Phantompdf Security Vulnerabilities and Issues — Page 6 of Phantompdf CVE List

Lucene search

FoxitsoftwarePhantompdf

549 matches found

CVE•added 2020/06/04 5:15 p.m.•46 views

CVE-2018-21244

An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.

9.8CVSS9.3AI score0.0005EPSS

CVE•added 2018/10/03 3:29 p.m.•46 views

CVE-2018-3994

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the u...

8.8CVSS8.3AI score0.00268EPSS

CVE•added 2018/05/24 9:29 p.m.•46 views

CVE-2018-5678

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...

8.8CVSS8.8AI score0.01583EPSS

CVE•added 2018/05/17 3:29 p.m.•46 views

CVE-2018-9941

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handl...

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/05/17 3:29 p.m.•46 views

CVE-2018-9942

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2020/06/04 4:15 p.m.•46 views

CVE-2019-20816

An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference during the parsing of file data.

7.5CVSS7.5AI score0.00026EPSS

CVE•added 2020/06/04 5:15 p.m.•46 views

CVE-2019-20828

An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs.

7.5CVSS7.7AI score0.00022EPSS

CVE•added 2020/06/04 5:15 p.m.•46 views

CVE-2019-20834

An issue was discovered in Foxit PhantomPDF before 8.3.10. It allows signature validation bypass via a modified file or a file with non-standard signatures.

7.5CVSS7.5AI score0.00007EPSS

CVE•added 2019/03/21 4:1 p.m.•46 views

CVE-2019-6727

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA remerge metho...

8.8CVSS8.8AI score0.21143EPSS

CVE•added 2020/09/04 4:15 a.m.•46 views

CVE-2020-12247

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur.

7.1CVSS6.6AI score0.00129EPSS

CVE•added 2020/10/13 5:15 p.m.•46 views

CVE-2020-17417

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS7.8AI score0.03065EPSS

CVE•added 2021/03/30 3:15 p.m.•46 views

CVE-2021-27271

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS7.8AI score0.04545EPSS

CVE•added 2021/05/07 9:15 p.m.•46 views

CVE-2021-31457

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS8.4AI score0.00518EPSS

CVE•added 2016/10/31 10:59 a.m.•45 views

CVE-2016-8876

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."

7.5CVSS8.3AI score0.00361EPSS

CVE•added 2018/05/17 3:29 p.m.•45 views

CVE-2018-10482

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

6.5CVSS6.5AI score0.00412EPSS

CVE•added 2018/05/17 3:29 p.m.•45 views

CVE-2018-10484

8.8CVSS8.8AI score0.00235EPSS

CVE•added 2018/05/17 3:29 p.m.•45 views

CVE-2018-10493

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

6.5CVSS6.5AI score0.00223EPSS

CVE•added 2018/05/17 3:29 p.m.•45 views

CVE-2018-10494

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

8.8CVSS8.8AI score0.00474EPSS

CVE•added 2018/07/31 8:29 p.m.•45 views

CVE-2018-11621

6.5CVSS6.8AI score0.00201EPSS

CVE•added 2018/07/31 8:29 p.m.•45 views

CVE-2018-11623

8.8CVSS8.8AI score0.00298EPSS

CVE•added 2018/05/17 3:29 p.m.•45 views

CVE-2018-1176

8.8CVSS8.8AI score0.007EPSS

CVE•added 2018/05/17 3:29 p.m.•45 views

CVE-2018-1178

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/07/31 8:29 p.m.•45 views

CVE-2018-14250

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/10/29 10:0 p.m.•45 views

CVE-2018-17615

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

8.8CVSS7.8AI score0.00598EPSS

CVE•added 2019/01/24 4:29 a.m.•45 views

CVE-2018-17652

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

8.8CVSS7.8AI score0.00856EPSS

CVE•added 2018/05/17 3:29 p.m.•45 views

CVE-2018-9954

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/05/17 3:29 p.m.•45 views

CVE-2018-9965

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2020/06/04 4:15 p.m.•45 views

CVE-2019-20818

An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows memory consumption because data is created for each page of an application level.

7.5CVSS7.5AI score0.00021EPSS

CVE•added 2019/03/21 4:1 p.m.•45 views

CVE-2019-6733

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handl...

6.5CVSS6.2AI score0.00894EPSS

CVE•added 2016/10/31 10:59 a.m.•44 views

CVE-2016-8879

The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Hea...

6.5CVSS7AI score0.00088EPSS

CVE•added 2017/03/14 9:59 a.m.•44 views

CVE-2017-6883

The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to information disclosu...

4.7CVSS6.7AI score0.00111EPSS

CVE•added 2018/05/17 3:29 p.m.•44 views

CVE-2018-10479

6.5CVSS6.5AI score0.00223EPSS

CVE•added 2018/05/17 3:29 p.m.•44 views

CVE-2018-10486

6.5CVSS6.5AI score0.00223EPSS

CVE•added 2018/05/17 3:29 p.m.•44 views

CVE-2018-10489

8.8CVSS8.8AI score0.00474EPSS

CVE•added 2018/07/31 8:29 p.m.•44 views

CVE-2018-14246

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•44 views

CVE-2018-14256

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•44 views

CVE-2018-14286

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•44 views

CVE-2018-14316

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

6.5CVSS6.8AI score0.00201EPSS

CVE•added 2018/10/08 4:29 p.m.•44 views

CVE-2018-16293

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can t...

7.8CVSS7.8AI score0.00546EPSS

CVE•added 2018/09/28 9:29 a.m.•44 views

CVE-2018-17609

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects.

9.8CVSS9.3AI score0.00398EPSS

CVE•added 2018/10/29 10:0 p.m.•44 views

CVE-2018-17622

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

6.5CVSS6.6AI score0.01853EPSS

CVE•added 2018/10/29 10:0 p.m.•44 views

CVE-2018-17623

8.8CVSS8.8AI score0.00598EPSS

CVE•added 2019/01/24 4:29 a.m.•44 views

CVE-2018-17628

8.8CVSS7.8AI score0.00586EPSS

CVE•added 2019/01/24 4:29 a.m.•44 views

CVE-2018-17642

8.8CVSS7.8AI score0.00856EPSS

CVE•added 2019/01/24 4:29 a.m.•44 views

CVE-2018-17664

8.8CVSS7.8AI score0.00856EPSS

CVE•added 2019/01/24 4:29 a.m.•44 views

CVE-2018-17669

8.8CVSS7.8AI score0.00856EPSS

CVE•added 2019/01/24 4:29 a.m.•44 views

CVE-2018-17675

8.8CVSS7.8AI score0.00566EPSS

CVE•added 2019/01/24 4:29 a.m.•44 views

CVE-2018-17692

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the co...

8.8CVSS8.8AI score0.00518EPSS

CVE•added 2019/01/24 4:29 a.m.•44 views

CVE-2018-17694

8.8CVSS8.8AI score0.00566EPSS

CVE•added 2020/06/04 5:15 p.m.•44 views

CVE-2018-21242

An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action.

9.8CVSS9.5AI score0.03645EPSS

Total number of security vulnerabilities549