PDF Reader
CVEs (473)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-5940 | Hig | 0.51 | 7.8 | 0.00 | Apr 27, 2026 | Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes. | ||
| CVE-2026-3779 | Hig | 0.51 | 7.8 | 0.00 | Apr 1, 2026 | The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution. | ||
| CVE-2026-3775 | Hig | 0.51 | 7.8 | 0.00 | Apr 1, 2026 | The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and… | ||
| CVE-2018-3961 | Hig | 0.51 | 7.8 | 0.02 | Oct 2, 2018 | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Creator property of the this.info object. An attacker needs to trick the user to open the malicious… | ||
| CVE-2018-3960 | Hig | 0.51 | 7.8 | 0.02 | Oct 2, 2018 | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Producer property of the this.info object. An attacker needs to trick the user to open the malicious… | ||
| CVE-2018-3959 | Hig | 0.51 | 7.8 | 0.02 | Oct 2, 2018 | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Author property of the this.info object. An attacker needs to trick the user to open the malicious file… | ||
| CVE-2018-3958 | Hig | 0.51 | 7.8 | 0.03 | Oct 2, 2018 | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Subject property of the this.info object. An attacker needs to trick the user to open the malicious… | ||
| CVE-2018-3957 | Hig | 0.51 | 7.8 | 0.03 | Oct 2, 2018 | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Keywords property of the this.info object. An attacker needs to trick the user to open the malicious… | ||
| CVE-2016-4064 | Hig | 0.51 | 7.8 | 0.04 | Apr 22, 2016 | Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call. | ||
| CVE-2018-3962 | Hig | 0.48 | 7.3 | 0.03 | Oct 2, 2018 | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the CreationDate property of the this.info object. An attacker needs to trick the user to open the… | ||
| CVE-2026-3780 | Hig | 0.47 | 7.3 | 0.00 | Apr 1, 2026 | The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed… | ||
| CVE-2016-8334 | Med | 0.46 | 6.8 | 0.18 | Jan 6, 2017 | A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR. | ||
| CVE-2017-16584 | Med | 0.42 | 6.5 | 0.03 | Dec 20, 2017 | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific… | ||
| CVE-2017-16579 | Med | 0.42 | 6.5 | 0.02 | Dec 20, 2017 | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific… | ||
| CVE-2017-16573 | Med | 0.42 | 6.5 | 0.02 | Dec 20, 2017 | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific… | ||
| CVE-2026-3778 | Med | 0.40 | 6.2 | 0.00 | Apr 1, 2026 | The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs (e.g., SOAP) that perform deep traversal can cause… | ||
| CVE-2026-5942 | Med | 0.36 | 5.5 | 0.00 | Apr 27, 2026 | Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program. | ||
| CVE-2026-5939 | Med | 0.36 | 5.5 | 0.00 | Apr 27, 2026 | A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution. | ||
| CVE-2026-5938 | Med | 0.36 | 5.5 | 0.00 | Apr 27, 2026 | Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service. | ||
| CVE-2026-5937 | Med | 0.36 | 5.5 | 0.00 | Apr 27, 2026 | Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalid_argument" exception, ultimately causing the program to terminate. |
- risk 0.51cvss 7.8epss 0.00
Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes.
- risk 0.51cvss 7.8epss 0.00
The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution.
- risk 0.51cvss 7.8epss 0.00
The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and…
- risk 0.51cvss 7.8epss 0.02
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Creator property of the this.info object. An attacker needs to trick the user to open the malicious…
- risk 0.51cvss 7.8epss 0.02
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Producer property of the this.info object. An attacker needs to trick the user to open the malicious…
- risk 0.51cvss 7.8epss 0.02
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Author property of the this.info object. An attacker needs to trick the user to open the malicious file…
- risk 0.51cvss 7.8epss 0.03
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Subject property of the this.info object. An attacker needs to trick the user to open the malicious…
- risk 0.51cvss 7.8epss 0.03
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Keywords property of the this.info object. An attacker needs to trick the user to open the malicious…
- risk 0.51cvss 7.8epss 0.04
Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call.
- risk 0.48cvss 7.3epss 0.03
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the CreationDate property of the this.info object. An attacker needs to trick the user to open the…
- risk 0.47cvss 7.3epss 0.00
The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed…
- risk 0.46cvss 6.8epss 0.18
A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR.
- risk 0.42cvss 6.5epss 0.03
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…
- risk 0.42cvss 6.5epss 0.02
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…
- risk 0.42cvss 6.5epss 0.02
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…
- risk 0.40cvss 6.2epss 0.00
The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs (e.g., SOAP) that perform deep traversal can cause…
- risk 0.36cvss 5.5epss 0.00
Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program.
- risk 0.36cvss 5.5epss 0.00
A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution.
- risk 0.36cvss 5.5epss 0.00
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service.
- risk 0.36cvss 5.5epss 0.00
Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalid_argument" exception, ultimately causing the program to terminate.
Page 2 of 24