Skip to main content

Mujs

25 CVEs product

Monthly

CVE-2022-44789 HIGH PATCH This Week

A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Mujs Debian Linux +1
NVD GitHub
CVSS 3.1
8.8
EPSS
2.2%
CVE-2022-30975 MEDIUM POC This Month

In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Mujs Debian Linux Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
1.1%
CVE-2022-30974 MEDIUM POC This Month

compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mujs Debian Linux Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-24343 HIGH POC This Week

Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Mujs
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2019-12798 CRITICAL Act Now

An issue was discovered in Artifex MuJS 1.0.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mujs
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2019-11413 HIGH PATCH This Week

An issue was discovered in Artifex MuJS 1.0.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Mujs
NVD GitHub
CVSS 3.0
7.5
EPSS
2.3%
CVE-2019-11412 HIGH PATCH This Week

An issue was discovered in Artifex MuJS 1.0.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Mujs Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2019-11411 CRITICAL PATCH Act Now

An issue was discovered in Artifex MuJS 1.0.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Mujs
NVD GitHub
CVSS 3.0
9.8
EPSS
3.3%
CVE-2018-6191 MEDIUM POC This Month

The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Mujs
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
5.2%
CVE-2018-5759 MEDIUM POC This Month

jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Mujs
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
5.1%
CVE-2016-10133 CRITICAL PATCH Act Now

Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Mujs
NVD
CVSS 3.0
9.8
EPSS
0.6%
CVE-2016-10132 HIGH PATCH This Week

regexp.c in Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Mujs Fedora
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-9108 HIGH This Week

Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Fedora Mujs
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2017-5628 HIGH This Week

An issue was discovered in Artifex Software, Inc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Mujs
NVD VulDB
CVSS 3.1
7.8
EPSS
0.2%
CVE-2017-5627 HIGH This Week

An issue was discovered in Artifex Software, Inc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Mujs
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2016-9109 HIGH POC This Week

Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Mujs
NVD VulDB
CVSS 3.0
7.5
EPSS
1.1%
CVE-2016-7564 HIGH POC This Week

Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to cause a denial of service (crash) via crafted input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mujs
NVD VulDB
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-7563 HIGH POC This Week

The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Mujs
NVD VulDB
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-10141 CRITICAL Act Now

An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service Buffer Overflow Mujs
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2016-9294 HIGH POC This Week

Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Mujs
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2016-9136 HIGH PATCH This Week

Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Mujs
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2016-7506 HIGH POC This Week

An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow RCE Mujs
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2016-7505 CRITICAL POC Act Now

A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Buffer Overflow Mujs
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7504 CRITICAL POC Act Now

A use-after-free vulnerability was observed in Rp_toString function of Artifex Software, Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Memory Corruption RCE Use After Free Mujs
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2016-9017 HIGH POC This Week

Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Mujs
NVD
CVSS 3.0
7.5
EPSS
0.3%
EPSS 2% CVSS 8.8
HIGH PATCH This Week

A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow +3
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Mujs +2
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mujs Debian Linux +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Artifex MuJS 1.0.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mujs
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in Artifex MuJS 1.0.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Mujs
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in Artifex MuJS 1.0.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Mujs Fedora
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in Artifex MuJS 1.0.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Mujs
NVD GitHub
EPSS 5% CVSS 5.5
MEDIUM POC This Month

The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Mujs
NVD Exploit-DB
EPSS 5% CVSS 5.5
MEDIUM POC This Month

jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Mujs
NVD Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Mujs
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

regexp.c in Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Mujs +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Fedora +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in Artifex Software, Inc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Mujs
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in Artifex Software, Inc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Mujs
NVD VulDB
EPSS 1% CVSS 7.5
HIGH POC This Week

Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH POC This Week

Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to cause a denial of service (crash) via crafted input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mujs
NVD VulDB
EPSS 0% CVSS 7.5
HIGH POC This Week

The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH POC This Week

Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Mujs
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Mujs
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow +2
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Buffer Overflow +1
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A use-after-free vulnerability was observed in Rp_toString function of Artifex Software, Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Memory Corruption RCE +2
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Mujs
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy