Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phantompdf vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-26540
An issue exists in Foxit Reader and PhantomPDF prior to 4.1 on macOS. Because the Hardened Runtime protection mechanism is not applied to code signing, code injection (or an information leak) can occur.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2020-26535
An issue exists in Foxit Reader and PhantomPDF prior to 10.1. If TslAlloc attempts to allocate thread local storage but obtains an unacceptable index value, V8 throws an exception that leads to a write access violation (and read access violation).
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2020-26539
An issue exists in Foxit Reader and PhantomPDF prior to 10.1. When there is a multiple interpretation error for /V (in the Additional Action and Field dictionaries), a use-after-free can occur with resultant remote code execution (or an information leak).
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
7.1
CVSSv3
CVE-2020-12247
In Foxit Reader and PhantomPDF prior to 10.0.1, and PhantomPDF prior to 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur.
Foxitsoftware Phantompdf
Foxitsoftware Reader
8.1
CVSSv3
CVE-2020-11493
In Foxit Reader and PhantomPDF prior to 10.0.1, and PhantomPDF prior to 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject.
Foxitsoftware Phantompdf
Foxitsoftware Reader
8.8
CVSSv3
CVE-2020-12248
In Foxit Reader and PhantomPDF prior to 10.0.1, and PhantomPDF prior to 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled.
Foxitsoftware Phantompdf
Foxitsoftware Reader
7.8
CVSSv3
CVE-2020-15638
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.2.29539. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific f...
Foxitsoftware Phantompdf
Foxitsoftware Reader
3.3
CVSSv3
CVE-2020-15637
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The sp...
Foxitsoftware Phantompdf
Foxitsoftware Reader
9.8
CVSSv3
CVE-2019-20825
An issue exists in Foxit PhantomPDF prior to 8.3.11. It has an out-of-bounds write when Internet Explorer is used.
Foxitsoftware Phantompdf
7.5
CVSSv3
CVE-2019-20831
An issue exists in the 3D Plugin Beta for Foxit Reader and PhantomPDF prior to 9.5.0.20733. It has void data mishandling, causing a crash.
Foxitsoftware 3d
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »