Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex mupdf vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-16647
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote malicious users to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
Artifex Mupdf 1.13.0
4.3
CVSSv2
CVE-2018-16648
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote malicious users to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
Artifex Mupdf 1.13.0
6.8
CVSSv2
CVE-2017-14687
Artifex MuPDF 1.11 allows malicious users to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs becau...
Artifex Mupdf 1.11
6.8
CVSSv2
CVE-2017-7264
Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
Artifex Mupdf 1.10a
6.8
CVSSv2
CVE-2016-8729
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send...
Artifex Mupdf 1.9
NA
CVE-2020-21896
A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote malicious users to cause a denial of service via opening of a crafted PDF file.
Artifex Mupdf 1.16.0
4.3
CVSSv2
CVE-2016-10221
The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote malicious users to cause a denial of service (stack consumption and application crash) via a crafted PDF document.
Artifex Mupdf 1.10a
7.5
CVSSv2
CVE-2019-7321
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an malicious user to execute arbitrary code.
Artifex Mupdf 1.14.0
NA
CVE-2020-26683
A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows malicious users to obtain sensitive information.
Artifex Mupdf 1.17.0
4.3
CVSSv2
CVE-2019-6130
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
Artifex Mupdf 1.14.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »