Shodan
Vulnerabilities
Vulnerable Software
Artifex:  Security Vulnerabilities
CVE-2025-55780
A null pointer dereference occurs in the function break_word_for_overflow_wrap() in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fz_html_split_flow() to split a FLOW_WORD node, but does not check if node->next is valid before accessing node->next->overflow_wrap, resulting in a crash if the split fails or returns a partial node chain.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-09-23
CVE-2025-59799
Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-09-22
CVE-2025-59800
In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-09-22
CVE-2025-59798
Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-09-22
CVE-2025-46206
An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the `strip_outline()` function enters infinite recursion
CVSS Score
6.5
EPSS Score
0.002
Published
2025-08-04
CVE-2025-48708
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-05-23
CVE-2025-46646
In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954.
CVSS Score
4.5
EPSS Score
0.0
Published
2025-04-26
CVE-2025-27835
An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-25
CVE-2025-27836
An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-03-25
CVE-2025-27837
An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.
CVSS Score
9.8
EPSS Score
0.003
Published
2025-03-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved