CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

610 matches found

Cvelist•added 2021/08/05 8:7 p.m.•15 views

CVE-2021-21893

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.0.0.49893. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

8.8CVSS9.1AI score0.01006EPSS

Exploits1References1

CVE•added 2021/08/05 8:7 p.m.•102 views

CVE-2021-21893

CVE-2021-21893 describes a use-after-free vulnerability in Foxit Software’s PDF Reader (and related Foxit PDF Editor/PhantomPDF suites) version 11.0.0.49893 where a crafted PDF can trigger reuse of freed memory, leading to arbitrary code execution. Exploitation requires user interaction (open mal...

8.8CVSS8.7AI score0.01006EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/08/05 8:7 p.m.•15 views

CVE-2021-21831

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

8.8CVSS9.1AI score0.00864EPSS

Exploits1References1

CVE•added 2021/08/05 8:7 p.m.•120 views

CVE-2021-21831

The provided CVE-2021-21831 entry describes a use-after-free vulnerability in Foxit Software’s PDF tooling. Affected component: Foxit PDF Reader (and related Foxit PDF Editor/Reader variants) with JavaScript engine involvement, specifically around version 10.1.3.37598. Root cause: use-after-free ...

8.8CVSS8.7AI score0.00864EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/08/05 8:7 p.m.•23 views

CVE-2021-21870

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

8.8CVSS9.4AI score0.00864EPSS

Exploits1References1

CVE•added 2021/08/05 8:7 p.m.•107 views

CVE-2021-21870

CVE-2021-21870 is a use-after-free vulnerability in Foxit Software’s PDF Reader JavaScript engine (affected version 10.1.4.37651). A specially crafted PDF can trigger reuse of freed memory, enabling arbitrary code execution when a user opens a malicious file or site, particularly if the browser p...

8.8CVSS9.1AI score0.00864EPSS

Exploits1References1Affected Software1

Tenable Nessus•added 2021/08/04 12:0 a.m.•33 views

Foxit PDF Reader < 11.0.1 Multiple Vulnerabilities (macOS)

The version of Foxit PDF Reader for Mac installed on the remote macOS host is prior to 11.0.1. It is, therefore, affected by multiple vulnerabilities: - Multiple remote code execution vulnerabilities exist in Foxit PDF Reader due to use-after-free errors when handling certain Javascripts. An...

8.8CVSS8.8AI score0.03065EPSS

Exploits2References5

Tenable Nessus•added 2021/08/04 12:0 a.m.•36 views

Foxit PDF Editor < 11.0.1 Multiple Vulnerabilities (macOS)

The version of Foxit PDF Editor for Mac previously named Foxit PhantomPDF for Mac installed on the remote macOS host is prior to 11.0.1. It is, therefore, affected by multiple vulnerabilities: - Multiple remote code execution vulnerabilities exist in Foxit PDF Editor due to use-after-free errors...

8.8CVSS8.8AI score0.03065EPSS

Exploits2References5

Positive Technologies•added 2021/07/28 12:0 a.m.•1 views

PT-2021-14805 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit Software’s PDF Reader version 10.1.4.37651 Description: A use-after-free issue exists in the JavaScript engine of Foxit Software’s PDF Reader. This can be triggered by a specially crafted PDF document, leading to the reuse of previously...

8.8CVSS8.8AI score0.00864EPSS

Exploits1References4

Talos•added 2021/07/27 12:0 a.m.•156 views

Foxit Reader removeField use-after-free vulnerability

Summary A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open t...

8.8CVSS9AI score0.00864EPSS

Exploits1

Gentoo Linux•added 2021/07/23 12:0 a.m.•57 views

IcedTeaWeb: Multiple vulnerabilities

Background FOSS Java browser plugin and Web Start implementation. Description Multiple vulnerabilities have been discovered in IcedTeaWeb. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

8.6CVSS3.2AI score0.01819EPSS

Exploits0

NVD•added 2021/05/10 4:15 p.m.•19 views

CVE-2021-21822

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

8.8CVSS0.198EPSS

Exploits1References1

Prion•added 2021/05/10 4:15 p.m.•18 views

Design/Logic Flaw

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

6.8CVSS8.9AI score0.198EPSS

Exploits1References1Affected Software1

EUVD•added 2021/05/10 3:2 p.m.•2 views

EUVD-2021-8993

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

8.8CVSS8.8AI score0.198EPSS

Exploits1References1

CVE•added 2021/05/10 3:2 p.m.•82 views

CVE-2021-21822

CVE-2021-21822 is a use-after-free in Foxit Software’s PDF Reader JavaScript engine (notably around Foxit Reader/PhantomPDF, versions including 10.1.3.37598). A specially crafted PDF can reuse freed memory, enabling arbitrary code execution when the user opens a malicious file or site with the br...

8.8CVSS8.8AI score0.198EPSS

Exploits1References1Affected Software1

Fedora•added 2021/03/20 12:20 a.m.•21 views

[SECURITY] Fedora 34 Update: plasma-browser-integration-5.21.3-1.fc34

plasma-browser-integration coupled with a browser plugin provides integrati on of the browser in the desktop. For more information, see https://community.kde.org/Plasma/BrowserIntegration...

7.5CVSS0.7AI score0.00701EPSS

Exploits0

OSV•added 2021/02/10 8:15 p.m.•0 views

CVE-2020-13548

In Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting...

8.8CVSS7.4AI score

Exploits0References1

NVD•added 2021/02/10 8:15 p.m.•8 views

CVE-2020-13548

8.8CVSS0.25714EPSS

Exploits1References1

Prion•added 2021/02/10 8:15 p.m.•16 views

Design/Logic Flaw

6.8CVSS8.9AI score0.25714EPSS

Exploits1References1Affected Software1

CVE•added 2021/02/10 7:45 p.m.•70 views

CVE-2020-13548

CVE-2020-13548 – Foxit Reader is affected when a specially crafted PDF (11) triggers reuse of previously freed memory, enabling arbitrary code execution. Affected product/version (per sources): Foxit Reader 10.1.0.37527 (and related Foxit Reader/PhantomPDF components). Attack vector: user must op...

8.8CVSS8.8AI score0.25714EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by