7680 matches found
CVE-2023-51555
CVE-2023-51555 is a Foxit PDF Reader/Editor vulnerability described as a Doc object handling out-of-bounds read that can disclose sensitive information. The NVD entry notes that user interaction is required (target must visit a malicious page or open a malicious file) and that the flaw can be lev...
CVE-2023-51555 Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability
Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2023-51554
CVE-2023-51554 affects Foxit PDF Reader (signature handling). The vulnerability is a use-after-free in Signature objects caused by not validating an object’s existence before operations, enabling information disclosure. Exploitation requires user interaction (target must open a malicious file or ...
CVE-2023-51554 Foxit PDF Reader Signature Use-After-Free Information Disclosure Vulnerability
Foxit PDF Reader Signature Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2023-51553
CVE-2023-51553 : Foxit PDF Reader/Editor is affected by an Out-of-Bounds Read in the Bookmark handling, caused by improper validation of bookmark data. This can lead to disclosure of sensitive information and, in conjunction with other vulnerabilities, may enable arbitrary code execution in the c...
CVE-2023-51553 Foxit PDF Reader Bookmark Out-Of-Bounds Read Information Disclosure Vulnerability
Foxit PDF Reader Bookmark Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2023-51552
CVE-2023-51552 affects Foxit PDF Reader/Editor (AcroForm Signature) and is a Use-After-Free in how Signature objects are handled. The flaw stems from not validating object existence before operations, enabling code execution in the process context when a user opens a malicious file or visits a ma...
CVE-2023-51551
CVE-2023-51551 concerns Foxit PDF Reader/Editor components handling AcroForm signatures. The vulnerability is a use-after-free in Signature object processing, arising from not validating the existence of an object before use, which can lead to remote code execution in the process context. Exploit...
CVE-2023-44433
Kofax Power PDF is affected by an AcroForm Annotation out-of-bounds read information disclosure vulnerability (CVE-2023-44433). The flaw stems from insufficient validation of user-supplied data in Annotation objects, allowing a read past the end of an allocated buffer. Impact stated: potential in...
CVE-2023-42125 Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability
Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2023-42125 Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability
Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2023-42125
This CVE concerns Avast Premium Security. The vulnerability lies in the Sandbox feature implementation: an attacker who can run low-privilege code locally can abuse symbolic links to create arbitrary namespace objects, enabling privilege escalation to SYSTEM and arbitrary code execution. Affected...
CVE-2023-42098
CVE-2023-42098 : Foxit PDF Reader/Editor products are affected by a Use-After-Free in the handling of Annotation objects, caused by not validating the existence of an object before performing operations. This can lead to an information disclosure vulnerability and, in conjunction with other issue...
CVE-2023-42097 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...
CVE-2023-42097
CVE-2023-42097 (Foxit PDF Reader) is a Use-After-Free in the handling of Annotation objects that can lead to remote code execution. The flaw arises from not validating the existence of an object before operations, allowing an attacker to run code in the current process context. Exploitation requi...
CVE-2023-42095
CVE-2023-42095 describes a vulnerability in Foxit PDF Reader where the AcroForm handling of Annotation objects can read past the end of an allocated buffer, causing an information disclosure. The issue is triggered by processing unvalidated user-supplied data, and, per the description, an attacke...
CVE-2023-42095 Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2023-42094 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...
CVE-2023-42091 Foxit PDF Reader XFA Doc Object Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader XFA Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2023-42090
CVE-2023-42090 is a Foxit PDF Reader XFA Doc Object Out‑Of‑Bounds Read Information Disclosure vulnerability. The NVD entry states that handling of Doc objects allows reading past the end of an allocated buffer, enabling disclosure of sensitive information. Exploitation requires user interaction (...