Filtered by vendor Artifex
Subscriptions
Total
248 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27834 | 1 Artifex | 1 Ghostscript | 2025-04-01 | 7.8 High |
| An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdf_func.c. | ||||
| CVE-2025-27835 | 1 Artifex | 1 Ghostscript | 2025-04-01 | 7.8 High |
| An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c. | ||||
| CVE-2025-27836 | 1 Artifex | 1 Ghostscript | 2025-04-01 | 9.8 Critical |
| An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c. | ||||
| CVE-2025-27837 | 1 Artifex | 1 Ghostscript | 2025-04-01 | 9.8 Critical |
| An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp. | ||||
| CVE-2020-17538 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2025-03-24 | 5.5 Medium |
| A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
| CVE-2020-16296 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2025-03-24 | 5.5 Medium |
| A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
| CVE-2024-29509 | 1 Artifex | 1 Ghostscript | 2025-03-20 | 8.8 High |
| Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle. | ||||
| CVE-2024-29508 | 1 Artifex | 1 Ghostscript | 2025-03-17 | 3.3 Low |
| Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc. | ||||
| CVE-2020-16304 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2025-03-14 | 5.5 Medium |
| A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51. | ||||
| CVE-2020-16297 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2025-03-14 | 5.5 Medium |
| A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
| CVE-2020-16291 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2025-03-04 | 5.5 Medium |
| A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
| CVE-2023-28879 | 3 Artifex, Debian, Redhat | 3 Ghostscript, Debian Linux, Enterprise Linux | 2025-02-14 | 9.8 Critical |
| In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. | ||||
| CVE-2022-2085 | 2 Artifex, Fedoraproject | 2 Ghostscript, Fedora | 2025-02-13 | 5.5 Medium |
| A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash. | ||||
| CVE-2021-3407 | 3 Artifex, Debian, Fedoraproject | 3 Mupdf, Debian Linux, Fedora | 2025-02-13 | 5.5 Medium |
| A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences. | ||||
| CVE-2023-38560 | 2 Artifex, Redhat | 2 Ghostscript, Enterprise Linux | 2025-02-07 | 5.5 Medium |
| An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format. | ||||
| CVE-2021-33797 | 1 Artifex | 1 Mujs | 2025-02-06 | 9.8 Critical |
| Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d. | ||||
| CVE-2023-36664 | 4 Artifex, Debian, Fedoraproject and 1 more | 5 Ghostscript, Debian Linux, Fedora and 2 more | 2024-12-05 | 7.8 High |
| Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). | ||||
| CVE-2023-38559 | 4 Artifex, Debian, Fedoraproject and 1 more | 4 Ghostscript, Debian Linux, Fedora and 1 more | 2024-11-23 | 5.5 Medium |
| A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. | ||||
| CVE-2024-29506 | 1 Artifex | 1 Ghostscript | 2024-11-21 | 8.8 High |
| Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name. | ||||
| CVE-2023-51107 | 1 Artifex | 1 Mupdf | 2024-11-21 | 7.5 High |
| A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in functon compute_color() of jquant2.c. NOTE: this is disputed by the supplier because there was not reasonable evidence to determine the existence of a vulnerability or identify the affected product. | ||||