Lucene search
K

860 matches found

NVD
NVD
added 2025/12/19 7:16 a.m.6 views

CVE-2025-66493

A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced,...

7.8CVSS0.00255EPSS
Exploits0References1
OSV
OSV
added 2025/12/19 7:16 a.m.5 views

CVE-2025-66493

A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced,...

7.8CVSS6AI score0.00255EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/19 7:7 a.m.4 views

EUVD-2025-204467

A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced,...

7.8CVSS7.1AI score0.00255EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.10 views

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are both products of Foxit, a Chinese company.Foxit PDF Reader is a PDF reader.Foxit PDF Editor is a PDF editor. A security vulnerability exists in Foxit PDF Reader and Foxit PDF Editor versions prior to 2025.2.1, prior to 14.0.1, and prior to 13.2.1, which...

7.8CVSS6.6AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.4 views

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor, which stems from a user-supplied SVG file in the Portfolio feature that is not properly cleaned or validated, which could lead to a stored cross-site scripting attack...

6.3CVSS5.8AI score0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.13 views

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor that stems from improperly cleaned input in the predefined text function, which could lead to stored cross-site scripting...

6.3CVSS6.1AI score0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.3 views

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are both products of Foxit, a Chinese company.Foxit PDF Reader is a PDF reader.Foxit PDF Editor is a PDF editor. A security vulnerability exists in Foxit PDF Reader and Foxit PDF Editor. The vulnerability stems from an improperly assigned file system privileg...

8.8CVSS6.3AI score0.00163EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.3 views

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor, which stems from the postMessage handler not validating the source of a message, and could lead to stored cross-site scripting...

6.3CVSS6AI score0.00173EPSS
Exploits0References2
Talos
Talos
added 2025/12/19 12:0 a.m.6 views

Foxit PDF Editor Installation Uncontrolled Search Path Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2275 Foxit PDF Editor Installation Uncontrolled Search Path Privilege Escalation Vulnerability December 19, 2025 CVE Number CVE-2025-57779 SUMMARY A privilege escalation vulnerability exists during the installation of Foxit PDF Editor via the Microsoft Store....

7AI score
Exploits0
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.3 views

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor, which stems from improperly cleaned inputs in the layer import function, which could lead to stored cross-site scripting...

6.3CVSS6.1AI score0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.4 views

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor that stems from the Common Name field in the Digital IDs feature not being properly cleaned or encoded, which could lead to a stored cross-site scripting attack...

6.3CVSS5.8AI score0.0015EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.6 views

PT-2025-52432

A stored cross-site scripting XSS vulnerability exists in the Portfolio feature of the Foxit PDF Editor cloud pdfonline.foxit.com. User-supplied SVG files are not properly sanitized or validated before being inserted into the HTML structure. As a result, embedded HTML or JavaScript within a craft...

6.3CVSS5.7AI score0.0015EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.8 views

Foxit PDF Editor for Mac < 13.2.2 / 14.0.2 / 2025.3 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor for Mac application previously named Foxit PhantomPDF for Mac installed on the remote macOS host is prior to 2025.3/14.0.2/13.2.2. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead...

7.8CVSS6.8AI score0.00255EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.4 views

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor, which stems from the certificate name not being properly cleaned up in the Trusted Certificates feature, which could lead to a stored cross-site scripting attack...

6.3CVSS5.9AI score0.001EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.4 views

CVE-2025-55309

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal focus change...

6.7CVSS7AI score0.00117EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/11 6:30 p.m.8 views

EUVD-2025-202693

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

7.5CVSS6.2AI score0.00276EPSS
Exploits0References2
OSV
OSV
added 2025/12/11 4:16 p.m.2 views

CVE-2025-59802

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

7.5CVSS5.8AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2025/12/11 4:16 p.m.4 views

CVE-2025-55310

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in...

7.3CVSS5.8AI score0.00105EPSS
Exploits0References1
OSV
OSV
added 2025/12/11 4:16 p.m.4 views

CVE-2025-55311

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification b...

6.5CVSS5.8AI score0.00173EPSS
Exploits0References1
OSV
OSV
added 2025/12/11 4:16 p.m.3 views

CVE-2025-55308

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A crafted PDF containing JavaScript that calls closeDoc while internal objects are still in use can cause premature release of these objects. This use-after-free vulnerability may lead to memory...

6.7CVSS5.8AI score0.00119EPSS
Exploits0References1
Rows per page
Query Builder