Vulnerabilities > Artifex > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-18 | CVE-2023-43115 | In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. | 8.8 |
| 2023-08-22 | CVE-2020-21890 | Out-of-bounds Write vulnerability in Artifex Ghostscript 9.50 Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document. | 7.8 |
| 2023-07-07 | CVE-2021-33796 | Use After Free vulnerability in Artifex Mujs In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service. | 7.5 |
| 2023-06-25 | CVE-2023-36664 | Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). | 7.8 |
| 2022-11-23 | CVE-2022-44789 | Out-of-bounds Write vulnerability in multiple products A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file. | 8.8 |
| 2022-08-19 | CVE-2020-27792 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. | 7.1 |
| 2022-04-25 | CVE-2019-25059 | Artifex Ghostscript through 9.26 mishandles .completefont. | 7.8 |
| 2022-02-14 | CVE-2021-45005 | Out-of-bounds Write vulnerability in Artifex Mujs 1.1.3 Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. | 7.5 |
| 2020-12-09 | CVE-2020-16600 | Use After Free vulnerability in Artifex Mupdf A Use After Free vulnerability exists in Artifex Software, Inc. | 7.8 |
| 2020-08-13 | CVE-2020-16303 | Use After Free vulnerability in multiple products A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. | 7.8 |