Foxit Reader for Mac
CVEs (178)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-20819 | 0.00 | — | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows stack consumption via nested function calls for XML parsing. | |||
| CVE-2019-20817 | 0.00 | — | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference. | |||
| CVE-2020-13815 | 0.00 | — | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference. | |||
| CVE-2020-13814 | 0.00 | — | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary. | |||
| CVE-2020-13810 | 0.00 | — | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows signature validation bypass via a modified file or a file with non-standard signatures. | |||
| CVE-2020-13808 | 0.00 | — | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data. | |||
| CVE-2020-13809 | 0.00 | — | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via long strings in the content stream. | |||
| CVE-2020-13807 | 0.00 | — | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has circular reference mishandling that causes a loop. | |||
| CVE-2020-13806 | 0.00 | — | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has a use-after-free because of JavaScript execution after a deletion or close operation. | |||
| CVE-2020-13805 | 0.00 | — | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures. | |||
| CVE-2020-13804 | 0.00 | — | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin. | |||
| CVE-2020-13803 | 0.00 | — | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF Mac and Foxit Reader for Mac before 4.0. It allows signature validation bypass via a modified file or a file with non-standard signatures. | |||
| CVE-2020-10906 | 0.00 | — | 0.05 | Apr 22, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2020-10907 | 0.00 | — | 0.05 | Apr 22, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2020-10899 | 0.00 | — | 0.05 | Apr 22, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2020-8857 | 0.00 | — | 0.06 | Feb 13, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2020-8852 | 0.00 | — | 0.04 | Feb 13, 2020 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific… | |||
| CVE-2020-8849 | 0.00 | — | 0.06 | Feb 13, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2020-8850 | 0.00 | — | 0.06 | Feb 13, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2020-8847 | 0.00 | — | 0.06 | Feb 13, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… |
- CVE-2019-20819Jun 4, 2020risk 0.00cvss —epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows stack consumption via nested function calls for XML parsing.
- CVE-2019-20817Jun 4, 2020risk 0.00cvss —epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference.
- CVE-2020-13815Jun 4, 2020risk 0.00cvss —epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference.
- CVE-2020-13814Jun 4, 2020risk 0.00cvss —epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary.
- CVE-2020-13810Jun 4, 2020risk 0.00cvss —epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows signature validation bypass via a modified file or a file with non-standard signatures.
- CVE-2020-13808Jun 4, 2020risk 0.00cvss —epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data.
- CVE-2020-13809Jun 4, 2020risk 0.00cvss —epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via long strings in the content stream.
- CVE-2020-13807Jun 4, 2020risk 0.00cvss —epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has circular reference mishandling that causes a loop.
- CVE-2020-13806Jun 4, 2020risk 0.00cvss —epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has a use-after-free because of JavaScript execution after a deletion or close operation.
- CVE-2020-13805Jun 4, 2020risk 0.00cvss —epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures.
- CVE-2020-13804Jun 4, 2020risk 0.00cvss —epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin.
- CVE-2020-13803Jun 4, 2020risk 0.00cvss —epss 0.01
An issue was discovered in Foxit PhantomPDF Mac and Foxit Reader for Mac before 4.0. It allows signature validation bypass via a modified file or a file with non-standard signatures.
- CVE-2020-10906Apr 22, 2020risk 0.00cvss —epss 0.05
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2020-10907Apr 22, 2020risk 0.00cvss —epss 0.05
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2020-10899Apr 22, 2020risk 0.00cvss —epss 0.05
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2020-8857Feb 13, 2020risk 0.00cvss —epss 0.06
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2020-8852Feb 13, 2020risk 0.00cvss —epss 0.04
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…
- CVE-2020-8849Feb 13, 2020risk 0.00cvss —epss 0.06
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2020-8850Feb 13, 2020risk 0.00cvss —epss 0.06
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2020-8847Feb 13, 2020risk 0.00cvss —epss 0.06
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
Page 5 of 9