Filtered by vendor Artifex
Subscriptions
Filtered by product Mupdf
Subscriptions
Total
60 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-51106 | 1 Artifex | 1 Mupdf | 2024-03-18 | 7.5 High |
| A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c when fz_colorspace_n returns zero. | ||||
| CVE-2023-51104 | 1 Artifex | 1 Mupdf | 2024-03-18 | 7.5 High |
| A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c when span equals zero. | ||||
| CVE-2024-24259 | 1 Artifex | 1 Mupdf | 2024-02-21 | 7.5 High |
| freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function. | ||||
| CVE-2024-24258 | 1 Artifex | 1 Mupdf | 2024-02-21 | 7.5 High |
| freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function. | ||||
| CVE-2023-51105 | 1 Artifex | 1 Mupdf | 2024-01-05 | 7.5 High |
| A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function bmp_decompress_rle4() of load-bmp.c. | ||||
| CVE-2023-51107 | 1 Artifex | 1 Mupdf | 2024-01-05 | 7.5 High |
| A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon compute_color() of jquant2.c. | ||||
| CVE-2023-51103 | 1 Artifex | 1 Mupdf | 2024-01-05 | 7.5 High |
| A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon fz_new_pixmap_from_float_data() of pixmap.c. | ||||
| CVE-2023-31794 | 1 Artifex | 1 Mupdf | 2023-11-08 | 5.5 Medium |
| MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | ||||
| CVE-2021-37220 | 2 Artifex, Fedoraproject | 2 Mupdf, Fedora | 2023-11-07 | 5.5 Medium |
| MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input. | ||||
| CVE-2020-26519 | 3 Artifex, Debian, Fedoraproject | 3 Mupdf, Debian Linux, Fedora | 2023-11-07 | 5.5 Medium |
| Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service. | ||||
| CVE-2020-19609 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2023-11-07 | 5.5 Medium |
| Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service. | ||||
| CVE-2020-16600 | 1 Artifex | 1 Mupdf | 2023-11-07 | 7.8 High |
| A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer. | ||||
| CVE-2019-6131 | 1 Artifex | 1 Mupdf | 2023-11-07 | N/A |
| svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool. | ||||
| CVE-2019-6130 | 1 Artifex | 1 Mupdf | 2023-11-07 | N/A |
| Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c. | ||||
| CVE-2019-14975 | 1 Artifex | 1 Mupdf | 2023-11-07 | N/A |
| Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. | ||||
| CVE-2019-13290 | 1 Artifex | 1 Mupdf | 2023-11-07 | N/A |
| Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node. | ||||
| CVE-2018-6544 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2023-11-07 | N/A |
| pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document. | ||||
| CVE-2018-19882 | 1 Artifex | 1 Mupdf | 2023-11-07 | N/A |
| In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl. | ||||
| CVE-2018-19881 | 1 Artifex | 1 Mupdf | 2023-11-07 | N/A |
| In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl. | ||||
| CVE-2018-19777 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2023-11-07 | N/A |
| In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool. | ||||