Vulnerabilities > Artifex > High

DATE CVE VULNERABILITY TITLE RISK
2019-04-22 CVE-2019-11413 Uncontrolled Recursion vulnerability in Artifex Mujs 1.0.5
An issue was discovered in Artifex MuJS 1.0.5.
network
low complexity
artifex CWE-674
7.5
7.5
2019-04-22 CVE-2019-11412 Always-Incorrect Control Flow Implementation vulnerability in multiple products
An issue was discovered in Artifex MuJS 1.0.5.
network
low complexity
artifex fedoraproject CWE-670
7.5
7.5
2019-03-21 CVE-2019-6116 In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. 7.8
7.8
2018-12-20 CVE-2018-19134 Incorrect Type Conversion or Cast vulnerability in multiple products
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types.
local
low complexity
artifex debian redhat CWE-704
7.8
7.8
2018-12-03 CVE-2018-16863 Incomplete Blacklist vulnerability in multiple products
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509.
local
low complexity
artifex redhat CWE-184
7.8
7.8
2018-11-23 CVE-2018-19477 Incorrect Type Conversion or Cast vulnerability in multiple products
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
local
low complexity
artifex debian canonical redhat CWE-704
7.8
7.8
2018-11-23 CVE-2018-19476 Incorrect Type Conversion or Cast vulnerability in multiple products
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
local
low complexity
artifex debian canonical redhat CWE-704
7.8
7.8
2018-11-23 CVE-2018-19475 psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
local
low complexity
artifex debian canonical redhat
7.8
7.8
2018-10-19 CVE-2018-18284 Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
local
low complexity
artifex debian canonical redhat pulsesecure
8.6
8.6
2018-10-15 CVE-2018-17961 Information Exposure Through an Error Message vulnerability in multiple products
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup.
local
low complexity
artifex debian canonical redhat CWE-209
8.6
8.6