Phantompdf@* Security Vulnerabilities and Issues — Page 7 of Phantompdf@* CVE List

Lucene search

FoxitsoftwarePhantompdf*

538 matches found

CVE•added 2018/07/31 8:29 p.m.•42 views

CVE-2018-14278

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getPag...

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•42 views

CVE-2018-14281

8.8CVSS8.8AI score0.01087EPSS

CVE•added 2018/07/31 8:29 p.m.•42 views

CVE-2018-14316

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

6.5CVSS6.8AI score0.00201EPSS

CVE•added 2019/01/24 4:29 a.m.•42 views

CVE-2018-17662

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

8.8CVSS7.8AI score0.00856EPSS

CVE•added 2019/01/24 4:29 a.m.•42 views

CVE-2018-17671

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

8.8CVSS7.3AI score0.00784EPSS

CVE•added 2019/01/24 4:29 a.m.•42 views

CVE-2018-17679

8.8CVSS7.8AI score0.00462EPSS

CVE•added 2019/01/24 4:29 a.m.•42 views

CVE-2018-17689

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

8.8CVSS8.8AI score0.00566EPSS

CVE•added 2019/01/24 4:29 a.m.•42 views

CVE-2018-17701

8.8CVSS8.8AI score0.00518EPSS

CVE•added 2019/01/24 4:29 a.m.•42 views

CVE-2018-17704

8.8CVSS7.8AI score0.00566EPSS

CVE•added 2018/10/08 4:29 p.m.•42 views

CVE-2018-3996

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user t...

8.8CVSS8.3AI score0.00268EPSS

CVE•added 2018/05/17 3:29 p.m.•42 views

CVE-2018-9936

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

8.8CVSS8.8AI score0.00235EPSS

CVE•added 2020/06/04 5:15 p.m.•42 views

CVE-2019-20824

An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file.

7.5CVSS7.4AI score0.00018EPSS

CVE•added 2019/01/03 11:29 p.m.•42 views

CVE-2019-5006

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing.

5.5CVSS6AI score0.0008EPSS

CVE•added 2019/03/21 4:1 p.m.•42 views

CVE-2019-6732

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handl...

6.5CVSS6.2AI score0.00894EPSS

CVE•added 2019/06/03 7:29 p.m.•42 views

CVE-2019-6753

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.3.0.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

5.5CVSS5.6AI score0.01493EPSS

CVE•added 2020/09/04 4:15 a.m.•42 views

CVE-2020-12248

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled.

8.8CVSS9AI score0.00527EPSS

CVE•added 2020/10/02 8:15 a.m.•42 views

CVE-2020-26536

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is a NULL pointer dereference via a crafted PDF document.

5.5CVSS5.4AI score0.00035EPSS

CVE•added 2021/03/30 3:15 p.m.•42 views

CVE-2021-27262

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

4.3CVSS3.8AI score0.03774EPSS

CVE•added 2021/03/30 3:15 p.m.•42 views

CVE-2021-27265

4.3CVSS3.8AI score0.03774EPSS

CVE•added 2016/04/22 3:59 p.m.•41 views

CVE-2016-4064

Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call.

7.8CVSS7.8AI score0.01264EPSS

CVE•added 2018/05/17 3:29 p.m.•41 views

CVE-2018-10480

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

6.5CVSS6.5AI score0.00412EPSS

CVE•added 2018/07/31 8:29 p.m.•41 views

CVE-2018-11617

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/07/31 8:29 p.m.•41 views

CVE-2018-14259

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•41 views

CVE-2018-14266

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•41 views

CVE-2018-14288

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•41 views

CVE-2018-14294

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the proces...

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/07/31 8:29 p.m.•41 views

CVE-2018-14296

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/07/31 8:29 p.m.•41 views

CVE-2018-14297

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/07/31 8:29 p.m.•41 views

CVE-2018-14298

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/07/31 8:29 p.m.•41 views

CVE-2018-14313

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/10/08 4:29 p.m.•41 views

CVE-2018-16291

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can t...

7.8CVSS7.8AI score0.00546EPSS

CVE•added 2018/09/28 9:29 a.m.•41 views

CVE-2018-17608

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects.

9.8CVSS9.3AI score0.00398EPSS

CVE•added 2019/01/24 4:29 a.m.•41 views

CVE-2018-17625

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

8.8CVSS7.8AI score0.01253EPSS

CVE•added 2019/01/24 4:29 a.m.•41 views

CVE-2018-17680

8.8CVSS7.8AI score0.00566EPSS

CVE•added 2020/06/04 5:15 p.m.•41 views

CVE-2018-21238

An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.

7.5CVSS7.5AI score0.00018EPSS

CVE•added 2020/06/04 5:15 p.m.•41 views

CVE-2018-21243

An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used.

6.5CVSS6.4AI score0.00038EPSS

CVE•added 2018/10/03 3:29 p.m.•41 views

CVE-2018-3995

8.8CVSS8.3AI score0.003EPSS

CVE•added 2018/05/24 9:29 p.m.•41 views

CVE-2018-5674

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...

8.8CVSS8.8AI score0.01864EPSS

CVE•added 2018/05/24 9:29 p.m.•41 views

CVE-2018-5677

8.8CVSS8.6AI score0.01776EPSS

CVE•added 2018/05/24 9:29 p.m.•41 views

CVE-2018-5679

8.8CVSS8.6AI score0.01776EPSS

CVE•added 2018/05/17 3:29 p.m.•41 views

CVE-2018-9937

8.8CVSS8.8AI score0.00235EPSS

CVE•added 2018/05/17 3:29 p.m.•41 views

CVE-2018-9951

8.8CVSS8.8AI score0.00795EPSS

CVE•added 2018/05/17 3:29 p.m.•41 views

CVE-2018-9970

8.8CVSS8.8AI score0.00557EPSS

CVE•added 2021/03/30 3:15 p.m.•41 views

CVE-2021-27267

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS7.8AI score0.03065EPSS

CVE•added 2021/03/30 3:15 p.m.•41 views

CVE-2021-27268

7.8CVSS7.8AI score0.03065EPSS

CVE•added 2018/02/07 5:29 p.m.•40 views

CVE-2016-6168

Use-after-free vulnerability in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a crafted PDF file.

7.8CVSS7.7AI score0.00347EPSS

CVE•added 2017/05/03 5:59 a.m.•40 views

CVE-2017-8455

Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document.

7.8CVSS8.4AI score0.00512EPSS

CVE•added 2018/05/17 3:29 p.m.•40 views

CVE-2018-10488

8.8CVSS8.8AI score0.00474EPSS

CVE•added 2018/05/17 3:29 p.m.•40 views

CVE-2018-10491

8.8CVSS8.8AI score0.00474EPSS

CVE•added 2018/07/31 8:29 p.m.•40 views

CVE-2018-11620

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Co...

6.5CVSS6.8AI score0.00201EPSS

Total number of security vulnerabilities538