Lucene search
K

95 matches found

NVD
NVD
added yesterday5 views

CVE-2026-57252

When the application opens a PDF file, during the process of JavaScript deleting pages and removing attachment annotations, it will cause the attachment panel to continue accessing invalid pointers, eventually leading to the application crashing...

7.8CVSS0.00116EPSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-57247

The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing...

7.8CVSS0.00116EPSS
Exploits0References1
NVD
NVD
added yesterday8 views

CVE-2026-13126

The embedded JavaScript in the PDF deleted the pages, making the object invalid. The application attempted to perform a write operation on the invalid pop-up annotations, resulting in the program crashing...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added yesterday13 views

CVE-2026-13126

CVE-2026-13126 affects Foxit PDF Editor/Reader due to a use-after-free in the handling of PDF annotations (embedded JavaScript). The issue can lead to a crash when the application attempts to write to an invalid popup annotation object, as described in the CVE description. CVSS 3.1 metrics indica...

7.8CVSS6AI score0.00116EPSS
Exploits0References1
EUVD
EUVD
added yesterday7 views

EUVD-2026-42185

Embedding JavaScript within a PDF file will cause the page to be deleted. Subsequent scripts will continue to access the relevant properties of the document view, eventually leading to the crash of the application...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday8 views

CVE-2026-13128

Embedding JavaScript within a PDF file will cause the page to be deleted. Subsequent scripts will continue to access the relevant properties of the document view, eventually leading to the crash of the application...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References2Affected Software2
CVE
CVE
added yesterday10 views

CVE-2026-13128

CVE-2026-13128 affects Foxit PDF Editor/Reader with a use-after-free in the Doc Object when embedding JavaScript in a PDF, leading to application crash and potential remote code execution. The vulnerability impacts the document view’s properties after the page is deleted, enabling continued acces...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1
EUVD
EUVD
added yesterday7 views

EUVD-2026-42200

When the application opens a PDF file, during the process of JavaScript deleting pages and removing attachment annotations, it will cause the attachment panel to continue accessing invalid pointers, eventually leading to the application crashing...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-57252

When the application opens a PDF file, during the process of JavaScript deleting pages and removing attachment annotations, it will cause the attachment panel to continue accessing invalid pointers, eventually leading to the application crashing...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added yesterday12 views

CVE-2026-57252 Foxit PDF Editor/Reader AcroForm Use-After-Free Remote Code Execution Vulnerability

When the application opens a PDF file, during the process of JavaScript deleting pages and removing attachment annotations, it will cause the attachment panel to continue accessing invalid pointers, eventually leading to the application crashing...

7.8CVSS0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-57247

The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References2Affected Software2
CVE
CVE
added yesterday6 views

CVE-2026-57247

Foxit PDF Editor/Reader is affected by CVE-2026-57247 where field processing re-enters the document structure and deletes the current page, then continues using the field objects that were obtained before deletion, causing an illegal read and a crash. The entry lists a CVSSv3.1 base score of 7.8 ...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday12 views

CVE-2026-57247 Foxit PDF Editor/Reader Field Use-After-Free Vulnerability

The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 2026/05/11 2:40 p.m.21 views

CVE-2026-44199

Summary (CVE-2026-44199) Wagtail (Django-based CMS) before versions 7.0.7, 7.3.2, and 7.4 contains a permission bug in form submissions. A CMS user with limited access to form pages can delete submissions on pages they should not access by crafting a delete submission request for pages they can a...

6.5CVSS5.8AI score0.00174EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

Wagtail 安全漏洞

Wagtail is an open-source content management system CMS developed by Wagtail. Versions of Wagtail prior to 7.0.7, 7.3.2, and 7.4 contained security vulnerabilities. These vulnerabilities stemmed from the ability for CMS users to submit content by constructing forms that allowed them to delete for...

6.5CVSS5.8AI score0.00174EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:7 a.m.8 views

CVE-2019-20209

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference IDOR via wp-admin/admin-ajax.php to delete any page/post/listing...

7.5CVSS6.9AI score0.0317EPSS
Exploits4References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.7 views

WordPress Visual Website Collaboration, Feedback & Project Management - Atarim plugin <= 4.0.9 - Missing Authorization to Authenticated (Subscriber+) Project Page/File Deletion vulnerability

WordPress Visual Website Collaboration, Feedback & Project Management - Atarim plugin = 4.0.9 - Missing Authorization to Authenticated Subscriber+ Project Page/File Deletion vulnerability discovered by WordFence in WordPress Plugin Atarim versions = 4.0.9...

7.5CVSS5.5AI score0.0034EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/12/11 6:30 p.m.6 views

EUVD-2025-202708

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing...

7.8CVSS7.7AI score0.00169EPSS
Exploits0References2
NVD
NVD
added 2025/12/11 4:16 p.m.18 views

CVE-2025-55314

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing...

7.8CVSS0.00169EPSS
Exploits0References1
OSV
OSV
added 2025/12/11 4:16 p.m.3 views

CVE-2025-55312

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereferen...

7.8CVSS6.1AI score
Exploits0References1
Rows per page
Query Builder