Vulnerabilities > Artifex > Mupdf > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-04 | CVE-2019-13290 | Out-of-bounds Write vulnerability in Artifex Mupdf 1.15.0 Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. | 7.8 |
| 2018-05-24 | CVE-2018-1000039 | Use After Free vulnerability in Artifex Mupdf In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file. | 7.8 |
| 2018-05-24 | CVE-2018-1000038 | Out-of-bounds Write vulnerability in Artifex Mupdf In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file. | 7.8 |
| 2018-04-24 | CVE-2016-8729 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Mupdf 1.9 An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. | 7.8 |
| 2018-04-24 | CVE-2016-8728 | Out-of-bounds Write vulnerability in Artifex Mupdf 1.10 An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. | 7.8 |
| 2018-02-09 | CVE-2018-1000051 | Use After Free vulnerability in multiple products Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. | 7.8 |
| 2018-01-22 | CVE-2017-17858 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Mupdf 1.12.0 Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted. | 7.8 |
| 2017-12-27 | CVE-2017-17866 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document. | 7.8 |
| 2017-10-18 | CVE-2017-15587 | Integer Overflow or Wraparound vulnerability in Artifex Mupdf 1.11 An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11. | 7.8 |
| 2017-10-16 | CVE-2017-15369 | Use After Free vulnerability in Artifex Mupdf The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document. | 7.8 |