PhantomPDF Mac
CVEs (226)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-5006 | Med | 0.36 | 5.5 | 0.01 | Jan 3, 2019 | An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing. | ||
| CVE-2019-5005 | Med | 0.36 | 5.5 | 0.01 | Jan 3, 2019 | An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. They allowed Denial of Service (application crash) via image data, because two bytes are written to the end of the allocated memory without judging whether this will cause corruption. | ||
| CVE-2016-4062 | Med | 0.36 | 5.5 | 0.01 | Apr 22, 2016 | Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF. | ||
| CVE-2018-18689 | Med | 0.35 | 5.3 | 0.04 | Jan 7, 2021 | The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations… | ||
| CVE-2018-21239 | Med | 0.35 | 5.3 | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action. | ||
| CVE-2018-21237 | Med | 0.35 | 5.3 | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action. | ||
| CVE-2016-8875 | Med | 0.35 | 5.3 | 0.01 | Oct 31, 2016 | The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one… | ||
| CVE-2017-6883 | Med | 0.31 | 4.7 | 0.03 | Mar 14, 2017 | The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to… | ||
| CVE-2019-20835 | Med | 0.28 | 4.3 | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has homograph mishandling. | ||
| CVE-2019-20832 | Med | 0.28 | 4.3 | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF before 8.3.10. It has homograph mishandling. | ||
| CVE-2019-17143 | Med | 0.28 | 4.3 | 0.04 | Oct 25, 2019 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | ||
| CVE-2021-27266 | Low | 0.22 | 3.3 | 0.02 | Mar 30, 2021 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | ||
| CVE-2021-27265 | Low | 0.22 | 3.3 | 0.02 | Mar 30, 2021 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | ||
| CVE-2021-27264 | Low | 0.22 | 3.3 | 0.02 | Mar 30, 2021 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | ||
| CVE-2021-27263 | Low | 0.22 | 3.3 | 0.03 | Mar 30, 2021 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | ||
| CVE-2021-27262 | Low | 0.22 | 3.3 | 0.02 | Mar 30, 2021 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | ||
| CVE-2020-17411 | Low | 0.22 | 3.3 | 0.03 | Oct 13, 2020 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | ||
| CVE-2020-15637 | Low | 0.22 | 3.3 | 0.04 | Aug 20, 2020 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | ||
| CVE-2020-10905 | Low | 0.22 | 3.3 | 0.03 | Apr 22, 2020 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | ||
| CVE-2020-10903 | Low | 0.22 | 3.3 | 0.03 | Apr 22, 2020 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… |
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. They allowed Denial of Service (application crash) via image data, because two bytes are written to the end of the allocated memory without judging whether this will cause corruption.
- risk 0.36cvss 5.5epss 0.01
Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF.
- risk 0.35cvss 5.3epss 0.04
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations…
- risk 0.35cvss 5.3epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action.
- risk 0.35cvss 5.3epss 0.01
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.
- risk 0.35cvss 5.3epss 0.01
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one…
- risk 0.31cvss 4.7epss 0.03
The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to…
- risk 0.28cvss 4.3epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has homograph mishandling.
- risk 0.28cvss 4.3epss 0.01
An issue was discovered in Foxit PhantomPDF before 8.3.10. It has homograph mishandling.
- risk 0.28cvss 4.3epss 0.04
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- risk 0.22cvss 3.3epss 0.02
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- risk 0.22cvss 3.3epss 0.02
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- risk 0.22cvss 3.3epss 0.02
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- risk 0.22cvss 3.3epss 0.03
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- risk 0.22cvss 3.3epss 0.02
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- risk 0.22cvss 3.3epss 0.03
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- risk 0.22cvss 3.3epss 0.04
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- risk 0.22cvss 3.3epss 0.03
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- risk 0.22cvss 3.3epss 0.03
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
Page 11 of 12