Pdf Editor Security Vulnerabilities and Issues — Pdf Editor CVE List

CVE•added 2022/02/18 8:15 p.m.•156 views

CVE-2022-24358

CVE•added 2022/02/18 8:15 p.m.•156 views

CVE-2022-24364

CVE•added 2022/02/18 8:15 p.m.•153 views

CVE-2022-24356

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw ex...

8.8CVSS8.7AI score0.0066EPSS

CVE•added 2022/02/11 2:15 a.m.•147 views

CVE-2022-24954

Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings.

9.8CVSS9.3AI score0.03195EPSS

CVE•added 2022/02/18 8:15 p.m.•130 views

CVE-2022-24971

8.8CVSS9.2AI score0.00969EPSS

CVE•added 2022/02/18 8:15 p.m.•127 views

CVE-2022-24363

CVE•added 2022/02/18 8:15 p.m.•123 views

CVE-2022-24361

8.8CVSS9.3AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•122 views

CVE-2022-24365

CVE•added 2022/02/18 8:15 p.m.•116 views

CVE-2022-24370

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...

6.5CVSS6.7AI score0.00547EPSS

CVE•added 2022/08/06 8:15 p.m.•115 views

CVE-2022-27944

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference.

7.5CVSS7.4AI score0.00538EPSS

CVE•added 2022/03/10 5:47 p.m.•113 views

CVE-2022-25108

Foxit PDF Reader and Editor before 11.2.1 and PhantomPDF before 10.1.7 allow a NULL pointer dereference during PDF parsing because the pointer is used without proper validation.

5.5CVSS7.3AI score0.00164EPSS

CVE•added 2022/02/11 2:15 a.m.•112 views

CVE-2022-24955

Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files.

9.8CVSS9.4AI score0.00694EPSS

CVE•added 2022/08/06 9:15 p.m.•107 views

CVE-2022-26979

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for oState of Collab.addStateModel, because this.Span.text can be NULL.

7.5CVSS7.4AI score0.00538EPSS

CVE•added 2022/05/11 8:15 p.m.•105 views

CVE-2022-30557

Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution.

7.5CVSS7.5AI score0.00558EPSS

CVE•added 2022/02/18 8:15 p.m.•100 views

CVE-2022-24366

CVE•added 2022/07/18 7:15 p.m.•98 views

CVE-2022-28672

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS7.7AI score0.17802EPSS

CVE•added 2022/05/05 7:15 p.m.•97 views

CVE-2022-27359

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a this.maildoc NULL pointer dereference.

5.5CVSS5.9AI score0.00272EPSS

CVE•added 2022/08/29 5:15 a.m.•96 views

CVE-2021-41783

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

CVE•added 2022/07/18 7:15 p.m.•91 views

CVE-2022-28681

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

6.1CVSS6.4AI score0.00169EPSS

CVE•added 2022/02/18 8:15 p.m.•90 views

CVE-2022-24357

CVE•added 2022/07/18 7:15 p.m.•90 views

CVE-2022-28670

7.8CVSS7.2AI score0.00179EPSS

CVE•added 2022/02/18 8:15 p.m.•88 views

CVE-2022-24362

CVE•added 2022/02/18 8:15 p.m.•84 views

CVE-2022-24359

CVE•added 2022/08/29 5:15 a.m.•83 views

CVE-2021-41782

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

CVE•added 2022/08/29 5:15 a.m.•81 views

CVE-2021-41785

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

CVE•added 2022/02/18 8:15 p.m.•81 views

CVE-2022-24367

CVE•added 2022/07/18 7:15 p.m.•81 views

CVE-2022-28682

CVE•added 2022/07/18 7:15 p.m.•80 views

CVE-2022-28671

CVE•added 2022/07/18 7:15 p.m.•79 views

CVE-2022-28673

CVE•added 2022/07/18 7:15 p.m.•77 views

CVE-2022-28679

7.8CVSS7.7AI score0.00364EPSS

CVE•added 2022/07/18 7:15 p.m.•74 views

CVE-2022-28674

CVE•added 2022/08/29 5:15 a.m.•73 views

CVE-2021-41780

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

CVE•added 2022/08/29 5:15 a.m.•72 views

CVE-2021-41784

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.03221EPSS

CVE•added 2022/07/18 7:15 p.m.•71 views

CVE-2022-28683

CVE•added 2022/07/18 7:15 p.m.•69 views

CVE-2022-34873

3.3CVSS3.2AI score0.00743EPSS

CVE•added 2022/07/18 7:15 p.m.•68 views

CVE-2022-28680

7.8CVSS7.7AI score0.00364EPSS

CVE•added 2022/07/18 7:15 p.m.•67 views

CVE-2022-28676

CVE•added 2022/07/18 7:15 p.m.•67 views

CVE-2022-28677

CVE•added 2022/05/20 1:15 p.m.•65 views

CVE-2022-28104

Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability.

9.8CVSS9.6AI score0.00576EPSS

CVE•added 2022/08/29 5:15 a.m.•64 views

CVE-2021-40326

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.

5.5CVSS6.2AI score0.00064EPSS

CVE•added 2022/07/18 7:15 p.m.•63 views

CVE-2022-34875

3.3CVSS3.2AI score0.00711EPSS

CVE•added 2022/07/18 7:15 p.m.•62 views

CVE-2022-28678

7.8CVSS7.7AI score0.00364EPSS

CVE•added 2022/07/18 7:15 p.m.•61 views

CVE-2022-28669

CVE•added 2022/08/29 5:15 a.m.•58 views

CVE-2021-41781

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

CVE•added 2022/07/18 7:15 p.m.•54 views

CVE-2022-28675