Vulnerabilities > Foxitsoftware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-13 | CVE-2020-17414 | Unspecified vulnerability in Foxitsoftware Foxit Reader This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader 10.0.0.35798. | 7.8 |
| 2020-10-13 | CVE-2020-17413 | Out-of-bounds Write vulnerability in Foxitsoftware 3D This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. | 7.8 |
| 2020-10-13 | CVE-2020-17412 | Unspecified vulnerability in Foxitsoftware 3D This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. | 7.8 |
| 2020-10-13 | CVE-2020-17410 | Unspecified vulnerability in Foxitsoftware Foxit Reader This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. | 7.8 |
| 2020-10-02 | CVE-2020-26540 | Improper Verification of Cryptographic Signature vulnerability in Foxitsoftware Foxit Reader and Phantompdf An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. | 7.5 |
| 2020-10-02 | CVE-2020-26538 | Uncontrolled Search Path Element vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 7.8 |
| 2020-09-04 | CVE-2020-12248 | Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled. | 8.8 |
| 2020-09-04 | CVE-2020-12247 | Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. | 7.1 |
| 2020-09-04 | CVE-2020-11493 | Insufficient Verification of Data Authenticity vulnerability in Foxitsoftware Phantompdf In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject. | 8.1 |
| 2020-08-25 | CVE-2020-17404 | Unspecified vulnerability in Foxitsoftware Foxit Studio Photo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. | 7.8 |