Filtered by vendor Artifex
Subscribe
Total
198 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4897 | 1 Artifex | 3 Afpl Ghostscript, Ghostscript Fonts, Gpl Ghostscript | 2017-08-16 | 9.3 HIGH | N/A |
| Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name. | |||||
| CVE-2016-6525 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2017-06-30 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array. | |||||
| CVE-2016-10221 | 1 Artifex | 1 Mupdf | 2017-06-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document. | |||||
| CVE-2017-8908 | 1 Artifex | 1 Ghostscript | 2017-05-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document. | |||||
| CVE-2016-10218 | 1 Artifex | 1 Ghostscript | 2017-04-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | |||||
| CVE-2016-10217 | 1 Artifex | 1 Ghostscript | 2017-04-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module. | |||||
| CVE-2017-7264 | 1 Artifex | 1 Mupdf | 2017-03-28 | 6.8 MEDIUM | 7.8 HIGH |
| Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2016-10133 | 1 Artifex | 1 Mujs | 2017-03-27 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions. | |||||
| CVE-2016-10132 | 2 Artifex, Fedoraproject | 2 Mujs, Fedora | 2017-03-27 | 5.0 MEDIUM | 7.5 HIGH |
| regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation. | |||||
| CVE-2016-9109 | 1 Artifex | 1 Mujs | 2017-01-20 | 5.0 MEDIUM | 7.5 HIGH |
| Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. NOTE: this vulnerability exists due to an incomplete fix for CVE-2016-7563. | |||||
| CVE-2016-7564 | 1 Artifex | 1 Mujs | 2017-01-20 | 5.0 MEDIUM | 7.5 HIGH |
| Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to cause a denial of service (crash) via crafted input. | |||||
| CVE-2016-7563 | 1 Artifex | 1 Mujs | 2017-01-20 | 5.0 MEDIUM | 7.5 HIGH |
| The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input. | |||||
| CVE-2016-7505 | 1 Artifex | 1 Mujs | 2016-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code execution or denial of service condition. | |||||
| CVE-2016-7504 | 1 Artifex | 1 Mujs | 2016-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability was observed in Rp_toString function of Artifex Software, Inc. MuJS before 5c337af4b3df80cf967e4f9f6a21522de84b392a. A successful exploitation of this issue can lead to code execution or denial of service condition. | |||||
| CVE-2016-7506 | 1 Artifex | 1 Mujs | 2016-12-02 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition. | |||||
| CVE-2016-9017 | 1 Artifex | 1 Mujs | 2016-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component. | |||||
| CVE-2010-2055 | 1 Artifex | 3 Afpl Ghostscript, Ghostscript Fonts, Gpl Ghostscript | 2015-01-09 | 7.2 HIGH | N/A |
| Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gs_init.ps, a different vulnerability than CVE-2010-4820. | |||||
| CVE-2010-4054 | 1 Artifex | 3 Afpl Ghostscript, Ghostscript Fonts, Gpl Ghostscript | 2015-01-09 | 4.3 MEDIUM | N/A |
| The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043. | |||||