Phantompdf Security Vulnerabilities and Issues — Phantompdf CVE List

Lucene search

FoxitsoftwarePhantompdf

151 matches found

CVE•added 2021/06/16 11:15 p.m.•197 views

CVE-2021-31476

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS8AI score0.00376EPSS

CVE•added 2019/10/04 6:15 p.m.•172 views

CVE-2019-13320

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the process...

7.8CVSS7.8AI score0.00606EPSS

CVE•added 2019/10/04 6:15 p.m.•165 views

CVE-2019-13319

7.8CVSS7.8AI score0.00606EPSS

CVE•added 2019/10/04 6:15 p.m.•159 views

CVE-2019-13316

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the hand...

7.8CVSS7.8AI score0.0086EPSS

CVE•added 2019/10/04 6:15 p.m.•159 views

CVE-2019-13317

7.8CVSS7.8AI score0.0086EPSS

CVE•added 2020/02/08 12:15 a.m.•156 views

CVE-2019-17136

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the con...

7.8CVSS7.8AI score0.01326EPSS

CVE•added 2019/10/04 6:15 p.m.•156 views

CVE-2019-6776

7.8CVSS7.6AI score0.00606EPSS

CVE•added 2020/02/08 12:15 a.m.•155 views

CVE-2019-17135

7.8CVSS7.9AI score0.00823EPSS

CVE•added 2019/10/04 6:15 p.m.•154 views

CVE-2019-6775

7.8CVSS7.8AI score0.00942EPSS

CVE•added 2019/10/04 6:15 p.m.•153 views

CVE-2019-6774

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deleteI...

7.8CVSS7.8AI score0.00942EPSS

CVE•added 2019/10/04 6:15 p.m.•152 views

CVE-2019-13315

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeFi...

7.8CVSS7.8AI score0.0086EPSS

CVE•added 2020/02/08 12:15 a.m.•149 views

CVE-2019-13333

7.8CVSS7.8AI score0.01326EPSS

CVE•added 2019/07/21 7:15 p.m.•148 views

CVE-2019-14213

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction.

7.5CVSS7.3AI score0.0006EPSS

CVE•added 2020/02/08 12:15 a.m.•144 views

CVE-2019-13334

7.8CVSS7.8AI score0.01326EPSS

CVE•added 2019/07/21 7:15 p.m.•134 views

CVE-2019-14207

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error).

7.5CVSS7.3AI score0.00049EPSS

CVE•added 2019/07/21 7:15 p.m.•133 views

CVE-2019-14208

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary.

7.5CVSS7.8AI score0.00035EPSS

CVE•added 2019/07/21 7:15 p.m.•133 views

CVE-2019-14215

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer.

7.5CVSS7.3AI score0.00028EPSS

CVE•added 2019/07/21 7:15 p.m.•132 views

CVE-2019-14211

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript.

7.5CVSS7.3AI score0.00021EPSS

CVE•added 2019/07/21 7:15 p.m.•130 views

CVE-2019-14210

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object.

7.5CVSS7.8AI score0.00028EPSS

CVE•added 2019/07/21 7:15 p.m.•130 views

CVE-2019-14212

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object.

7.5CVSS7.3AI score0.00047EPSS

CVE•added 2019/07/21 7:15 p.m.•130 views

CVE-2019-14214

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function.

7.5CVSS7.8AI score0.00028EPSS

CVE•added 2021/05/07 9:15 p.m.•127 views

CVE-2021-31461

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the the ha...

7.8CVSS8.4AI score0.00261EPSS

CVE•added 2020/02/14 6:15 p.m.•120 views

CVE-2020-8847

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the process...

7.8CVSS7.8AI score0.02412EPSS

CVE•added 2020/02/14 6:15 p.m.•112 views

CVE-2020-8857

7.8CVSS7.8AI score0.01231EPSS

CVE•added 2020/02/14 6:15 p.m.•110 views

CVE-2020-8845

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the hand...

