Lucene search
K

205 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 6:8 a.m.9 views

CVE-2024-49576

A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBFWidget object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...

8.8CVSS8.9AI score0.01142EPSS
Exploits1References1
CNVD
CNVD
added 2024/12/20 12:0 a.m.10 views

Foxit Reader memory corruption vulnerability (CNVD-2025-0095609)

Foxit Reader is a Chinese Foxit Foxit company's a PDF document reader. A security vulnerability exists in Foxit Reader version 2024.3.0.26795, which originates from a post-release reuse vulnerability contained in the checkbox CBFWidget object. An attacker can exploit this vulnerability to cause...

8.8CVSS7.4AI score0.01142EPSS
Exploits1References1
OSV
OSV
added 2024/12/18 4:15 p.m.5 views

CVE-2024-49576

A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBFWidget object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...

8.8CVSS6AI score0.01142EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/12/18 3:57 p.m.28 views

CVE-2024-49576

A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBFWidget object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...

8.8CVSS0.01142EPSS
Exploits1References1
CVE
CVE
added 2024/12/18 3:57 p.m.82 views

CVE-2024-49576

Foxit Reader 2024.3.0.26795 contains a use-after-free in handling the checkbox CBF_Widget object. A crafted PDF with JavaScript can trigger memory corruption and arbitrary code execution. Exploitation requires user interaction (opening the malicious file or visiting a malicious site if the browse...

8.8CVSS7.7AI score0.01142EPSS
Exploits1References2Affected Software2
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.3 views

Foxit Reader 安全漏洞

Foxit Reader is a Chinese Foxit Foxit company's a PDF document reader. A security vulnerability exists in Foxit Reader version 2024.3.0.26795, which originates from a post-release reuse vulnerability contained in the checkbox CBFWidget object. An attacker can exploit this vulnerability to cause...

8.8CVSS7.6AI score0.01142EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.14 views

Fedora 37 : js-jquery-ui (2022-7291b78111)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-7291b78111 advisory. A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting XSS attack via the initializatio...

6.1CVSS7.1AI score0.01933EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/18 12:0 a.m.25 views

Foxit PDF Editor for Mac < 11.1.10 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor for Mac application previously named Foxit PhantomPDF for Mac installed on the remote macOS host is prior to 11.1.10. It is, therefore affected by multiple vulnerabilities: - A use-after-free vulnerability exists in the way Foxit Reade 2024.1.0.23997...

8.8CVSS8.2AI score0.01917EPSS
Exploits1References4
OSV
OSV
added 2024/10/02 9:15 p.m.5 views

CVE-2024-28888

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker...

8.8CVSS5.8AI score0.01917EPSS
Exploits1References3
Talos
Talos
added 2024/10/02 12:0 a.m.18 views

Foxit Reader checkbox Calculate use-after-free vulnerability

Talos Vulnerability Report TALOS-2024-1967 Foxit Reader checkbox Calculate use-after-free vulnerability October 2, 2024 CVE Number CVE-2024-28888 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript co...

8.8CVSS8.1AI score0.01917EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/09/30 12:0 a.m.3 views

PT-2024-22628 · Foxit · Foxit Reader

Name of the Vulnerable Software and Affected Versions: Foxit Reader version 2024.1.0.23997 Description: A use-after-free vulnerability exists in the way Foxit Reader handles a checkbox field object. A specially crafted JavaScript code inside a malicious PDF document can trigger this vulnerability...

8.8CVSS8.2AI score0.01917EPSS
Exploits1References21
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/24 3:24 a.m.2 views

Malicious code in smart-input-checkbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d35a2894a65ccf5f422531f46846b2cc71d5e0e28a3e0d7b6e9ed1b0daa6a69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2024/07/24 3:24 a.m.4 views

MAL-2024-7798 Malicious code in smart-input-checkbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d35a2894a65ccf5f422531f46846b2cc71d5e0e28a3e0d7b6e9ed1b0daa6a69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/13 10:27 p.m.4 views

Malicious code in trip-component-platform-online-subscribe-checkbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1b75c5dae9b8499101bc5b5b006cc02b0d3da7be0669d9c7b9aa2f3191a34f2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/27 12:0 a.m.4 views

PT-2024-40066 · Packagist · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns lists of key/value pairs assigned to OptionsetField or CheckboxSetField that lack a default casting. This can lead to a potential XSS vulnerability when either th...

6.1CVSS6.1AI score
Exploits0References8
OSV
OSV
added 2024/04/10 6:15 a.m.4 views

CVE-2024-3210

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'reg-single-checkbox' shortcode in all versions up to, and including, 4.15.5 due to...

5.4CVSS5.9AI score0.00435EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/10 5:32 a.m.9 views

CVE-2024-3210 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'reg-single-checkbox'

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'reg-single-checkbox' shortcode in all versions up to, and including, 4.15.5 due to...

6.4CVSS6.1AI score0.00435EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.3 views

WordPress Plugin ProfilePress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.4CVSS5.9AI score0.00435EPSS
Exploits0References3
OSV
OSV
added 2023/11/08 11:15 a.m.3 views

CVE-2023-6012

An improper input validation vulnerability has been found in Lanaccess ONSAFE MonitorHM affecting version 3.7.0. This vulnerability could lead a remote attacker to exploit the checkbox element and perform remote code execution, compromising the entire infrastructure...

9.8CVSS5.9AI score0.00865EPSS
Exploits0References1
NVD
NVD
added 2023/11/08 11:15 a.m.17 views

CVE-2023-6012

An improper input validation vulnerability has been found in Lanaccess ONSAFE MonitorHM affecting version 3.7.0. This vulnerability could lead a remote attacker to exploit the checkbox element and perform remote code execution, compromising the entire infrastructure...

9.8CVSS0.00865EPSS
Exploits0References1
Rows per page
Query Builder