Pdf Reader@* Security Vulnerabilities and Issues — Pdf Reader@* CVE List

Lucene search

FoxitPdf Reader*

239 matches found

CVE•added 2023/03/29 7:15 p.m.•624 views

CVE-2022-43649

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.12465. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS7.7AI score0.03043EPSS

CVE•added 2023/01/18 3:15 p.m.•399 views

CVE-2022-47881

Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability.

6.5CVSS6.5AI score0.0026EPSS

CVE•added 2022/02/18 8:15 p.m.•222 views

CVE-2022-24368

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

6.5CVSS7.6AI score0.00506EPSS

CVE•added 2022/08/29 5:15 a.m.•180 views

CVE-2022-25641

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack.

5.5CVSS6AI score0.00069EPSS

CVE•added 2022/02/18 8:15 p.m.•167 views

CVE-2022-24369

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the pa...

8.8CVSS9.3AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•162 views

CVE-2022-24360

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•154 views

CVE-2022-24358

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•153 views

CVE-2022-24364

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•152 views

CVE-2022-24356

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw ex...

8.8CVSS8.7AI score0.0066EPSS

CVE•added 2022/02/11 2:15 a.m.•146 views

CVE-2022-24954

Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings.

9.8CVSS9.3AI score0.03195EPSS

CVE•added 2022/02/18 8:15 p.m.•129 views

CVE-2022-24971

8.8CVSS9.2AI score0.00246EPSS

CVE•added 2022/02/18 8:15 p.m.•126 views

CVE-2022-24363

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•122 views

CVE-2022-24361

8.8CVSS9.3AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•121 views

CVE-2022-24365

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2023/05/19 6:15 a.m.•116 views

CVE-2023-33240

Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged user...

7.8CVSS7.4AI score0.00044EPSS

CVE•added 2022/02/18 8:15 p.m.•115 views

CVE-2022-24370

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...

6.5CVSS6.7AI score0.00547EPSS

CVE•added 2022/08/06 8:15 p.m.•114 views

CVE-2022-27944

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference.

7.5CVSS7.4AI score0.0025EPSS

CVE•added 2022/03/10 5:47 p.m.•112 views

CVE-2022-25108

Foxit PDF Reader and Editor before 11.2.1 and PhantomPDF before 10.1.7 allow a NULL pointer dereference during PDF parsing because the pointer is used without proper validation.

5.5CVSS7.3AI score0.00164EPSS

CVE•added 2022/02/11 2:15 a.m.•110 views

CVE-2022-24955

Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files.

9.8CVSS9.4AI score0.00694EPSS

CVE•added 2022/08/06 9:15 p.m.•106 views

CVE-2022-26979

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for oState of Collab.addStateModel, because this.Span.text can be NULL.

7.5CVSS7.4AI score0.0025EPSS

CVE•added 2022/05/11 8:15 p.m.•103 views

CVE-2022-30557

Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution.

7.5CVSS7.5AI score0.00558EPSS

CVE•added 2022/02/18 8:15 p.m.•99 views

CVE-2022-24366

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/05/05 7:15 p.m.•96 views

CVE-2022-27359

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a this.maildoc NULL pointer dereference.

5.5CVSS5.9AI score0.00272EPSS

CVE•added 2022/08/29 5:15 a.m.•95 views

CVE-2021-41783

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.00129EPSS

CVE•added 2022/07/18 7:15 p.m.•95 views

CVE-2022-28672

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS7.7AI score0.15808EPSS

CVE•added 2024/03/05 9:15 p.m.•94 views

CVE-2024-25858

In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands.

8.4CVSS7.7AI score0.00067EPSS

CVE•added 2022/07/18 7:15 p.m.•89 views

CVE-2022-28670

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.2AI score0.00843EPSS

CVE•added 2022/07/18 7:15 p.m.•89 views

CVE-2022-28681

6.1CVSS6.4AI score0.007EPSS

CVE•added 2022/02/18 8:15 p.m.•88 views

CVE-2022-24357

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•87 views

CVE-2022-24362

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/02/18 8:15 p.m.•83 views

CVE-2022-24359

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/08/29 5:15 a.m.•82 views

CVE-2021-41782

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.00129EPSS

CVE•added 2022/08/29 5:15 a.m.•80 views

CVE-2021-41785

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.00129EPSS

CVE•added 2022/02/18 8:15 p.m.•80 views

CVE-2022-24367

8.8CVSS9.2AI score0.0066EPSS

CVE•added 2022/07/18 7:15 p.m.•80 views

CVE-2022-28682

7.8CVSS7.7AI score0.00395EPSS

CVE•added 2022/07/18 7:15 p.m.•79 views

CVE-2022-28671

7.8CVSS7.7AI score0.00395EPSS

CVE•added 2022/07/18 7:15 p.m.•78 views

CVE-2022-28673

7.8CVSS7.7AI score0.00395EPSS

CVE•added 2022/07/18 7:15 p.m.•76 views

CVE-2022-28679

7.8CVSS7.7AI score0.01859EPSS

CVE•added 2024/04/02 9:15 p.m.•75 views

CVE-2024-30345

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page...

7.8CVSS8.2AI score0.01551EPSS

CVE•added 2021/08/04 4:15 p.m.•73 views

CVE-2021-34832

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS8.3AI score0.02166EPSS

CVE•added 2022/07/18 7:15 p.m.•73 views

CVE-2022-28674

7.8CVSS7.7AI score0.00395EPSS

CVE•added 2024/04/02 9:15 p.m.•73 views

CVE-2024-30352

7.8CVSS8.2AI score0.01551EPSS

CVE•added 2024/04/02 9:15 p.m.•73 views

CVE-2024-30363

Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must v...

3.3CVSS5.4AI score0.00147EPSS

CVE•added 2024/05/07 11:15 p.m.•72 views

CVE-2021-34950

Foxit PDF Reader Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

7.8CVSS7.9AI score0.01138EPSS

CVE•added 2022/08/29 5:15 a.m.•72 views

CVE-2021-41780

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.00217EPSS

CVE•added 2022/08/29 5:15 a.m.•69 views

CVE-2021-41784

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

7.8CVSS7.8AI score0.03491EPSS

CVE•added 2022/07/18 7:15 p.m.•69 views

CVE-2022-28683

7.8CVSS7.7AI score0.00395EPSS

CVE•added 2024/04/02 9:15 p.m.•69 views

CVE-2024-30371

7.8CVSS8.2AI score0.008EPSS

CVE•added 2021/08/04 4:15 p.m.•68 views

CVE-2021-34846

7.8CVSS8.3AI score0.02166EPSS

CVE•added 2022/07/18 7:15 p.m.•68 views

CVE-2022-34873