Foxit Reader@* Security Vulnerabilities and Issues — Foxit Reader@* CVE List

Lucene search

FoxitsoftwareFoxit Reader*

39 matches found

CVE•added 2021/06/16 11:15 p.m.•197 views

CVE-2021-31476

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS8AI score0.00376EPSS

CVE•added 2021/07/09 6:15 p.m.•73 views

CVE-2021-33792

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write via a crafted /Size key in the Trailer dictionary.

7.8CVSS7.5AI score0.00035EPSS

CVE•added 2021/07/09 6:15 p.m.•65 views

CVE-2021-33795

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled.

5.5CVSS5.6AI score0.00023EPSS

CVE•added 2021/08/11 10:15 p.m.•64 views

CVE-2021-38574

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows SQL Injection via crafted data at the end of a string.

9.8CVSS9.7AI score0.00028EPSS

CVE•added 2021/02/12 12:15 a.m.•61 views

CVE-2020-27860

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the proces...

7.8CVSS8AI score0.04567EPSS

CVE•added 2021/08/11 10:15 p.m.•59 views

CVE-2021-38570

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to delete arbitrary files (during uninstallation) via a symlink.

9.1CVSS9AI score0.0004EPSS

CVE•added 2021/08/11 10:15 p.m.•58 views

CVE-2021-38568

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format.

9.8CVSS9.5AI score0.00027EPSS

CVE•added 2021/08/11 10:15 p.m.•58 views

CVE-2021-38573

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because a CombineFiles pathname is not validated.

9.8CVSS9.3AI score0.00023EPSS

CVE•added 2021/03/30 3:15 p.m.•55 views

CVE-2021-27270

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the pa...

7.8CVSS7.7AI score0.02959EPSS

CVE•added 2021/05/07 9:15 p.m.•54 views

CVE-2021-31450

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS8.4AI score0.02166EPSS

CVE•added 2021/05/07 9:15 p.m.•53 views

CVE-2021-31452

7.8CVSS8.4AI score0.01606EPSS

CVE•added 2021/05/07 9:15 p.m.•50 views

CVE-2021-31451

7.8CVSS8.4AI score0.02166EPSS

CVE•added 2021/03/30 3:15 p.m.•49 views

CVE-2021-27261

7.8CVSS7.8AI score0.04567EPSS

CVE•added 2021/05/07 9:15 p.m.•49 views

CVE-2021-31455

7.8CVSS8.4AI score0.02166EPSS

CVE•added 2021/03/30 3:15 p.m.•48 views

CVE-2021-27264

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

4.3CVSS3.8AI score0.03774EPSS

CVE•added 2021/03/30 3:15 p.m.•48 views

CVE-2021-27269

7.8CVSS7.8AI score0.04567EPSS

CVE•added 2021/05/07 9:15 p.m.•47 views

CVE-2021-31453

7.8CVSS8.4AI score0.02166EPSS

CVE•added 2021/08/11 10:15 p.m.•47 views

CVE-2021-38569

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects.

7.5CVSS7.5AI score0.00018EPSS

CVE•added 2021/08/11 10:15 p.m.•47 views

CVE-2021-38572

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because the extractPages pathname is not validated.

9.8CVSS9.3AI score0.00023EPSS

CVE•added 2021/05/07 9:15 p.m.•46 views

CVE-2021-31441

7.8CVSS8.4AI score0.02166EPSS

CVE•added 2021/05/07 9:15 p.m.•46 views

CVE-2021-31454

7.8CVSS8.5AI score0.02166EPSS

CVE•added 2021/08/11 8:15 p.m.•46 views

CVE-2021-33793

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion.

9.8CVSS9.5AI score0.00027EPSS

CVE•added 2021/08/11 10:15 p.m.•46 views

CVE-2021-38571

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502.

7.8CVSS7.5AI score0.00032EPSS

CVE•added 2021/03/30 3:15 p.m.•44 views

CVE-2021-27271

7.8CVSS7.8AI score0.04545EPSS

CVE•added 2021/03/30 3:15 p.m.•42 views

CVE-2021-27262

4.3CVSS3.8AI score0.03774EPSS

CVE•added 2021/03/30 3:15 p.m.•42 views

CVE-2021-27265

4.3CVSS3.8AI score0.03774EPSS

CVE•added 2021/03/30 3:15 p.m.•41 views

CVE-2021-27267

7.8CVSS7.8AI score0.03065EPSS

CVE•added 2021/03/30 3:15 p.m.•41 views

CVE-2021-27268

7.8CVSS7.8AI score0.03065EPSS

CVE•added 2021/03/30 3:15 p.m.•39 views

CVE-2021-27266

4.3CVSS3.8AI score0.03774EPSS

CVE•added 2021/05/07 9:15 p.m.•38 views

CVE-2021-31442

7.8CVSS7.8AI score0.01606EPSS

CVE•added 2021/08/11 8:15 p.m.•37 views

CVE-2021-33794

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction.

9.1CVSS8.7AI score0.00027EPSS

CVE•added 2021/03/30 3:15 p.m.•36 views

CVE-2021-27263

4.3CVSS3.8AI score0.07133EPSS

CVE•added 2021/05/07 9:15 p.m.•36 views

CVE-2021-31446

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

4.3CVSS3.4AI score0.02844EPSS

CVE•added 2021/05/07 9:15 p.m.•35 views

CVE-2021-31448

4.3CVSS3.4AI score0.02145EPSS

CVE•added 2021/05/07 9:15 p.m.•34 views

CVE-2021-31445

4.3CVSS3.4AI score0.01901EPSS

CVE•added 2021/05/07 9:15 p.m.•33 views

CVE-2021-31449

7.8CVSS7.8AI score0.02166EPSS

CVE•added 2021/05/07 9:15 p.m.•32 views

CVE-2021-31447