Lucene search
K

186 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-46350

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.01553EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.10 views

CVE-2023-28744

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specially crafted PDF document can trigger the reuse of previously freed memory by manipulating form fields of a specific type. This can lead to memory corruption and arbitrary...

8.8CVSS7.4AI score0.00898EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:30 p.m.5 views

CVE-2021-21831

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

8.8CVSS7.2AI score0.04546EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.10 views

CVE-2021-21822

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

8.8CVSS7.4AI score0.01765EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 a.m.7 views

CVE-2018-17607

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service use-after-free because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects...

9.8CVSS8.2AI score0.03176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:54 p.m.10 views

CVE-2022-22150

A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger an exception which is improperly handled, leaving the engine in an invalid state, which can lead to memory corruption and arbitrary...

8.8CVSS7.3AI score0.01795EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:46 p.m.7 views

CVE-2020-13557

A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

8.8CVSS7.2AI score0.71145EPSS
Exploits1
Cvelist
Cvelist
added 2024/09/26 12:0 a.m.18 views

CVE-2024-41605

In Foxit PDF Reader before 2024.3, and PDF Editor before 2024.3 and 13.x before 13.1.4, an attacker can replace an update file with a Trojan horse via side loading, because the update service lacks integrity validation for the updater. Attacker-controlled code may thus be executed...

0.00164EPSS
Exploits0References1
CVE
CVE
added 2024/09/26 12:0 a.m.59 views

CVE-2024-41605

CVE-2024-41605 affects Foxit PDF Reader before 2024.3 and Foxit PDF Editor before 2024.3, and 13.x before 13.1.4. The issue is that the updater lacks integrity validation, allowing an attacker to replace an update file with a Trojan horse and execute attacker-controlled code via side loading. Thi...

8.4CVSS8.4AI score0.00164EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/26 12:0 a.m.10 views

CVE-2024-41605

In Foxit PDF Reader before 2024.3, and PDF Editor before 2024.3 and 13.x before 13.1.4, an attacker can replace an update file with a Trojan horse via side loading, because the update service lacks integrity validation for the updater. Attacker-controlled code may thus be executed...

8.4AI score0.00164EPSS
Exploits0References1
CVE
CVE
added 2023/08/11 12:0 a.m.46 views

CVE-2020-35990

Foxit PDF Reader (version 10.1.0.37527) contains a buffer overflow in the cFilenameInit parameter of the browseForDoc function that can be exploited locally by processing a crafted PDF to trigger a DoS. Root cause is a boundary/overflow in untrusted input handling. The CVE-2020-35990 entry shows ...

5.5CVSS5.3AI score0.00206EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/07/19 2:15 p.m.24 views

CVE-2023-33866

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...

8.8CVSS8.8AI score0.00898EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/07/19 1:16 p.m.26 views

CVE-2023-28744

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specially crafted PDF document can trigger the reuse of previously freed memory by manipulating form fields of a specific type. This can lead to memory corruption and arbitrary...

8.8CVSS9.1AI score0.00898EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/19 1:16 p.m.28 views

CVE-2023-27379

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...

8.8CVSS9AI score0.01026EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/19 1:16 p.m.21 views

CVE-2023-27379

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...

8.8CVSS7.3AI score0.01026EPSS
Exploits1References1
CVE
CVE
added 2023/07/19 1:16 p.m.80 views

CVE-2023-27379

CVE-2023-27379 affects Foxit PDF Reader, version 12.1.2.15332, with a use-after-free in the JavaScript engine caused by prematurely deleting objects on pages. This can allow arbitrary code execution when a user opens a crafted PDF or visits a crafted site with the browser plugin enabled. OpenVAS/...

8.8CVSS8.7AI score0.01026EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/07/19 1:16 p.m.34 views

CVE-2023-33866

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...

8.8CVSS9AI score0.00898EPSS
Exploits1References1
CVE
CVE
added 2023/07/19 1:16 p.m.68 views

CVE-2023-33866

CVE-2023-33866 corresponds to a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine (affected version 12.1.2.15332). A crafted PDF can prematurely delete objects tied to pages, permitting reuse of freed memory and arbitrary code execution. Exploitation requires user action (openi...

8.8CVSS8.7AI score0.00898EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2022/11/21 4:15 p.m.17 views

CVE-2022-38097

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. By prematurely destroying annotation objects, a specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An...

8.8CVSS0.00801EPSS
Exploits0References1
Prion
Prion
added 2022/11/21 4:15 p.m.20 views

Design/Logic Flaw

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. By prematurely deleting objects associated with pages, a specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...

4.4CVSS7.9AI score0.0098EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder