Phantompdf@* Security Vulnerabilities and Issues — Page 6 of Phantompdf@* CVE List

6.5CVSS6.8AI score0.00201EPSS

CVE-2018-11621

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Co...

8.8CVSS8.8AI score0.00298EPSS

CVE-2018-11623

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addAdL...

CVE•added 2018/05/17 3:29 p.m.•44 views

CVE-2018-1178

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handl...

CVE-2018-14250

8.8CVSS8.8AI score0.01087EPSS

CVE-2018-14280

8.8CVSS8.8AI score0.00482EPSS

CVE-2018-14290

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2018-14299

CVE•added 2018/10/29 10:0 p.m.•44 views

CVE-2018-17615

8.8CVSS7.8AI score0.00598EPSS

CVE•added 2019/01/24 4:29 a.m.•44 views

CVE-2018-17652

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE•added 2019/01/24 4:29 a.m.•44 views

CVE-2018-17688

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

8.8CVSS8.8AI score0.00566EPSS

CVE•added 2018/05/17 3:29 p.m.•44 views

CVE-2018-9954

CVE•added 2018/05/17 3:29 p.m.•44 views

CVE-2018-9965

CVE•added 2020/06/04 4:15 p.m.•44 views

CVE-2019-20818

An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows memory consumption because data is created for each page of an application level.

7.5CVSS7.5AI score0.00021EPSS

CVE•added 2019/03/21 4:1 p.m.•44 views

CVE-2019-6733

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handl...

6.5CVSS6.2AI score0.00894EPSS

CVE•added 2021/03/30 3:15 p.m.•44 views

CVE-2021-27271

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS7.8AI score0.04545EPSS

CVE•added 2016/10/31 10:59 a.m.•43 views

CVE-2016-8879

The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Hea...

6.5CVSS7AI score0.00088EPSS

CVE-2018-10479

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

8.8CVSS8.8AI score0.00235EPSS

CVE-2018-10484

CVE-2018-10486

8.8CVSS8.8AI score0.00474EPSS

CVE-2018-10489

8.8CVSS8.8AI score0.00474EPSS

CVE-2018-10494

8.8CVSS8.8AI score0.01708EPSS

CVE-2018-1176

CVE•added 2018/07/31 8:29 p.m.•43 views

CVE-2018-14246

CVE•added 2018/07/31 8:29 p.m.•43 views

CVE-2018-14256

CVE•added 2018/07/31 8:29 p.m.•43 views

CVE-2018-14286

CVE•added 2018/10/08 4:29 p.m.•43 views

CVE-2018-16293

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can t...

7.8CVSS7.8AI score0.00546EPSS

CVE•added 2018/09/28 9:29 a.m.•43 views

CVE-2018-17609

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects.

9.8CVSS9.3AI score0.00398EPSS

CVE•added 2018/10/29 10:0 p.m.•43 views

CVE-2018-17622

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

6.5CVSS6.6AI score0.01853EPSS

CVE•added 2018/10/29 10:0 p.m.•43 views

CVE-2018-17623

8.8CVSS8.8AI score0.00598EPSS

8.8CVSS7.8AI score0.00586EPSS

CVE-2018-17628

CVE-2018-17642

CVE-2018-17664

CVE-2018-17669

8.8CVSS7.8AI score0.00566EPSS

CVE-2018-17675

8.8CVSS8.8AI score0.00518EPSS

CVE-2018-17692

8.8CVSS8.8AI score0.00566EPSS

CVE-2018-17694

CVE•added 2020/06/04 5:15 p.m.•43 views

CVE-2018-21242

An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action.

9.8CVSS9.5AI score0.03645EPSS

CVE-2018-9963

CVE•added 2020/06/04 4:15 p.m.•43 views

CVE-2019-20821

An issue was discovered in Foxit PhantomPDF Mac before 3.4. It has a NULL pointer dereference.

7.5CVSS7.5AI score0.00018EPSS

CVE•added 2020/06/04 5:15 p.m.•43 views

CVE-2019-20826

An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It has a NULL pointer dereference.

7.5CVSS7.5AI score0.00018EPSS

CVE•added 2019/03/21 4:1 p.m.•43 views

CVE-2019-6730

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the popUpMenu method....

8.8CVSS8.8AI score0.21143EPSS

CVE•added 2015/05/01 3:59 p.m.•42 views

CVE-2015-3633

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures.

5CVSS6.9AI score0.00113EPSS

CVE•added 2017/03/14 9:59 a.m.•42 views

CVE-2017-6883

The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to information disclosu...

4.7CVSS6.7AI score0.00111EPSS

CVE•added 2018/05/17 3:29 p.m.•42 views

CVE-2018-1174

6.5CVSS6.5AI score0.00201EPSS

CVE•added 2018/05/17 3:29 p.m.•42 views

CVE-2018-1179

CVE•added 2018/07/31 8:29 p.m.•42 views

CVE-2018-14253