Vendor CVEs
Foxitsoftware
All CVEs
1,142 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-32664 | 0.00 | — | 0.01 | Jul 19, 2023 | A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. Specially crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. User would need to open a… | |||
| CVE-2023-33876 | 0.00 | — | 0.01 | Jul 19, 2023 | A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. Specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in… | |||
| CVE-2023-33240 | 0.00 | — | 0.00 | May 19, 2023 | Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory… | |||
| CVE-2023-27769 | 0.00 | — | 0.00 | Apr 4, 2023 | An issue found in Wondershare Technology Co.,Ltd PDF Reader v.1.0.1 allows a remote attacker to execute arbitrary commands via the pdfreader_setup_full13143.exe file. | |||
| CVE-2022-37387 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37378 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-43638 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-43641 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-43639 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37391 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37388 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37385 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37384 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37379 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-37386 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-43649 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.12465. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37376 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-37382 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-37389 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37390 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-43637 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-37377 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537;. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-43640 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-37380 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-37381 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within… | |||
| CVE-2022-37383 | 0.00 | — | 0.01 | Mar 29, 2023 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-24908 | 0.00 | — | 0.01 | Mar 28, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-24907 | 0.00 | — | 0.01 | Mar 28, 2023 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-47881 | 0.00 | — | 0.01 | Jan 18, 2023 | Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability. | |||
| CVE-2022-40129 | 0.00 | — | 0.01 | Nov 21, 2022 | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code… | |||
| CVE-2022-38097 | 0.00 | — | 0.01 | Nov 21, 2022 | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. By prematurely destroying annotation objects, a specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code… | |||
| CVE-2022-32774 | 0.00 | — | 0.01 | Nov 21, 2022 | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. By prematurely deleting objects associated with pages, a specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to… | |||
| CVE-2022-43310 | 0.00 | — | 0.02 | Nov 9, 2022 | An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows attackers to escalate privileges when searching for DLL libraries without specifying an absolute path. | |||
| CVE-2021-40326 | 0.00 | — | 0.00 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification. | |||
| CVE-2021-41780 | 0.00 | — | 0.01 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | |||
| CVE-2021-41781 | 0.00 | — | 0.01 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | |||
| CVE-2021-41782 | 0.00 | — | 0.01 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | |||
| CVE-2021-41783 | 0.00 | — | 0.01 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | |||
| CVE-2021-41784 | 0.00 | — | 0.01 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | |||
| CVE-2021-41785 | 0.00 | — | 0.01 | Aug 29, 2022 | Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. | |||
| CVE-2022-25641 | 0.00 | — | 0.00 | Aug 29, 2022 | Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack… | |||
| CVE-2022-26979 | 0.00 | — | 0.01 | Aug 6, 2022 | Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for oState of Collab.addStateModel, because this.Span.text can be NULL. | |||
| CVE-2022-27944 | 0.00 | — | 0.01 | Aug 6, 2022 | Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference. | |||
| CVE-2022-34875 | 0.00 | — | 0.01 | Jul 18, 2022 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-34874 | 0.00 | — | 0.01 | Jul 18, 2022 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-34873 | 0.00 | — | 0.01 | Jul 18, 2022 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-28683 | 0.00 | — | 0.01 | Jul 18, 2022 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-28682 | 0.00 | — | 0.01 | Jul 18, 2022 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2022-28681 | 0.00 | — | 0.01 | Jul 18, 2022 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2022-28680 | 0.00 | — | 0.01 | Jul 18, 2022 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… |
- CVE-2023-32664Jul 19, 2023risk 0.00cvss —epss 0.01
A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. Specially crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. User would need to open a…
- CVE-2023-33876Jul 19, 2023risk 0.00cvss —epss 0.01
A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. Specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in…
- CVE-2023-33240May 19, 2023risk 0.00cvss —epss 0.00
Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory…
- CVE-2023-27769Apr 4, 2023risk 0.00cvss —epss 0.00
An issue found in Wondershare Technology Co.,Ltd PDF Reader v.1.0.1 allows a remote attacker to execute arbitrary commands via the pdfreader_setup_full13143.exe file.
- CVE-2022-37387Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37378Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-43638Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-43641Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-43639Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37391Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37388Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37385Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37384Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37379Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-37386Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-43649Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.12465. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37376Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-37382Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-37389Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37390Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-43637Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-37377Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537;. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-43640Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-37380Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-37381Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within…
- CVE-2022-37383Mar 29, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-24908Mar 28, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-24907Mar 28, 2023risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-47881Jan 18, 2023risk 0.00cvss —epss 0.01
Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability.
- CVE-2022-40129Nov 21, 2022risk 0.00cvss —epss 0.01
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code…
- CVE-2022-38097Nov 21, 2022risk 0.00cvss —epss 0.01
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. By prematurely destroying annotation objects, a specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code…
- CVE-2022-32774Nov 21, 2022risk 0.00cvss —epss 0.01
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. By prematurely deleting objects associated with pages, a specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to…
- CVE-2022-43310Nov 9, 2022risk 0.00cvss —epss 0.02
An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows attackers to escalate privileges when searching for DLL libraries without specifying an absolute path.
- CVE-2021-40326Aug 29, 2022risk 0.00cvss —epss 0.00
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.
- CVE-2021-41780Aug 29, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
- CVE-2021-41781Aug 29, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
- CVE-2021-41782Aug 29, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
- CVE-2021-41783Aug 29, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
- CVE-2021-41784Aug 29, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
- CVE-2021-41785Aug 29, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
- CVE-2022-25641Aug 29, 2022risk 0.00cvss —epss 0.00
Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack…
- CVE-2022-26979Aug 6, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for oState of Collab.addStateModel, because this.Span.text can be NULL.
- CVE-2022-27944Aug 6, 2022risk 0.00cvss —epss 0.01
Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference.
- CVE-2022-34875Jul 18, 2022risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-34874Jul 18, 2022risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-34873Jul 18, 2022risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-28683Jul 18, 2022risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-28682Jul 18, 2022risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2022-28681Jul 18, 2022risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2022-28680Jul 18, 2022risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
Page 13 of 23