CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

Tenable Nessus•added 2024/10/21 12:0 a.m.•12 views

Adobe Reader < 15.006.30119 / 15.010.20056 Multiple Vulnerabilities (APSB16-02) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 15.006.30119 or 15.010.20056. It is, therefore, affected by multiple vulnerabilities. - Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat...

10CVSS8.2AI score0.04926EPSS

Exploits0References19

OSV•added 2024/05/07 11:15 p.m.•1 views

CVE-2021-34966

Foxit PDF Editor FileAttachment Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must vis...

7.8CVSS6.2AI score

Exploits0References2

CVE•added 2024/05/07 10:54 p.m.•65 views

CVE-2021-34966

Foxit PDF Editor - CVE-2021-34966: A use-after-free in FileAttachment Annotation handling arises from not validating the existence of an object before operations, enabling remote code execution. Affected: Foxit PDF Editor (annotation processing path). Impact: arbitrary code execution in the conte...

7.8CVSS8AI score0.01717EPSS

Exploits0References2Affected Software2

Cvelist•added 2024/02/15 12:18 p.m.•17 views

CVE-2024-20731 TALOS-2023-1901 - Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.9AI score0.01218EPSS

Exploits0References2

CNNVD•added 2023/07/11 12:0 a.m.•2 views

Gin-Gonic Gin 安全漏洞

Gin-Gonic Gin is a Go-based framework for rapidly building web applications from the Gin-Gonic team. A security vulnerability exists in Gin-Gonic Gin, which stems from the filename parameter of the Context.FileAttachment function not being cleaned up correctly...

6.5CVSS7.2AI score0.00344EPSS

Exploits0References9

OSV•added 2023/06/08 9:15 p.m.•26 views

CVE-2023-29401

The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of...

4.3CVSS6.9AI score

Exploits0References4

NVD•added 2023/06/08 9:15 p.m.•27 views

CVE-2023-29401

4.3CVSS5.7AI score0.00432EPSS

Exploits2References4

OSV•added 2023/06/08 9:15 p.m.•2 views

DEBIAN-CVE-2023-29401

4.3CVSS5.3AI score0.00432EPSS

Exploits2References1

Prion•added 2023/06/08 9:15 p.m.•16 views

Design/Logic Flaw

4.3CVSS4.6AI score0.00432EPSS

Exploits2References4Affected Software1

OSV•added 2023/06/08 9:15 p.m.•0 views

UBUNTU-CVE-2023-29401

4.3CVSS6.7AI score0.00432EPSS

Exploits2References7

Github Security Blog•added 2023/05/12 8:19 p.m.•71 views

Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function

4.3CVSS6.3AI score0.00432EPSS

Exploits2References6Affected Software1

Talos•added 2021/05/06 12:0 a.m.•191 views

Foxit Reader FileAttachment annotation use-after-free vulnerability

Summary A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into openi...

8.8CVSS8.9AI score0.198EPSS

Exploits1

OSV•added 2018/07/31 8:29 p.m.•2 views

CVE-2018-14294

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS6.1AI score0.00367EPSS

Exploits0References2

Prion•added 2018/07/31 8:29 p.m.•17 views

Design/Logic Flaw

6.8CVSS8.8AI score0.00367EPSS

Exploits0References2Affected Software2

CNVD•added 2018/07/25 12:0 a.m.•1 views

Foxit Reader Memory Misreference Vulnerability

Foxit Reader for Windows is China's Foxit Foxit Software Corporation, a Windows-based platform for PDF document reader. A memory misreference vulnerability exists in the handling of FileAttachment annotations in Foxit Reader 9.1.0.5096 and earlier versions for Windows. A remote attacker can explo...

8.8CVSS8.9AI score0.00367EPSS

Exploits0References1

Zero Day Initiative•added 2018/07/19 12:0 a.m.•25 views

Foxit Reader FileAttachment attachIcon Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

6.8CVSS3.2AI score0.00367EPSS

Exploits0References1

OSV•added 2017/12/20 2:29 p.m.•0 views

CVE-2017-14834

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the sty...

8.8CVSS6.1AI score

Exploits0References2

NVD•added 2017/12/20 2:29 p.m.•14 views

CVE-2017-14834

8.8CVSS8.8AI score0.00367EPSS

Exploits0References2

Prion•added 2017/12/20 2:29 p.m.•13 views

Design/Logic Flaw

6.8CVSS8.8AI score0.00367EPSS

Exploits0References2Affected Software1

Zero Day Initiative•added 2017/11/14 12:0 a.m.•20 views

Foxit Reader FileAttachment Annotations style Use-After-Free Remote Code Execution Vulnerability