Phantompdf Security Vulnerabilities and Issues — Page 9 of Phantompdf CVE List

8.8CVSS8.8AI score0.00557EPSS

CVE-2018-9935

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addFi...

8.8CVSS8.8AI score0.00387EPSS

CVE-2018-9952

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

8.8CVSS8.8AI score0.00387EPSS

CVE-2018-9955

CVE-2018-9976

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

CVE-2018-9979

CVE•added 2019/01/03 11:29 p.m.•39 views

CVE-2019-5005

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. They allowed Denial of Service (application crash) via image data, because two bytes are written to the end of the allocated memory without judging whether this will cause corruption.

5.5CVSS5.9AI score0.0008EPSS

CVE•added 2019/03/21 4:1 p.m.•39 views

CVE-2019-6731

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of...

8.8CVSS8.7AI score0.00745EPSS

CVE•added 2020/06/04 4:15 p.m.•39 views

CVE-2020-13814

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary.

9.8CVSS9.3AI score0.00027EPSS

CVE•added 2021/03/30 3:15 p.m.•39 views

CVE-2021-27266

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

4.3CVSS3.8AI score0.03774EPSS

6.5CVSS6.5AI score0.00412EPSS

CVE-2018-10485

CVE-2018-14241

CVE-2018-14251

CVE-2018-14263

CVE-2018-14274

8.8CVSS8.8AI score0.00387EPSS

CVE-2018-14315

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE•added 2018/10/08 4:29 p.m.•38 views

CVE-2018-16295

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can t...

7.8CVSS7.8AI score0.00546EPSS

CVE•added 2018/10/29 10:0 p.m.•38 views

CVE-2018-17616

8.8CVSS7.8AI score0.00609EPSS

CVE•added 2018/10/29 10:0 p.m.•38 views

CVE-2018-17620

8.8CVSS7.8AI score0.00609EPSS

CVE-2018-17630

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE-2018-17634

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE-2018-17635

CVE-2018-17637

CVE-2018-17647

CVE-2018-17654

CVE-2018-17660

CVE-2018-17663

CVE-2018-17670

8.8CVSS8.8AI score0.00566EPSS

CVE-2018-17690

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

8.8CVSS8.8AI score0.00566EPSS

CVE-2018-17698

CVE•added 2018/10/29 10:0 p.m.•38 views

CVE-2018-17706

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists wit...

8.8CVSS7.8AI score0.00541EPSS

CVE•added 2018/09/29 5:29 p.m.•38 views

CVE-2018-17781

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to trigger Uninitialized Object Information Disclosure because creation of ArrayBuffer and DataView objects is mishandled.

7.5CVSS7.8AI score0.00084EPSS

CVE•added 2021/01/07 5:15 p.m.•38 views

CVE-2018-20309

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

8.1CVSS8.1AI score0.00026EPSS

CVE•added 2018/05/24 9:29 p.m.•38 views

CVE-2018-7406

An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw e...

8.8CVSS8.7AI score0.01541EPSS

CVE-2018-9939

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handl...

8.8CVSS8.8AI score0.00345EPSS

CVE-2018-9960

8.8CVSS8.8AI score0.00345EPSS

CVE-2018-9961

CVE•added 2020/06/04 5:15 p.m.•38 views

CVE-2019-20827

An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space.

9.8CVSS9.4AI score0.00023EPSS

CVE•added 2020/06/04 5:15 p.m.•38 views

CVE-2019-20833

An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud credentials, as demonstrated by Google Drive.

7.5CVSS7.5AI score0.00013EPSS

CVE•added 2019/03/21 4:1 p.m.•38 views

CVE-2019-6735

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

6.5CVSS6.2AI score0.00894EPSS

CVE•added 2020/06/04 3:15 p.m.•38 views

CVE-2020-13809

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via long strings in the content stream.

7.5CVSS7.5AI score0.00021EPSS

CVE•added 2021/05/07 9:15 p.m.•38 views

CVE-2021-31442

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS7.8AI score0.01606EPSS

CVE-2018-10476

8.8CVSS8.8AI score0.00474EPSS

CVE-2018-10477

CVE-2018-10478