15 matches found
CVE-2025-59802
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...
Foxit PDF Reader和Foxit PDF Editor 安全漏洞
Foxit PDF Reader and Foxit PDF Editor are both products of Foxit Corporation of China.Foxit PDF Reader is a PDF reader.Foxit PDF Editor is a PDF editor. A security vulnerability exists in Foxit PDF Reader and Foxit PDF Editor versions prior to 2025.2.1, which stems from an OCG state attribute not...
camaleon_cms affected by cross site scripting
Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field...
camaleon_cms affected by cross site scripting
Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field...
CamaleonCMS 跨站脚本漏洞
CamaleonCMS is an advanced RubyonRails-based dynamic content management system CMS from the CamaleonCMS team. A security vulnerability exists in CamaleonCMS version v2.7.5, which stems from the presence of a cross-site scripting vulnerability that allows remote attackers to execute arbitrary code...
CVE-2024-48652
Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field...
PT-2024-33173 · Unknown · Camaleon Cms
Name of the Vulnerable Software and Affected Versions: camaleon-cms version 2.7.5 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the content group name field. Recommendations: For camaleon-cms version 2.7.5, update to a version that fixes this iss...
CVE-2022-40129
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker...
CVE-2022-40129
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker...
Design/Logic Flaw
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker...
CVE-2022-40129
Affected product: Foxit PDF Reader (v12.0.1.12430). Vulnerability: Use-after-free in the JavaScript engine triggered by crafted PDFs, specifically via Optional Content Group API, leading to arbitrary code execution. Exploitation may require user action or could occur if a malicious site is visite...
CVE-2022-40129
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker...
CVE-2018-4910
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file...
Heap overflow
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file...
The vulnerabilities of PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, as well as PDF viewing programs like Adobe Reader and Adobe Reader Document Cloud, allow attackers to execute arbitrary code.
The vulnerabilities of PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, as well as PDF viewing programs like Adobe Reader and Adobe Reader Document Cloud, are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow a malicious actor to...