Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mupdf vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-14686
Artifex MuPDF 1.11 allows malicious users to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because read_zip_dir_im...
Artifex Mupdf 1.11
5.5
CVSSv3
CVE-2018-19881
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote malicious users to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
Artifex Mupdf 1.14.0
7.5
CVSSv3
CVE-2024-24259
freeglut up to and including 3.4.0 exists to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.
Artifex Mupdf 1.23.9
5.5
CVSSv3
CVE-2019-6130
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2019-6131
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2020-26683
A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows malicious users to obtain sensitive information.
Artifex Mupdf 1.17.0
5.5
CVSSv3
CVE-2018-16647
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote malicious users to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
Artifex Mupdf 1.13.0
5.5
CVSSv3
CVE-2016-10221
The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote malicious users to cause a denial of service (stack consumption and application crash) via a crafted PDF document.
Artifex Mupdf 1.10a
5.5
CVSSv3
CVE-2023-31794
MuPDF v1.21.1 exists to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted PDF file.
Artifex Mupdf 1.21.1
7.8
CVSSv3
CVE-2016-8729
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send...
Artifex Mupdf 1.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »