VYPR

Foxit PDF and Editor

by Foxitsoftware

CVEs (16)

  • CVE-2025-55314Dec 11, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states…

  • CVE-2025-55313Dec 11, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. They allow potential arbitrary code execution when processing crafted PDF files. The vulnerability stems from insufficient handling of memory allocation failures after…

  • CVE-2025-55307Dec 11, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query() with a crafted cDIPath parameter (e.g., "/") may cause an out-of-bounds read in internal path-parsing…

  • CVE-2025-55311Dec 11, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital…

  • CVE-2025-55308Dec 11, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A crafted PDF containing JavaScript that calls closeDoc() while internal objects are still in use can cause premature release of these objects. This use-after-free vulnerability may…

  • CVE-2021-34960May 7, 2024
    risk 0.00cvss epss 0.00

    Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…

  • CVE-2021-34954May 7, 2024
    risk 0.00cvss epss 0.00

    Foxit PDF Editor StrikeOut Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the…

  • CVE-2024-32488Apr 15, 2024
    risk 0.00cvss epss 0.00

    In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there.

  • CVE-2024-25858Mar 5, 2024
    risk 0.00cvss epss 0.00

    In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands.

  • CVE-2021-41782Aug 29, 2022
    risk 0.00cvss epss 0.01

    Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

  • CVE-2021-41783Aug 29, 2022
    risk 0.00cvss epss 0.01

    Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

  • CVE-2021-41784Aug 29, 2022
    risk 0.00cvss epss 0.01

    Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

  • CVE-2022-27359May 5, 2022
    risk 0.00cvss epss 0.01

    Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a this.maildoc NULL pointer dereference.

  • CVE-2022-24954Feb 11, 2022
    risk 0.00cvss epss 0.12

    Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings.

  • CVE-2021-38564Aug 11, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows an out-of-bounds read via util.scand.

  • CVE-2021-38567Aug 11, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS. It mishandles missing dictionary entries, leading to a NULL pointer dereference, aka CNVD-C-2021-95204.