CVE-2025-66496

CVE-2025-66496 is a memory corruption issue in Foxit PDF Reader’s 3D annotation handling due to insufficient bounds checking when parsing PRC data, leading to out-of-bounds access. The connected advisory notes Foxit fixed multiple vulnerabilities in Foxit PDF Reader, including memory corruption a...

CVE-2025-66495 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially...

EUVD-2025-204465

A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially...

CVE-2025-66495

CVE-2025-66495 is a confirmed use-after-free vulnerability in Foxit PDF Reader/Editor related to annotation handling. Affected products include Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and macOS. The issue arises when opening a PDF containing specially crafted JavaScript, w...

CVE-2025-66495 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially...

CVE-2025-66494 Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability

A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code...

EUVD-2025-204466

A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code...

CVE-2025-66494

CVE-2025-66494 is a Foxit PDF Reader use-after-free vulnerability in the PDF file parsing on Windows, affecting versions before 2025.2.1, 14.0.1 and 13.2.1. A PDF object managed by multiple parents could be freed while still referenced, potentially allowing remote code execution. Multiple sources...

CVE-2025-66494 Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability

A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code...

CVE-2025-66493 Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability

A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced,...

EUVD-2025-204467

A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced,...

CVE-2025-66493 Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability

A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced,...

CVE-2025-13941

A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these resources, which...

CVE-2025-13941 Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability

A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these resources, which...

Binaryen 安全漏洞

Binaryen is a WebAssembly open source compiler infrastructure and toolchain library for WebAssembly written in C++. A security vulnerability exists in Binaryen 125 and earlier versions, which stems from a misbehavior of the function WasmBinaryReader::readExport, which could result in a heap buffe...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader versions prior to 2025.2.1, prior to 14.0.1, and prior to 13.2.1, which stems from a post-release reuse vulnerability in the parsing of PDF files that could lead to the execution o...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader, which originates from insufficient boundary checking in 3D annotation processing, which may result in memory corruption...

Foxit PDF Reader for Mac < 2025.3 Multiple Vulnerabilities

According to its version, the Foxit PDF Reader for Mac application previously named Foxit Reader for Mac installed on the remote macOS host is prior to 2025.3. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the...

Foxit PDF Reader U3D File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

PT-2025-52426

A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing U3D data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruptio...