Skip to main content
CVE-2018-9935 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Phantompdf Foxit Reader
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-1180 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-1178 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-1177 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-1176 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
3.6%
CVE-2018-1173 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10495 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10494 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10491 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10490 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10489 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10488 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10484 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10483 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10477 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10474 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-10473 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-7160 HIGH This Week

The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Node.js Node Js
NVD
CVSS 3.1
8.8
EPSS
9.9%
CVE-2018-11230 HIGH This Week

jbig2_add_page in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Jbig2Enc
NVD GitHub
CVSS 3.0
8.8
EPSS
1.8%
CVE-2018-0279 HIGH This Week

A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to access the shell of the underlying. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Enterprise Nfv Infrastructure Software
NVD
CVSS 3.1
8.8
EPSS
4.6%
CVE-2018-0270 HIGH This Week

A vulnerability in the web-based management interface of Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Cisco Iot Field Network Director
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-0277 HIGH This Week

A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Identity Services Engine
NVD
CVSS 3.0
8.6
EPSS
2.5%
CVE-2018-10728 HIGH PATCH This Week

All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows (a different vulnerability than CVE-2018-10731). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Fl Switch 3005 Firmware Fl Switch 3005T Firmware Fl Switch 3004T Fx Firmware Fl Switch 3004T Fx St Firmware +25
NVD
CVSS 3.0
8.1
EPSS
2.3%
CVE-2018-5827 HIGH PATCH This Week

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Linux Google Mozilla Qualcomm +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-3568 HIGH PATCH This Week

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Linux Google Mozilla Qualcomm +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-3567 HIGH PATCH This Week

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Linux Google Mozilla Qualcomm +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11130 HIGH This Week

The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Vcftools
NVD
CVSS 3.0
7.8
EPSS
22.4%
CVE-2018-11129 HIGH This Week

The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Vcftools
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2018-11128 HIGH This Week

The ObjReader::ReadObj() function in ObjReader.cpp in vincent0629 PDFParser allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly execute arbitrary code via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Denial Of Service Pdfparser
NVD
CVSS 3.0
7.8
EPSS
1.7%
CVE-2018-10027 HIGH This Week

ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Alzip
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-1462 HIGH This Week

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service IBM Storwize V7000 Firmware Storwize V5000 Firmware +6
NVD
CVSS 3.1
7.6
EPSS
1.2%
CVE-2018-1438 HIGH This Week

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Storwize V7000 Firmware Storwize V5000 Firmware Storwize V3700 Firmware +5
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2018-1433 HIGH This Week

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Storwize V7000 Firmware Storwize V5000 Firmware Storwize V3700 Firmware +5
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2018-7158 HIGH This Week

The `'path'` module in the Node.js 4.x release line contains a potential regular expression denial of service (ReDoS) vector. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Node.js Node Js
NVD
CVSS 3.1
7.5
EPSS
3.4%
CVE-2018-0325 HIGH This Week

A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ip Phone 8800 Firmware Ip Phone 7800 Firmware
NVD
CVSS 3.0
7.5
EPSS
3.4%
CVE-2018-0280 HIGH This Week

A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Meeting Server
NVD
CVSS 3.0
7.5
EPSS
3.4%
CVE-2018-0324 MEDIUM This Month

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Network Functions Virtualization Infrastructure
NVD
CVSS 3.1
6.7
EPSS
0.7%
CVE-2018-1464 MEDIUM This Month

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Storwize V7000 Firmware Storwize V5000 Firmware Storwize V3700 Firmware +5
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2018-1463 MEDIUM This Month

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM Storwize V7000 Firmware Storwize V5000 Firmware Storwize V3700 Firmware +5
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2018-1276 MEDIUM This Month

Windows 2012R2 stemcells, versions prior to 1200.17, contain an information exposure vulnerability on vSphere. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows Stemcells
NVD
CVSS 3.0
6.5
EPSS
1.0%
CVE-2018-9984 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2018-9983 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Foxit Reader
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2018-9980 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2018-9979 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2018-9978 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2018-9976 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2018-9973 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.1
6.5
EPSS
2.9%
CVE-2018-9972 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.1
6.5
EPSS
2.9%
CVE-2018-9971 MEDIUM This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.104. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Buffer Overflow Foxit Reader
NVD
CVSS 3.1
6.5
EPSS
2.9%
CVE-2018-9963 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.1
6.5
EPSS
2.5%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy