Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phantompdf vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-20832
An issue exists in Foxit PhantomPDF prior to 8.3.10. It has homograph mishandling.
Foxitsoftware Phantompdf
445
VMScore
CVE-2019-20833
An issue exists in Foxit PhantomPDF prior to 8.3.10. It has mishandling of cloud credentials, as demonstrated by Google Drive.
Foxitsoftware Phantompdf
445
VMScore
CVE-2019-20834
An issue exists in Foxit PhantomPDF prior to 8.3.10. It allows signature validation bypass via a modified file or a file with non-standard signatures.
Foxitsoftware Phantompdf
383
VMScore
CVE-2018-21243
An issue exists in Foxit PhantomPDF prior to 8.3.6. It has COM object mishandling when Microsoft Word is used.
Foxitsoftware Phantompdf
445
VMScore
CVE-2019-14207
An issue exists in Foxit PhantomPDF prior to 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error).
Foxitsoftware Phantompdf
445
VMScore
CVE-2019-14208
An issue exists in Foxit PhantomPDF prior to 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary.
Foxitsoftware Phantompdf
445
VMScore
CVE-2019-14210
An issue exists in Foxit PhantomPDF prior to 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object.
Foxitsoftware Phantompdf
445
VMScore
CVE-2019-14212
An issue exists in Foxit PhantomPDF prior to 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object.
Foxitsoftware Phantompdf
445
VMScore
CVE-2019-14214
An issue exists in Foxit PhantomPDF prior to 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function.
Foxitsoftware Phantompdf
445
VMScore
CVE-2018-21237
An issue exists in Foxit PhantomPDF prior to 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.
Foxitsoftware Phantompdf
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »