Vulnerabilities > Foxitsoftware > Reader > 9.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-21 | CVE-2021-31473 | Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. | 6.8 |
| 2021-05-07 | CVE-2021-31456 | Use After Free vulnerability in Foxitsoftware Phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. | 6.8 |
| 2021-05-07 | CVE-2021-31457 | Use After Free vulnerability in Foxitsoftware Phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. | 6.8 |
| 2021-05-07 | CVE-2021-31458 | Use After Free vulnerability in Foxitsoftware Phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. | 6.8 |
| 2021-05-07 | CVE-2021-31459 | Use After Free vulnerability in Foxitsoftware Phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. | 6.8 |
| 2021-05-07 | CVE-2021-31460 | Use After Free vulnerability in Foxitsoftware Phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. | 6.8 |
| 2021-05-07 | CVE-2021-31461 | Type Confusion vulnerability in Foxitsoftware Phantompdf This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. | 6.8 |
| 2020-09-04 | CVE-2020-12248 | Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled. | 6.8 |
| 2020-09-04 | CVE-2020-12247 | Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. | 5.8 |
| 2020-09-04 | CVE-2020-11493 | Insufficient Verification of Data Authenticity vulnerability in Foxitsoftware Phantompdf In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject. | 5.8 |