Filtered by vendor Artifex
Subscribe
Total
256 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-40505 | 1 Artifex | 1 Mupdf | 2026-05-26 | N/A | 3.3 LOW |
| MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running mutool info, enabling them to manipulate terminal display for social engineering attacks such as presenting fake prompts or spoofed commands. | |||||
| CVE-2016-9108 | 2 Artifex, Fedoraproject | 2 Mujs, Fedora | 2026-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression. | |||||
| CVE-2016-10220 | 1 Artifex | 1 Ghostscript | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module. | |||||
| CVE-2017-6060 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image. | |||||
| CVE-2016-10141 | 1 Artifex | 1 Mujs | 2026-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition. | |||||
| CVE-2016-7564 | 1 Artifex | 1 Mujs | 2026-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to cause a denial of service (crash) via crafted input. | |||||
| CVE-2017-5951 | 1 Artifex | 1 Ghostscript | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | |||||
| CVE-2016-10246 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. | |||||
| CVE-2016-7979 | 1 Artifex | 1 Ghostscript | 2026-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser. | |||||
| CVE-2017-5628 | 1 Artifex | 1 Mujs | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file. | |||||
| CVE-2017-9610 | 1 Artifex | 1 Ghostscript Ghostxps | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-9727 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2016-8674 | 1 Artifex | 1 Mupdf | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file. | |||||
| CVE-2016-10132 | 2 Artifex, Fedoraproject | 2 Mujs, Fedora | 2026-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation. | |||||
| CVE-2016-7978 | 1 Artifex | 1 Ghostscript | 2026-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice. | |||||
| CVE-2017-8908 | 1 Artifex | 1 Ghostscript | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document. | |||||
| CVE-2016-10219 | 1 Artifex | 1 Ghostscript | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. | |||||
| CVE-2017-9726 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-5896 | 1 Artifex | 1 Mupdf | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image. | |||||
| CVE-2017-14947 | 2 Artifex, Microsoft | 2 Gsview, Windows | 2026-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at mupdfnet64!mIncrementalSaveFile+0x0000000000193359." | |||||