Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foxitsoftware phantompdf vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-20827
An issue exists in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac prior to 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space.
Foxitsoftware Phantompdf
Foxitsoftware Reader
9.8
CVSSv3
CVE-2019-20830
An issue exists in Foxit Reader and PhantomPDF prior to 9.6. It has an out-of-bounds write when Internet Explorer is used.
Foxitsoftware Phantompdf
Foxitsoftware Reader
9.8
CVSSv3
CVE-2018-21242
An issue exists in Foxit PhantomPDF prior to 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action.
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2018-21244
An issue exists in Foxit PhantomPDF prior to 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2019-20822
An issue exists in the 3D Plugin Beta for Foxit Reader and PhantomPDF prior to 9.7.0.29430. It has an out-of-bounds write via incorrect image data.
Foxitsoftware 3d
9.8
CVSSv3
CVE-2020-13814
An issue exists in Foxit Reader and PhantomPDF prior to 9.7.1. It has a use-after-free via a document that lacks a dictionary.
Foxitsoftware Phantompdf
Foxitsoftware Reader
9.8
CVSSv3
CVE-2020-13805
An issue exists in Foxit Reader and PhantomPDF prior to 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures.
Foxitsoftware Phantompdf
Foxitsoftware Reader
9.8
CVSSv3
CVE-2020-13804
An issue exists in Foxit Reader and PhantomPDF prior to 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin.
Foxitsoftware Phantompdf
Foxitsoftware Reader
9.8
CVSSv3
CVE-2019-14209
An issue exists in Foxit PhantomPDF prior to 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm.
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2018-17607
Foxit PhantomPDF and Reader prior to 9.3 allow remote malicious users to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects.
Foxitsoftware Reader
Foxitsoftware Phantompdf
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »