Phantompdf@* Security Vulnerabilities and Issues — Page 10 of Phantompdf@* CVE List

CVE-2018-9966

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE-2018-9967

CVE-2018-9969

6.5CVSS6.5AI score0.00412EPSS

CVE-2018-9972

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Co...

8.8CVSS8.8AI score0.00543EPSS

CVE-2018-9974

CVE•added 2020/06/04 3:15 p.m.•37 views

CVE-2020-13807

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has circular reference mishandling that causes a loop.

7.5CVSS7.5AI score0.00021EPSS

CVE•added 2020/06/04 4:15 p.m.•37 views

CVE-2020-13815

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference.

7.5CVSS7.4AI score0.00018EPSS

CVE•added 2021/08/11 8:15 p.m.•37 views

CVE-2021-33794

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction.

9.1CVSS8.7AI score0.00027EPSS

CVE•added 2018/07/31 8:29 p.m.•36 views

CVE-2018-14244

CVE•added 2018/07/31 8:29 p.m.•36 views

CVE-2018-14271

CVE•added 2018/07/31 8:29 p.m.•36 views

CVE-2018-14305

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the proces...

CVE•added 2018/10/08 4:29 p.m.•36 views

CVE-2018-16292

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can t...

7.8CVSS7.8AI score0.00546EPSS

CVE-2018-17646

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE-2018-17648

CVE-2018-17676

CVE-2018-17677

CVE-2018-17681

8.8CVSS8.8AI score0.00566EPSS

CVE-2018-17687

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

6.5CVSS6.2AI score0.04017EPSS

CVE-2018-17699

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

CVE-2018-17702

CVE-2018-17705

CVE-2018-9943

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handl...

CVE-2018-9945

CVE-2018-9956

8.8CVSS8.8AI score0.00345EPSS

CVE-2018-9964

CVE-2018-9980

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

CVE-2018-9984

CVE•added 2020/06/04 3:15 p.m.•36 views

CVE-2020-13805

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures.

9.8CVSS9.3AI score0.00015EPSS

CVE•added 2021/03/30 3:15 p.m.•36 views

CVE-2021-27263

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

4.3CVSS3.8AI score0.07133EPSS

CVE•added 2021/05/07 9:15 p.m.•36 views

CVE-2021-31446

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

4.3CVSS3.4AI score0.02844EPSS

CVE-2018-10475

CVE•added 2018/09/28 9:29 a.m.•35 views

CVE-2018-17607

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects.

9.8CVSS9.3AI score0.00398EPSS

CVE•added 2018/10/29 10:0 p.m.•35 views

CVE-2018-17618

8.8CVSS7.8AI score0.00598EPSS

CVE-2018-17639

CVE-2018-17641

CVE-2018-17649

CVE-2018-17655

CVE-2018-17666

CVE-2018-17667

CVE-2018-17672

CVE-2018-17674

CVE-2018-17678

CVE-2018-9938

CVE-2018-9973

CVE-2018-9978