Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foxit phantompdf vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-38573
An issue exists in Foxit Reader and PhantomPDF prior to 10.1.4. It allows writing to arbitrary files because a CombineFiles pathname is not validated.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2018-14442
Foxit Reader prior to 9.2 and PhantomPDF prior to 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs.
Foxitsoftware Phantompdf
Foxitsoftware Foxit Reader
1 Github repository
7.8
CVSSv3
CVE-2018-10302
A use-after-free in Foxit Reader prior to 9.1 and PhantomPDF prior to 9.1 allows remote malicious users to execute arbitrary code, aka iDefense ID V-jyb51g3mv9.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
8.8
CVSSv3
CVE-2018-10303
A use-after-free in Foxit Reader prior to 9.1 and PhantomPDF prior to 9.1 allows remote malicious users to execute arbitrary code, aka iDefense ID V-y0nqfutlf3.
Foxitsoftware Phantompdf
Foxitsoftware Foxit Reader
7.8
CVSSv3
CVE-2016-4059
Use-after-free vulnerability in Foxit Reader and PhantomPDF prior to 7.3.4 on Windows allows remote malicious users to execute arbitrary code via a crafted FlateDecode stream in a PDF document.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
7.5
CVSSv3
CVE-2016-4060
Use-after-free vulnerability in Foxit Reader and PhantomPDF prior to 7.3.4 on Windows allows remote malicious users to cause a denial of service (application crash) via unspecified vectors.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
7.5
CVSSv3
CVE-2016-4061
Foxit Reader and PhantomPDF prior to 7.3.4 on Windows allow remote malicious users to cause a denial of service (application crash) via a crafted content stream.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
5.5
CVSSv3
CVE-2016-4062
Foxit Reader and PhantomPDF prior to 7.3.4 on Windows improperly report format errors recursively, which allows remote malicious users to cause a denial of service (application hang) via a crafted PDF.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
7.8
CVSSv3
CVE-2016-4063
Use-after-free vulnerability in Foxit Reader and PhantomPDF prior to 7.3.4 on Windows allows remote malicious users to execute arbitrary code via an object with a revision number of -1 in a PDF document.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
7.8
CVSSv3
CVE-2016-4064
Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF prior to 7.3.4 on Windows allows remote malicious users to execute arbitrary code via a crafted remerge call.
Foxitsoftware Phantompdf
Foxitsoftware Foxit Reader
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »