This page lists publicly disclosed CVE vulnerabilities affecting foxitsoftware reader (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2019-20837 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It allows signature validation bypass via a modified file or a file with non-standard signatures. | [email protected] | 7.5 | 1.00% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20836 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive. | [email protected] | 7.5 | 1.57% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20835 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has homograph mishandling. | [email protected] | 4.3 | 0.97% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20830 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write when Internet Explorer is used. | [email protected] | 9.8 | 1.72% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20829 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file. | [email protected] | 7.5 | 1.54% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20828 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs. | [email protected] | 7.5 | 1.52% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20827 | An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space. | [email protected] | 9.8 | 1.72% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20826 | An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It has a NULL pointer dereference. | [email protected] | 7.5 | 1.54% | 2020-06-04 | 2024-11-21 |
| CVE-2018-21240 | An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. | [email protected] | 7.5 | 1.04% | 2020-06-04 | 2024-11-21 |
| CVE-2018-21239 | An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action. | [email protected] | 5.3 | 0.82% | 2020-06-04 | 2024-11-21 |
| CVE-2018-21236 | An issue was discovered in Foxit Reader before 2.4.4. It has a NULL pointer dereference. | [email protected] | 7.5 | 1.04% | 2020-06-04 | 2024-11-21 |
| CVE-2020-13815 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference. | [email protected] | 7.5 | 1.53% | 2020-06-04 | 2024-11-21 |
| CVE-2020-13814 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary. | [email protected] | 9.8 | 1.72% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20820 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference during the parsing of file data. | [email protected] | 7.5 | 1.54% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20819 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows stack consumption via nested function calls for XML parsing. | [email protected] | 7.5 | 1.53% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20818 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows memory consumption because data is created for each page of an application level. | [email protected] | 7.5 | 1.53% | 2020-06-04 | 2024-11-21 |
| CVE-2019-20817 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference. | [email protected] | 7.5 | 1.54% | 2020-06-04 | 2024-11-21 |
| CVE-2020-13810 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows signature validation bypass via a modified file or a file with non-standard signatures. | [email protected] | 7.5 | 1.05% | 2020-06-04 | 2024-11-21 |
| CVE-2020-13809 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via long strings in the content stream. | [email protected] | 7.5 | 1.53% | 2020-06-04 | 2024-11-21 |
| CVE-2020-13808 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data. | [email protected] | 7.5 | 1.53% | 2020-06-04 | 2024-11-21 |