Pdf Reader@* Security Vulnerabilities and Issues — Pdf Reader@* CVE List

Lucene search

FoxitPdf Reader*

259 matches found

CVE•added 2023/03/29 7:15 p.m.•625 views

CVE-2022-43649

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.12465. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS7.7AI score0.03043EPSS

CVE•added 2023/01/18 3:15 p.m.•400 views

CVE-2022-47881

Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability.

6.5CVSS6.5AI score0.0026EPSS

CVE•added 2022/02/18 8:15 p.m.•224 views

CVE-2022-24368

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

6.5CVSS7.6AI score0.00506EPSS

CVE•added 2022/08/29 5:15 a.m.•187 views

CVE-2022-25641

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack.

5.5CVSS6AI score0.00063EPSS

CVE•added 2022/02/18 8:15 p.m.•168 views

CVE-2022-24369

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the pa...

8.8CVSS9.3AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•163 views

CVE-2022-24360

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•156 views

CVE-2022-24358

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•155 views

CVE-2022-24364

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•153 views

CVE-2022-24356

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw ex...

8.8CVSS8.7AI score0.0066EPSS

CVE•added 2022/02/11 2:15 a.m.•147 views

CVE-2022-24954

Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings.

9.8CVSS9.3AI score0.03195EPSS

CVE•added 2022/02/18 8:15 p.m.•130 views

CVE-2022-24971

8.8CVSS9.2AI score0.00969EPSS

CVE•added 2022/02/18 8:15 p.m.•127 views

CVE-2022-24363

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•123 views

CVE-2022-24361

8.8CVSS9.3AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•122 views

CVE-2022-24365

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2023/05/19 6:15 a.m.•117 views

CVE-2023-33240

Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged user...

7.8CVSS7.4AI score0.00044EPSS

CVE•added 2022/02/18 8:15 p.m.•116 views

CVE-2022-24370

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...

6.5CVSS6.7AI score0.00547EPSS

CVE•added 2022/08/06 8:15 p.m.•115 views

CVE-2022-27944

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference.

7.5CVSS7.4AI score0.00541EPSS

CVE•added 2022/03/10 5:47 p.m.•113 views

CVE-2022-25108

Foxit PDF Reader and Editor before 11.2.1 and PhantomPDF before 10.1.7 allow a NULL pointer dereference during PDF parsing because the pointer is used without proper validation.

5.5CVSS7.3AI score0.00164EPSS

CVE•added 2022/02/11 2:15 a.m.•112 views

CVE-2022-24955

Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files.

9.8CVSS9.4AI score0.00694EPSS

CVE•added 2022/08/06 9:15 p.m.•107 views

CVE-2022-26979

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for oState of Collab.addStateModel, because this.Span.text can be NULL.

7.5CVSS7.4AI score0.00541EPSS

CVE•added 2022/05/11 8:15 p.m.•105 views

CVE-2022-30557

Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution.

7.5CVSS7.5AI score0.00558EPSS

CVE•added 2022/02/18 8:15 p.m.•100 views

CVE-2022-24366

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/07/18 7:15 p.m.•98 views

CVE-2022-28672

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS7.7AI score0.17802EPSS

CVE•added 2022/05/05 7:15 p.m.•97 views

CVE-2022-27359

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a this.maildoc NULL pointer dereference.

5.5CVSS5.9AI score0.00272EPSS

CVE•added 2024/03/05 9:15 p.m.•97 views

CVE-2024-25858

In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands.

8.4CVSS7.7AI score0.00091EPSS

CVE•added 2022/08/29 5:15 a.m.•96 views

CVE-2021-41783

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.00215EPSS

CVE•added 2022/07/18 7:15 p.m.•91 views

CVE-2022-28681

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

6.1CVSS6.4AI score0.00169EPSS

CVE•added 2022/02/18 8:15 p.m.•90 views

CVE-2022-24357

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/07/18 7:15 p.m.•90 views

CVE-2022-28670

7.8CVSS7.2AI score0.00179EPSS

CVE•added 2022/02/18 8:15 p.m.•88 views

CVE-2022-24362

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•84 views

CVE-2022-24359

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/08/29 5:15 a.m.•83 views

CVE-2021-41782

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.00215EPSS

CVE•added 2022/08/29 5:15 a.m.•81 views

CVE-2021-41785

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.00215EPSS

CVE•added 2022/02/18 8:15 p.m.•81 views

CVE-2022-24367

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/07/18 7:15 p.m.•81 views

CVE-2022-28682

7.8CVSS7.7AI score0.00395EPSS

CVE•added 2022/07/18 7:15 p.m.•80 views

CVE-2022-28671

7.8CVSS7.7AI score0.00395EPSS

CVE•added 2022/07/18 7:15 p.m.•79 views

CVE-2022-28673

7.8CVSS7.7AI score0.00395EPSS

CVE•added 2022/07/18 7:15 p.m.•77 views

CVE-2022-28679

7.8CVSS7.7AI score0.00364EPSS

CVE•added 2024/04/02 9:15 p.m.•77 views

CVE-2024-30345

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page...

7.8CVSS8.2AI score0.04229EPSS

CVE•added 2024/04/02 9:15 p.m.•75 views

CVE-2024-30352

7.8CVSS8.2AI score0.04229EPSS

CVE•added 2024/04/02 9:15 p.m.•75 views

CVE-2024-30363

Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must v...

5.5CVSS5.4AI score0.00324EPSS

CVE•added 2021/08/04 4:15 p.m.•74 views

CVE-2021-34832

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS8.3AI score0.02166EPSS

CVE•added 2024/05/07 11:15 p.m.•74 views

CVE-2021-34950

Foxit PDF Reader Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

7.8CVSS7.9AI score0.0173EPSS

CVE•added 2022/07/18 7:15 p.m.•74 views

CVE-2022-28674

7.8CVSS7.7AI score0.00395EPSS

CVE•added 2022/08/29 5:15 a.m.•73 views

CVE-2021-41780

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.0036EPSS

CVE•added 2022/08/29 5:15 a.m.•72 views

CVE-2021-41784

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.05924EPSS

CVE•added 2024/04/02 9:15 p.m.•72 views

CVE-2024-30371

7.8CVSS8.2AI score0.02223EPSS

CVE•added 2022/07/18 7:15 p.m.•71 views

CVE-2022-28683

7.8CVSS7.7AI score0.00395EPSS

CVE•added 2024/05/03 2:15 a.m.•70 views

CVE-2023-27363

Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS8AI score0.78929EPSS

CVE•added 2024/04/02 8:15 p.m.•70 views

CVE-2024-30337

7.8CVSS8.2AI score0.04229EPSS

Total number of security vulnerabilities259