7.8CVSS7.8AI score0.1639EPSS

CVE•added 2020/02/14 6:15 p.m.•110 views

CVE-2020-8849

7.8CVSS7.8AI score0.02412EPSS

CVE•added 2020/02/14 6:15 p.m.•102 views

CVE-2020-8853

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the con...

7.8CVSS7.8AI score0.02412EPSS

CVE•added 2020/02/14 6:15 p.m.•101 views

CVE-2020-8850

7.8CVSS7.8AI score0.02412EPSS

CVE•added 2020/02/14 6:15 p.m.•101 views

CVE-2020-8851

7.8CVSS7.8AI score0.02412EPSS

CVE•added 2020/02/14 6:15 p.m.•101 views

CVE-2020-8856

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25608. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the hand...

7.8CVSS7.8AI score0.1639EPSS

CVE•added 2020/02/14 6:15 p.m.•98 views

CVE-2020-8844

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS7.9AI score0.19285EPSS

CVE•added 2020/02/14 6:15 p.m.•91 views

CVE-2020-8848

7.8CVSS7.8AI score0.02412EPSS

CVE•added 2020/02/14 6:15 p.m.•89 views

CVE-2020-8855

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.2947. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fxht...

7.8CVSS7.8AI score0.01933EPSS

CVE•added 2020/02/14 6:15 p.m.•87 views

CVE-2020-8854

7.8CVSS7.8AI score0.02412EPSS

CVE•added 2020/02/14 6:15 p.m.•85 views

CVE-2020-8846

7.8CVSS7.8AI score0.1639EPSS

CVE•added 2020/12/31 9:15 p.m.•84 views

CVE-2020-35931

An issue was discovered in Foxit Reader before 10.1.1 (and before 4.1.1 on macOS) and PhantomPDF before 9.7.5 and 10.x before 10.1.1 (and before 4.1.1 on macOS). An attacker can spoof a certified PDF document via an Evil Annotation Attack because the products fail to consider a null value for a Sub...

7.8CVSS7.6AI score0.00087EPSS

CVE•added 2021/05/21 3:15 p.m.•80 views

CVE-2021-31473

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the browse...

7.8CVSS8.4AI score0.01606EPSS

CVE•added 2020/04/22 9:15 p.m.•75 views

CVE-2020-10902

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.8AI score0.0284EPSS

CVE•added 2021/07/09 6:15 p.m.•73 views

CVE-2021-33792

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write via a crafted /Size key in the Trailer dictionary.

7.8CVSS7.5AI score0.00035EPSS

CVE•added 2020/04/22 9:15 p.m.•71 views

CVE-2020-10907

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

7.8CVSS7.8AI score0.03065EPSS

CVE•added 2020/04/22 9:15 p.m.•68 views

CVE-2020-10893

7.8CVSS7.8AI score0.0284EPSS

CVE•added 2019/06/03 7:29 p.m.•67 views

CVE-2019-6764

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the proce...

7.8CVSS7.8AI score0.00758EPSS

CVE•added 2020/08/20 1:17 a.m.•67 views

CVE-2020-15638

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.2.29539. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Nod...

7.8CVSS7.9AI score0.00889EPSS

CVE•added 2020/04/22 9:15 p.m.•65 views

CVE-2020-10909

7.8CVSS7.9AI score0.00374EPSS

CVE•added 2020/04/22 9:15 p.m.•63 views

CVE-2020-10900

7.8CVSS7.8AI score0.03065EPSS

CVE•added 2020/04/22 9:15 p.m.•63 views

CVE-2020-10904

7.8CVSS7.8AI score0.0284EPSS

CVE•added 2020/04/22 9:15 p.m.•63 views

CVE-2020-10906

7.8CVSS7.8AI score0.03065EPSS

CVE•added 2020/04/22 9:15 p.m.•63 views

CVE-2020-10908

7.8CVSS7.9AI score0.00374EPSS

CVE•added 2020/10/13 5:15 p.m.•63 views

CVE-2020-17410

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the pa...

7.8CVSS7.8AI score0.01963EPSS

CVE•added 2020/04/22 9:15 p.m.•62 views

CVE-2020-10891

7.8CVSS7.9AI score0.00374EPSS

Total number of security vulnerabilities151