CVE-2019-13318

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2021-33795

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled.

CVE-2019-6773

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

CVE-2018-18688

The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annot...

CVE-2019-6772

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 2019.010.20098. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

CVE-2016-8875

The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in...

CVE-2019-6756

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF 9.4.0.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

CVE-2019-6766

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

CVE-2019-6758

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Con...

CVE-2020-28203

An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier. There is a null pointer access/dereference while opening a crafted PDF file, leading the application to crash (denial of service).

CVE-2019-6770

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

CVE-2018-21239

An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action.

CVE-2018-21237

An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.

CVE-2019-6752

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2016-4062

Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF.

CVE-2015-3633

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures.

CVE-2019-5006

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing.

CVE-2019-6753

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.3.0.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

CVE-2020-26536

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is a NULL pointer dereference via a crafted PDF document.

CVE-2019-5005

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. They allowed Denial of Service (application crash) via image data, because two bytes are written to the end of the allocated memory without judging whether this will cause corruption.

CVE-2019-6771

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 2019.010.20098. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...