Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foxitsoftware phantompdf vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-26538
An issue exists in Foxit Reader and PhantomPDF prior to 10.1. It allows malicious users to execute arbitrary code via a Trojan horse taskkill.exe in the current working directory.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2020-26539
An issue exists in Foxit Reader and PhantomPDF prior to 10.1. When there is a multiple interpretation error for /V (in the Additional Action and Field dictionaries), a use-after-free can occur with resultant remote code execution (or an information leak).
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
7.5
CVSSv3
CVE-2020-26540
An issue exists in Foxit Reader and PhantomPDF prior to 4.1 on macOS. Because the Hardened Runtime protection mechanism is not applied to code signing, code injection (or an information leak) can occur.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
7.1
CVSSv3
CVE-2020-12247
In Foxit Reader and PhantomPDF prior to 10.0.1, and PhantomPDF prior to 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur.
Foxitsoftware Phantompdf
Foxitsoftware Reader
8.8
CVSSv3
CVE-2020-12248
In Foxit Reader and PhantomPDF prior to 10.0.1, and PhantomPDF prior to 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled.
Foxitsoftware Phantompdf
Foxitsoftware Reader
8.1
CVSSv3
CVE-2020-11493
In Foxit Reader and PhantomPDF prior to 10.0.1, and PhantomPDF prior to 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject.
Foxitsoftware Phantompdf
Foxitsoftware Reader
3.3
CVSSv3
CVE-2020-15637
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The sp...
Foxitsoftware Phantompdf
Foxitsoftware Reader
7.8
CVSSv3
CVE-2020-15638
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.2.29539. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific f...
Foxitsoftware Phantompdf
Foxitsoftware Reader
7.5
CVSSv3
CVE-2019-20823
An issue exists in Foxit PhantomPDF prior to 8.3.11. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs.
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2019-20825
An issue exists in Foxit PhantomPDF prior to 8.3.11. It has an out-of-bounds write when Internet Explorer is used.
Foxitsoftware Phantompdf
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »