Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phantompdf vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-26537
An issue exists in Foxit Reader and PhantomPDF prior to 10.1. In a certain Shading calculation, the number of outputs is unequal to the number of color components in a color space. This causes an out-of-bounds write.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
4.4
CVSSv2
CVE-2020-26538
An issue exists in Foxit Reader and PhantomPDF prior to 10.1. It allows malicious users to execute arbitrary code via a Trojan horse taskkill.exe in the current working directory.
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
7.5
CVSSv2
CVE-2020-26539
An issue exists in Foxit Reader and PhantomPDF prior to 10.1. When there is a multiple interpretation error for /V (in the Additional Action and Field dictionaries), a use-after-free can occur with resultant remote code execution (or an information leak).
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
5.8
CVSSv2
CVE-2020-11493
In Foxit Reader and PhantomPDF prior to 10.0.1, and PhantomPDF prior to 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject.
Foxitsoftware Phantompdf
Foxitsoftware Reader
5.8
CVSSv2
CVE-2020-12247
In Foxit Reader and PhantomPDF prior to 10.0.1, and PhantomPDF prior to 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur.
Foxitsoftware Phantompdf
Foxitsoftware Reader
6.8
CVSSv2
CVE-2020-12248
In Foxit Reader and PhantomPDF prior to 10.0.1, and PhantomPDF prior to 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled.
Foxitsoftware Phantompdf
Foxitsoftware Reader
4.3
CVSSv2
CVE-2020-15637
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The sp...
Foxitsoftware Phantompdf
Foxitsoftware Reader
6.8
CVSSv2
CVE-2020-15638
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.2.29539. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific f...
Foxitsoftware Phantompdf
Foxitsoftware Reader
5
CVSSv2
CVE-2019-20823
An issue exists in Foxit PhantomPDF prior to 8.3.11. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs.
Foxitsoftware Phantompdf
5
CVSSv2
CVE-2019-20824
An issue exists in Foxit PhantomPDF prior to 8.3.11. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file.
Foxitsoftware Phantompdf
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »