Foxit Reader for Mac
CVEs (178)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-38570 | 0.00 | — | 0.01 | Aug 11, 2021 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to delete arbitrary files (during uninstallation) via a symlink. | |||
| CVE-2021-38571 | 0.00 | — | 0.01 | Aug 11, 2021 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502. | |||
| CVE-2021-38572 | 0.00 | — | 0.01 | Aug 11, 2021 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because the extractPages pathname is not validated. | |||
| CVE-2021-38573 | 0.00 | — | 0.01 | Aug 11, 2021 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because a CombineFiles pathname is not validated. | |||
| CVE-2021-38574 | 0.00 | — | 0.01 | Aug 11, 2021 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows SQL Injection via crafted data at the end of a string. | |||
| CVE-2021-33794 | 0.00 | — | 0.01 | Aug 11, 2021 | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction. | |||
| CVE-2021-33792 | 0.00 | — | 0.02 | Jul 9, 2021 | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write via a crafted /Size key in the Trailer dictionary. | |||
| CVE-2021-33795 | 0.00 | — | 0.01 | Jul 9, 2021 | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled. | |||
| CVE-2021-31473 | 0.00 | — | 0.06 | May 21, 2021 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2021-31468 | 0.00 | — | 0.03 | May 7, 2021 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2021-31463 | 0.00 | — | 0.02 | May 7, 2021 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific… | |||
| CVE-2021-31464 | 0.00 | — | 0.02 | May 7, 2021 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific… | |||
| CVE-2021-31462 | 0.00 | — | 0.02 | May 7, 2021 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific… | |||
| CVE-2021-31461 | 0.00 | — | 0.04 | May 7, 2021 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2021-31459 | 0.00 | — | 0.03 | May 7, 2021 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2021-31458 | 0.00 | — | 0.03 | May 7, 2021 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2021-31457 | 0.00 | — | 0.03 | May 7, 2021 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2021-31456 | 0.00 | — | 0.03 | May 7, 2021 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2021-31454 | 0.00 | — | 0.03 | May 7, 2021 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2021-31455 | 0.00 | — | 0.03 | May 7, 2021 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… |
- CVE-2021-38570Aug 11, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to delete arbitrary files (during uninstallation) via a symlink.
- CVE-2021-38571Aug 11, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502.
- CVE-2021-38572Aug 11, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because the extractPages pathname is not validated.
- CVE-2021-38573Aug 11, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because a CombineFiles pathname is not validated.
- CVE-2021-38574Aug 11, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows SQL Injection via crafted data at the end of a string.
- CVE-2021-33794Aug 11, 2021risk 0.00cvss —epss 0.01
Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction.
- CVE-2021-33792Jul 9, 2021risk 0.00cvss —epss 0.02
Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write via a crafted /Size key in the Trailer dictionary.
- CVE-2021-33795Jul 9, 2021risk 0.00cvss —epss 0.01
Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled.
- CVE-2021-31473May 21, 2021risk 0.00cvss —epss 0.06
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2021-31468May 7, 2021risk 0.00cvss —epss 0.03
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2021-31463May 7, 2021risk 0.00cvss —epss 0.02
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…
- CVE-2021-31464May 7, 2021risk 0.00cvss —epss 0.02
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…
- CVE-2021-31462May 7, 2021risk 0.00cvss —epss 0.02
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…
- CVE-2021-31461May 7, 2021risk 0.00cvss —epss 0.04
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2021-31459May 7, 2021risk 0.00cvss —epss 0.03
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2021-31458May 7, 2021risk 0.00cvss —epss 0.03
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2021-31457May 7, 2021risk 0.00cvss —epss 0.03
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2021-31456May 7, 2021risk 0.00cvss —epss 0.03
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2021-31454May 7, 2021risk 0.00cvss —epss 0.03
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2021-31455May 7, 2021risk 0.00cvss —epss 0.03
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
Page 2 of 9