.01

    The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.

  • CVE-2017-5896MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.02

    Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.

  • CVE-2018-11645MedJun 1, 2018
    risk 0.35cvss 5.3epss 0.03

    psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.

  • CVE-2016-9601MedApr 24, 2018
    risk 0.35cvss 5.3epss 0.02

    ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted,…

Page 2 of 6