PDF Editor
CVEs (66)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-34955 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor Stamp Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target… | |||
| CVE-2021-34954 | 0.00 | — | 0.00 | May 7, 2024 | Foxit PDF Editor StrikeOut Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the… | |||
| CVE-2023-27365 | 0.00 | — | 0.01 | May 3, 2024 | Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that… | |||
| CVE-2023-27364 | 0.00 | — | 0.01 | May 3, 2024 | Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that… | |||
| CVE-2023-33240 | 0.00 | — | 0.00 | May 19, 2023 | Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory… | |||
| CVE-2022-37377 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537;. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37378 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37376 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-47881 | 0.00 | — | 0.01 | Jan 18, 2023 | Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability. | |||
| CVE-2021-40326 | 0.00 | — | 0.00 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification. | |||
| CVE-2021-41780 | 0.00 | — | 0.01 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | |||
| CVE-2021-41781 | 0.00 | — | 0.01 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | |||
| CVE-2021-41785 | 0.00 | — | 0.01 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | |||
| CVE-2022-25641 | 0.00 | — | 0.00 | Aug 29, 2022 | Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack… | |||
| CVE-2022-26979 | 0.00 | — | 0.01 | Aug 6, 2022 | Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for oState of Collab.addStateModel, because this.Span.text can be NULL. | |||
| CVE-2022-27944 | 0.00 | — | 0.01 | Aug 6, 2022 | Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference. | |||
| CVE-2022-28104 | 0.00 | — | 0.02 | May 20, 2022 | Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability. | |||
| CVE-2022-30557 | 0.00 | — | 0.04 | May 11, 2022 | Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution. | |||
| CVE-2022-24955 | 0.00 | — | 0.01 | Feb 11, 2022 | Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files. | |||
| CVE-2021-45980 | 0.00 | — | 0.02 | Jan 4, 2022 | Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API. |
- CVE-2021-34955May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor Stamp Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target…
- CVE-2021-34954May 7, 2024risk 0.00cvss —epss 0.00
Foxit PDF Editor StrikeOut Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…
- CVE-2023-27365May 3, 2024risk 0.00cvss —epss 0.01
Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that…
- CVE-2023-27364May 3, 2024risk 0.00cvss —epss 0.01
Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that…
- CVE-2023-33240May 19, 2023risk 0.00cvss —epss 0.00
Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory…
- CVE-2022-37377Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537;. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37378Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37376Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-47881Jan 18, 2023risk 0.00cvss —epss 0.01
Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability.
- CVE-2021-40326Aug 29, 2022risk 0.00cvss —epss 0.00
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.
- CVE-2021-41780Aug 29, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
- CVE-2021-41781Aug 29, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
- CVE-2021-41785Aug 29, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
- CVE-2022-25641Aug 29, 2022risk 0.00cvss —epss 0.00
Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack…
- CVE-2022-26979Aug 6, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for oState of Collab.addStateModel, because this.Span.text can be NULL.
- CVE-2022-27944Aug 6, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference.
- CVE-2022-28104May 20, 2022risk 0.00cvss —epss 0.02
Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability.
- CVE-2022-30557May 11, 2022risk 0.00cvss —epss 0.04
Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution.
- CVE-2022-24955Feb 11, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files.
- CVE-2021-45980Jan 4, 2022risk 0.00cvss —epss 0.02
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API.
Page 3 of 4