Lucene search
K

859 matches found

Cvelist
Cvelist
added 2026/04/01 1:40 a.m.30 views

CVE-2026-3779 Foxit PDF Editor/Reader List Box Calculate Array Use-After-Free Vulnerability

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

7.8CVSS0.00309EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/01 1:40 a.m.20 views

CVE-2026-3777 Use after free of view cache in Foxit PDF Editor/Reader

The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers...

5.5CVSS0.00119EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 1:40 a.m.17 views

CVE-2026-3777

Summary: CVE-2026-3777 affects Foxit PDF Editor/Reader (multiple platforms). The vulnerability is a use-after-free caused by improper validation of lifetime/validity of internal view cache pointers after JavaScript alters document zoom and page state. When a script modifies zoom and triggers a pa...

7.8CVSS6AI score0.00119EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2026/04/01 1:40 a.m.3 views

CVE-2026-3777 Use after free of view cache in Foxit PDF Editor/Reader

The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers...

5.5CVSS6AI score0.00119EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from the lack of verification of the...

5.5CVSS5.8AI score0.00103EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.5 views

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from JavaScript, which fails to...

7.8CVSS6.1AI score0.00119EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.7 views

Foxit PDF Editor < 14.0.3 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 14.0.3. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the...

7.8CVSS6AI score0.00309EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.10 views

Foxit PDF Editor for Mac < 13.2.3 / 14.0.3 / 2026.1 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor for Mac application previously named Foxit PhantomPDF for Mac installed on the remote macOS host is prior to 2026.1/14.0.3/13.2.3. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead...

7.8CVSS6AI score0.00309EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.2 views

Foxit PDF Editor < 13.2.3 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 13.2.3. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the...

7.8CVSS6AI score0.00309EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.2 views

Foxit PDF Editor < 2026.1 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 2026.1. It is, therefore affected by multiple vulnerabilities: - The application's list box calculate array logic keeps stale references to page or form...

7.8CVSS7.6AI score0.00309EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/02/20 10:21 p.m.4 views

CVE-2026-2040 PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of PDF-XChange Editor. An attacker must first obtain the ability to execute low-privileged code on...

7.3CVSS7.5AI score0.00258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 1:20 p.m.5 views

CVE-2026-1592

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...

6.3CVSS5.4AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 1:20 p.m.4 views

CVE-2026-1591

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the file upload feature. A malicious username is embedded into the upload file list without proper escaping, allowing arbitrary JavaScript execution when the list is displayed. This issue affects...

6.3CVSS5.3AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 8:16 a.m.8 views

CVE-2026-1592

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...

6.3CVSS0.00195EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 8:16 a.m.5 views

CVE-2026-1592

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...

5.4CVSS5.9AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 8:16 a.m.9 views

CVE-2026-1591

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the file upload feature. A malicious username is embedded into the upload file list without proper escaping, allowing arbitrary JavaScript execution when the list is displayed. This issue affects...

6.3CVSS0.00195EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 8:16 a.m.6 views

CVE-2026-1591

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the file upload feature. A malicious username is embedded into the upload file list without proper escaping, allowing arbitrary JavaScript execution when the list is displayed. This issue affects...

5.4CVSS5.8AI score0.00195EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 7:59 a.m.21 views

CVE-2026-1592

CVE-2026-1592 affects Foxit PDF Editor Cloud (pdfonline). The vulnerability is a stored cross-site scripting (XSS) in the Create New Layer feature, where unsanitized user input is embedded into HTML output, enabling arbitrary JavaScript execution when the layer is referenced. Documents reference ...

6.3CVSS5.4AI score0.00195EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/03 7:59 a.m.4 views

CVE-2026-1592 Stored XSS via Create New Layer Field found in Foxit PDF Editor Cloud

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...

6.3CVSS5.4AI score0.00195EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 7:59 a.m.5 views

CVE-2026-1592

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...

6.3CVSS5.4AI score0.00195EPSS
Exploits0References2
Rows per page
Query Builder