Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mupdf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24259
freeglut up to and including 3.4.0 exists to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.
Artifex Mupdf 1.23.9
6.8
CVSSv2
CVE-2019-13290
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote malicious users to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a displ...
Artifex Mupdf 1.15.0
4.3
CVSSv2
CVE-2019-6130
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
Artifex Mupdf 1.14.0
7.5
CVSSv2
CVE-2019-7321
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an malicious user to execute arbitrary code.
Artifex Mupdf 1.14.0
9.3
CVSSv2
CVE-2011-0341
Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote malicious users to execute arbitrary code via a crafted web site.
Artifex Mupdf 2008.09.02
6.8
CVSSv2
CVE-2017-7264
Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
Artifex Mupdf 1.10a
4.3
CVSSv2
CVE-2018-16647
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote malicious users to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
Artifex Mupdf 1.13.0
4.3
CVSSv2
CVE-2018-16648
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote malicious users to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
Artifex Mupdf 1.13.0
6.8
CVSSv2
CVE-2016-8728
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code executi...
Artifex Mupdf 1.10
6.8
CVSSv2
CVE-2016-8729
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send...
Artifex Mupdf 1.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »