Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foxitsoftware reader vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-20310
Foxit Reader prior to 9.5, and PhantomPDF prior to 8.3.10 and 9.x prior to 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
Foxitsoftware Phantompdf
Foxitsoftware Reader
6.8
CVSSv2
CVE-2018-20311
Foxit Reader prior to 9.5, and PhantomPDF prior to 8.3.10 and 9.x prior to 9.5, has a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
Foxitsoftware Phantompdf
Foxitsoftware Reader
6.8
CVSSv2
CVE-2020-35931
An issue exists in Foxit Reader prior to 10.1.1 (and prior to 4.1.1 on macOS) and PhantomPDF prior to 9.7.5 and 10.x prior to 10.1.1 (and prior to 4.1.1 on macOS). An attacker can spoof a certified PDF document via an Evil Annotation Attack because the products fail to consider a...
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
6.8
CVSSv2
CVE-2020-13547
A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker nee...
Foxitsoftware Foxit Reader 10.0.0.37527
6.8
CVSSv2
CVE-2020-13560
A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the...
Foxitsoftware Foxit Reader 10.1.0.37527
6.8
CVSSv2
CVE-2020-13557
A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the...
Foxitsoftware Foxit Reader 10.1.0.37527
6.8
CVSSv2
CVE-2020-13570
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger the reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the u...
Foxitsoftware Foxit Reader 10.1.0.37527
4.3
CVSSv2
CVE-2020-28203
An issue exists in Foxit Reader and PhantomPDF 10.1.0.37527 and previous versions. There is a null pointer access/dereference while opening a crafted PDF file, leading the application to crash (denial of service).
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
6.8
CVSSv2
CVE-2020-14425
Foxit Reader prior to 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. An attacker can execute local files and bypass the security dialog.
Foxitsoftware Foxit Reader
7.2
CVSSv2
CVE-2020-17414
This vulnerability allows local malicious users to escalate privileges on affected installations of Foxit Reader 10.0.0.35798. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw e...
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »