Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2026/04/02 5:4 a.m.7 views

CVE-2026-3774

The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...

7.5CVSS5.9AI score0.00109EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/01 3:31 a.m.5 views

EUVD-2026-17749

The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...

4.7CVSS5.9AI score0.00109EPSS
Exploits0References2
NVD
NVD
added 2026/04/01 2:16 a.m.9 views

CVE-2026-3774

The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...

7.5CVSS0.00109EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/01 1:40 a.m.3 views

CVE-2026-3774 Self-Modifications Affecting Altered Printing and Redaction in Foxit PDF Editor

The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...

4.7CVSS5.9AI score0.00109EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/01 1:40 a.m.34 views

CVE-2026-3774 Self-Modifications Affecting Altered Printing and Redaction in Foxit PDF Editor

The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...

4.7CVSS0.00109EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.4 views

CVE-2025-59802

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

7.5CVSS6.7AI score0.00276EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/11 6:30 p.m.8 views

EUVD-2025-202693

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

7.5CVSS6.2AI score0.00276EPSS
Exploits0References2
NVD
NVD
added 2025/12/11 4:16 p.m.9 views

CVE-2025-59802

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

7.5CVSS0.00276EPSS
Exploits0References1
OSV
OSV
added 2025/12/11 4:16 p.m.2 views

CVE-2025-59802

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

7.5CVSS5.8AI score0.00276EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.7 views

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are both products of Foxit Corporation of China.Foxit PDF Reader is a PDF reader.Foxit PDF Editor is a PDF editor. A security vulnerability exists in Foxit PDF Reader and Foxit PDF Editor versions prior to 2025.2.1, which stems from an OCG state attribute not...

7.5CVSS6.3AI score0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.31 views

CVE-2025-59802

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/12/11 12:0 a.m.16 views

CVE-2025-59802

Summary: CVE-2025-59802 affects Foxit PDF Editor/Reader prior to 2025.2.1. The issue is signature spoofing via Optional Content Groups (OCG): the OCG state is runtime-only and not included in the signature buffer, allowing an attacker to dynamically flip OCG visibility after signing (Post-Sign) u...

7.5CVSS6.2AI score0.00276EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.3 views

CVE-2025-59802

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

6.3AI score0.00276EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.6 views

PT-2025-50623

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

7.5CVSS6.7AI score0.00276EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:15 a.m.3 views

SUSE CVE-2015-6688

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via ...

6.8CVSS7.8AI score0.05995EPSS
Exploits0References3
OSV
OSV
added 2022/11/21 4:15 p.m.4 views

CVE-2022-40129

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker...

7.8CVSS5.8AI score0.0098EPSS
Exploits1References1
NVD
NVD
added 2022/11/21 4:15 p.m.17 views

CVE-2022-40129

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker...

8.8CVSS0.0098EPSS
Exploits1References1
Prion
Prion
added 2022/11/21 4:15 p.m.21 views

Design/Logic Flaw

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker...

4.4CVSS7.8AI score0.0098EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/11/21 4:5 p.m.96 views

CVE-2022-40129

Affected product: Foxit PDF Reader (v12.0.1.12430). Vulnerability: Use-after-free in the JavaScript engine triggered by crafted PDFs, specifically via Optional Content Group API, leading to arbitrary code execution. Exploitation may require user action or could occur if a malicious site is visite...

8.8CVSS7.6AI score0.0098EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/11/21 4:5 p.m.33 views

CVE-2022-40129

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker...

8.8CVSS7.9AI score0.0098EPSS
Exploits1References1
Rows per page
Query Builder