Vulnerabilities > Foxitsoftware > Phantompdf > 5.0.3.0811
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-13 | CVE-2020-17410 | Use After Free vulnerability in Foxitsoftware Foxit Reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. | 6.8 |
| 2020-10-02 | CVE-2020-26539 | Use After Free vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 7.5 |
| 2020-10-02 | CVE-2020-26538 | Unspecified vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. local foxitsoftware | 4.4 |
| 2020-10-02 | CVE-2020-26537 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 7.5 |
| 2020-10-02 | CVE-2020-26536 | NULL Pointer Dereference vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 4.3 |
| 2020-10-02 | CVE-2020-26535 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 7.5 |
| 2020-10-02 | CVE-2020-26534 | Use After Free vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 7.5 |
| 2020-09-04 | CVE-2020-12248 | Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled. | 6.8 |
| 2020-09-04 | CVE-2020-12247 | Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. | 5.8 |
| 2020-09-04 | CVE-2020-11493 | Insufficient Verification of Data Authenticity vulnerability in Foxitsoftware Phantompdf In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject. | 5.8 |