Vulnerabilities > Artifex > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-19 CVE-2020-27792 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file.
local
low complexity
artifex debian CWE-119
7.1
2022-04-25 CVE-2019-25059 Artifex Ghostscript through 9.26 mishandles .completefont.
local
low complexity
artifex debian
7.8
2022-04-14 CVE-2022-1350 Out-of-bounds Write vulnerability in Artifex Ghostpcl 9.55.0
A vulnerability classified as problematic was found in GhostPCL 9.55.0.
local
low complexity
artifex CWE-787
7.8
2021-07-13 CVE-2020-22885 Classic Buffer Overflow vulnerability in Artifex Mujs
Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers to cause a denial of service.
network
low complexity
artifex CWE-120
7.5
2021-07-13 CVE-2020-22886 Classic Buffer Overflow vulnerability in Artifex Mujs
Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service.
network
low complexity
artifex CWE-120
7.5
2020-12-09 CVE-2020-16600 Use After Free vulnerability in Artifex Mupdf
A Use After Free vulnerability exists in Artifex Software, Inc.
local
low complexity
artifex CWE-416
7.8
2020-08-13 CVE-2020-24343 Use After Free vulnerability in Artifex Mujs
Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c.
local
low complexity
artifex CWE-416
7.8
2020-08-13 CVE-2020-16303 Use After Free vulnerability in multiple products
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-416
7.8
2020-01-23 CVE-2012-5340 Integer Overflow or Wraparound vulnerability in multiple products
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
local
low complexity
sumatrapdfreader artifex CWE-190
7.8
2019-11-27 CVE-2019-14812 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
local
low complexity
artifex fedoraproject CWE-732
7.8