Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader versions prior to 2025.2.1, prior to 14.0.1, and prior to 13.2.1, which stems from a post-release reuse in the handling of annotations and could lead to the execution of arbitrary...

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are both products of Foxit, a Chinese company.Foxit PDF Reader is a PDF reader.Foxit PDF Editor is a PDF editor. A security vulnerability exists in Foxit PDF Reader and Foxit PDF Editor. The vulnerability stems from an improperly assigned file system privileg...

PT-2025-52427

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader affected versions not specified Description A flaw exists in the PDF parsing of Foxit PDF Reader related to JBIG2 data processing. Specifically, an integer overflow during the calculation of the image buffer size can lead to a...

PT-2025-52425

A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruptio...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader, which originates from insufficient boundary checking in 3D annotation processing, which may result in memory corruption...

Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

KLA90828 Multiple vulnerabilities in Foxit Reader

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. Use after free vulnerability can be exploited to cause denial of service or...

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit Reader Text Widget Format Use-After-Free Vulnerability

Talos Vulnerability Report TALOS-2025-2278 Foxit Reader Text Widget Format Use-After-Free Vulnerability December 19, 2025 CVE Number CVE-2025-59488 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader handles a Text Widget field object. A specially crafted JavaScript code inside ...

PT-2025-52400

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader/Editor affected versions not specified Description A flaw exists in the Foxit PDF Reader/Editor Update Service related to file system permissions during plugin installation. Incorrect permissions assigned to resources used by...

PT-2025-52423

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader versions prior to 2025.2.1 Foxit PDF Reader versions prior to 14.0.1 Foxit PDF Reader version 13.2.1 Description A use-after-free issue exists in the way Foxit PDF Reader handles annotations. Opening a PDF file with specific...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Reader that originates from a heap buffer overflow when processing specially crafted JBIG2 data, which could lead to the execution of arbitrary code...

Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PD...

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

kernel: ethtool: check device is present when getting link settings

A flaw was found in ethtool in the Linux kernel, where sysfs reader getting link settings can attempt to read the device state on a device that is not present, leading to a crash...

kernel: ethtool: check device is present when getting link settings

A flaw was found in ethtool in the Linux kernel, where sysfs reader getting link settings can attempt to read the device state on a device that is not present, leading to a crash...

SUSE CVE-2025-68186

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not warn in ringbuffermapgetreader when reader catches up The function ringbuffermapgetreader is a bit more strict than the other get reader functions, and except for certain situations the rbgetreaderpage should...

EUVD-2025-203710

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not warn in ringbuffermapgetreader when reader catches up The function ringbuffermapgetreader is a bit more strict than the other get reader functions, and except for certain situations the rbgetreaderpage should...