freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.
Max CVSS
7.5
EPSS Score
0.05%
Published
2024-02-05
Updated
2024-02-21
freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.
Max CVSS
7.5
EPSS Score
0.05%
Published
2024-02-05
Updated
2024-02-21
A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon compute_color() of jquant2.c.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-26
Updated
2024-01-05
A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon pnm_binary_read_image() of load-pnm.c.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-26
Updated
2024-01-05
A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-26
Updated
2024-01-05
A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon pnm_binary_read_image() of load-pnm.c line 527.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-26
Updated
2024-01-05
A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon fz_new_pixmap_from_float_data() of pixmap.c.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-26
Updated
2024-01-05
MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
Max CVSS
5.5
EPSS Score
0.05%
Published
2023-10-31
Updated
2023-11-08
MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
Max CVSS
5.5
EPSS Score
0.12%
Published
2021-07-21
Updated
2021-11-28
A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-08-26
Updated
2022-08-31
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
Max CVSS
5.5
EPSS Score
0.11%
Published
2021-02-23
Updated
2023-02-12
A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information.
Max CVSS
5.5
EPSS Score
0.05%
Published
2023-08-22
Updated
2023-08-28
Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
Max CVSS
5.5
EPSS Score
0.14%
Published
2020-10-02
Updated
2022-01-06
A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file.
Max CVSS
5.5
EPSS Score
0.07%
Published
2023-08-22
Updated
2023-08-25
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
Max CVSS
5.5
EPSS Score
0.10%
Published
2021-07-21
Updated
2021-12-14
A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.
Max CVSS
7.8
EPSS Score
0.08%
Published
2020-12-09
Updated
2020-12-14
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.
Max CVSS
7.1
EPSS Score
0.09%
Published
2019-08-14
Updated
2019-08-26
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node.
Max CVSS
7.8
EPSS Score
1.07%
Published
2019-07-04
Updated
2020-08-30
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.45%
Published
2019-06-13
Updated
2020-08-24
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
Max CVSS
5.5
EPSS Score
0.16%
Published
2019-01-11
Updated
2020-08-24
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
Max CVSS
5.5
EPSS Score
0.34%
Published
2019-01-11
Updated
2020-07-26
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.
Max CVSS
7.8
EPSS Score
0.23%
Published
2018-02-09
Updated
2019-03-14
In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.
Max CVSS
5.5
EPSS Score
0.22%
Published
2018-05-24
Updated
2019-03-14
In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
Max CVSS
7.8
EPSS Score
0.36%
Published
2018-05-24
Updated
2019-03-14
In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.
Max CVSS
7.8
EPSS Score
0.43%
Published
2018-05-24
Updated
2020-08-24
60 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!