Vulnerabilities > Foxitsoftware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-07 | CVE-2018-20310 | Race Condition vulnerability in Foxitsoftware Phantompdf Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | 6.8 |
| 2021-01-07 | CVE-2018-20309 | Race Condition vulnerability in Foxitsoftware Phantompdf Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | 6.8 |
| 2021-01-07 | CVE-2018-19418 | Command Injection vulnerability in Foxitsoftware PDF Activex 5.5.0 Foxit PDF ActiveX before 5.5.1 allows remote code execution via command injection because of the lack of a security permission control. | 9.3 |
| 2020-12-31 | CVE-2020-35931 | Improper Check for Unusual or Exceptional Conditions vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader before 10.1.1 (and before 4.1.1 on macOS) and PhantomPDF before 9.7.5 and 10.x before 10.1.1 (and before 4.1.1 on macOS). | 6.8 |
| 2020-12-22 | CVE-2020-13547 | Type Confusion vulnerability in Foxitsoftware Foxit Reader 10.0.0.37527 A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. | 6.8 |
| 2020-12-22 | CVE-2020-13570 | Use After Free vulnerability in Foxitsoftware Foxit Reader 10.1.0.37527 A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. | 6.8 |
| 2020-12-22 | CVE-2020-13560 | Use After Free vulnerability in Foxitsoftware Foxit Reader 10.1.0.37527 A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. | 6.8 |
| 2020-12-22 | CVE-2020-13557 | Use After Free vulnerability in Foxitsoftware Foxit Reader 10.1.0.37527 A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. | 6.8 |
| 2020-12-15 | CVE-2020-28203 | NULL Pointer Dereference vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier. | 4.3 |
| 2020-11-02 | CVE-2020-14425 | Unspecified vulnerability in Foxitsoftware Foxit Reader 9.7.1.29511/9.7.2.29539 Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. network foxitsoftware | 6.8 |