PDF Editor
CVEs (66)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13941 | 0.00 | — | 0.00 | Dec 19, 2025 | A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these… | |||
| CVE-2025-59803 | 0.00 | — | 0.00 | Dec 11, 2025 | Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the… | |||
| CVE-2025-59802 | 0.00 | — | 0.00 | Dec 11, 2025 | Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups (OCG) are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF… | |||
| CVE-2025-55310 | 0.00 | — | 0.00 | Dec 11, 2025 | An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup.… | |||
| CVE-2025-55308 | 0.00 | — | 0.00 | Dec 11, 2025 | An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A crafted PDF containing JavaScript that calls closeDoc() while internal objects are still in use can cause premature release of these objects. This use-after-free vulnerability may… | |||
| CVE-2025-55309 | 0.00 | — | 0.00 | Dec 11, 2025 | An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal… | |||
| CVE-2025-55307 | 0.00 | — | 0.00 | Dec 11, 2025 | An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query() with a crafted cDIPath parameter (e.g., "/") may cause an out-of-bounds read in internal path-parsing… | |||
| CVE-2021-34968 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor transitionToState Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the… | |||
| CVE-2021-34967 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Line Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target… | |||
| CVE-2021-34966 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor FileAttachment Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that… | |||
| CVE-2021-34965 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Squiggly Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the… | |||
| CVE-2021-34964 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Polygon Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the… | |||
| CVE-2021-34963 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor PolyLine Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the… | |||
| CVE-2021-34962 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Caret Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target… | |||
| CVE-2021-34961 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Ink Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target… | |||
| CVE-2021-34960 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the… | |||
| CVE-2021-34959 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Square Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the… | |||
| CVE-2021-34958 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Text Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target… | |||
| CVE-2021-34957 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Highlight Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the… | |||
| CVE-2021-34956 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Underline Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the… |
- CVE-2025-13941Dec 19, 2025risk 0.00cvss —epss 0.00
A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these…
- CVE-2025-59803Dec 11, 2025risk 0.00cvss —epss 0.00
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the…
- CVE-2025-59802Dec 11, 2025risk 0.00cvss —epss 0.00
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups (OCG) are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF…
- CVE-2025-55310Dec 11, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup.…
- CVE-2025-55308Dec 11, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A crafted PDF containing JavaScript that calls closeDoc() while internal objects are still in use can cause premature release of these objects. This use-after-free vulnerability may…
- CVE-2025-55309Dec 11, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal…
- CVE-2025-55307Dec 11, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query() with a crafted cDIPath parameter (e.g., "/") may cause an out-of-bounds read in internal path-parsing…
- CVE-2021-34968May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor transitionToState Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…
- CVE-2021-34967May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Line Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target…
- CVE-2021-34966May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor FileAttachment Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that…
- CVE-2021-34965May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Squiggly Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…
- CVE-2021-34964May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Polygon Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…
- CVE-2021-34963May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor PolyLine Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…
- CVE-2021-34962May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Caret Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target…
- CVE-2021-34961May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Ink Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target…
- CVE-2021-34960May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…
- CVE-2021-34959May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Square Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…
- CVE-2021-34958May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Text Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target…
- CVE-2021-34957May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Highlight Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…
- CVE-2021-34956May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Underline Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…
Page 2 of 4