Shodan
Vulnerabilities
Vulnerable Software
Artifex:  Security Vulnerabilities
CVE-2020-22886
Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.007
Published
2021-07-13
CVE-2021-3407
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
CVSS Score
5.5
EPSS Score
0.012
Published
2021-02-23
CVE-2020-16600
A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.
CVSS Score
7.8
EPSS Score
0.003
Published
2020-12-09
CVE-2020-26519
Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
CVSS Score
5.5
EPSS Score
0.008
Published
2020-10-02
CVE-2020-14373
A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-09-03
CVE-2020-24343
Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c.
CVSS Score
7.8
EPSS Score
0.002
Published
2020-08-13
CVE-2020-16304
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.
CVSS Score
5.5
EPSS Score
0.005
Published
2020-08-13
CVE-2020-16305
A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVSS Score
5.5
EPSS Score
0.006
Published
2020-08-13
CVE-2020-16306
A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.
CVSS Score
5.5
EPSS Score
0.018
Published
2020-08-13
CVE-2020-16307
A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.
CVSS Score
5.5
EPSS Score
0.018
Published
2020-08-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved