Total
549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-21240 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. | |||||
| CVE-2018-21239 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action. | |||||
| CVE-2019-20826 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It has a NULL pointer dereference. | |||||
| CVE-2019-20827 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space. | |||||
| CVE-2019-20823 | 1 Foxitsoftware | 1 Phantompdf | 2020-06-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs. | |||||
| CVE-2018-21244 | 1 Foxitsoftware | 1 Phantompdf | 2020-06-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029. | |||||
| CVE-2020-13810 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows signature validation bypass via a modified file or a file with non-standard signatures. | |||||
| CVE-2019-20821 | 1 Foxitsoftware | 1 Phantompdf | 2020-06-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF Mac before 3.4. It has a NULL pointer dereference. | |||||
| CVE-2020-13803 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF Mac and Foxit Reader for Mac before 4.0. It allows signature validation bypass via a modified file or a file with non-standard signatures. | |||||
| CVE-2019-20829 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file. | |||||
| CVE-2019-20830 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-05 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write when Internet Explorer is used. | |||||
| CVE-2019-20828 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs. | |||||
| CVE-2019-20837 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It allows signature validation bypass via a modified file or a file with non-standard signatures. | |||||
| CVE-2019-20835 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-05 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has homograph mishandling. | |||||
| CVE-2019-20836 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive. | |||||
| CVE-2019-20817 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference. | |||||
| CVE-2019-20813 | 1 Foxitsoftware | 1 Phantompdf | 2020-06-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference. | |||||
| CVE-2020-13809 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via long strings in the content stream. | |||||
| CVE-2020-13807 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has circular reference mishandling that causes a loop. | |||||
| CVE-2020-13805 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-04 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures. | |||||