Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex mupdf vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2016-8728
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code executi...
Artifex Mupdf 1.10
5.5
CVSSv3
CVE-2016-10221
The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote malicious users to cause a denial of service (stack consumption and application crash) via a crafted PDF document.
Artifex Mupdf 1.10a
7.8
CVSSv3
CVE-2019-13290
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote malicious users to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a displ...
Artifex Mupdf 1.15.0
7.8
CVSSv3
CVE-2017-17858
Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote malicious user to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.
Artifex Mupdf 1.12.0
1 Github repository
7.5
CVSSv3
CVE-2024-24259
freeglut up to and including 3.4.0 exists to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.
Artifex Mupdf 1.23.9
5.5
CVSSv3
CVE-2018-18662
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
Artifex Mupdf 1.14.0
7.8
CVSSv3
CVE-2017-7264
Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
Artifex Mupdf 1.10a
5.5
CVSSv3
CVE-2019-6130
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2019-6131
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2023-31794
MuPDF v1.21.1 exists to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted PDF file.
Artifex Mupdf 1.21.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »