Foxit Pdf Editor vulnerabilities
266 known vulnerabilities affecting foxit/pdf_editor.
Total CVEs
266
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH197MEDIUM36LOW30
Vulnerabilities
Page 10 of 14
CVE-2024-30363MEDIUMCVSS 5.5≤ 11.1.6.0109≥ 12.0.0.0601, ≤ 12.1.2.55366+7 more2024-04-02
CVE-2024-30363 [MEDIUM] CWE-125 CVE-2024-30363: Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vuln
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2024-30356LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0.49893, ≤ 11.2.8.53842+3 more2024-04-02
CVE-2024-30356 [LOW] CWE-125 CVE-2024-30356: Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerabilit
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific f
nvd
CVE-2024-30347LOWCVSS 3.3fixed in 10.1.12.37872≥ 11.0.0, < 11.2.8.53842+3 more2024-04-02
CVE-2024-30347 [LOW] CWE-125 CVE-2024-30347: Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vuln
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The sp
nvd
CVE-2024-30350LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0.49893, ≤ 11.2.8.53842+3 more2024-04-02
CVE-2024-30350 [LOW] CWE-125 CVE-2024-30350: Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerabil
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
nvd
CVE-2024-30364LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0.49893, ≤ 11.2.8.53842+3 more2024-04-02
CVE-2024-30364 [LOW] CWE-125 CVE-2024-30364: Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vuln
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The sp
nvd
CVE-2024-30340LOWCVSS 3.3≤ 11.2.8.53842≥ 12.0.0, ≤ 12.1.4.15400+2 more2024-04-02
CVE-2024-30340 [LOW] CWE-125 CVE-2024-30340: Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerabil
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
nvd
CVE-2024-25858HIGHCVSS 8.4fixed in 2024.42024-03-05
CVE-2024-25858 [HIGH] CWE-450 CVE-2024-25858: In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could
In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands.
nvd
CVE-2023-33240HIGHCVSS 7.8≤ 10.1.11.37866≥ 11.0.0, ≤ 11.2.5.53785+1 more2023-05-19
CVE-2023-33240 [HIGH] CWE-276 CVE-2023-33240: Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x
Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system servic
nvd
CVE-2022-37391HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37391 [HIGH] CWE-416 CVE-2022-37391: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack o
nvd
CVE-2022-43637HIGHCVSS 7.8fixed in 10.1.10≥ 11.0.0, < 11.2.4+1 more2023-03-29
CVE-2022-43637 [HIGH] CWE-416 CVE-2022-43637: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of
nvd
CVE-2022-37390HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37390 [HIGH] CWE-416 CVE-2022-37390: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack o
nvd
CVE-2022-37385HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37385 [HIGH] CWE-416 CVE-2022-37385: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack
nvd
CVE-2022-37384HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37384 [HIGH] CWE-416 CVE-2022-37384: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the delay method. The issue results from the lack of validat
nvd
CVE-2022-43641HIGHCVSS 7.8fixed in 10.1.10≥ 11.0.0, < 11.2.4+1 more2023-03-29
CVE-2022-43641 [HIGH] CWE-416 CVE-2022-43641: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the
nvd
CVE-2022-37389HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37389 [HIGH] CWE-416 CVE-2022-37389: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack o
nvd
CVE-2022-43638HIGHCVSS 7.8fixed in 10.1.10≥ 11.0.0, < 11.2.4+1 more2023-03-29
CVE-2022-43638 [HIGH] CWE-416 CVE-2022-43638: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of
nvd
CVE-2022-43639HIGHCVSS 7.8fixed in 10.1.10≥ 11.0.0, < 11.2.4+1 more2023-03-29
CVE-2022-43639 [HIGH] CWE-416 CVE-2022-43639: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of
nvd
CVE-2022-43649HIGHCVSS 7.8fixed in 10.1.11≥ 11.0.0, < 11.2.5+1 more2023-03-29
CVE-2022-43649 [HIGH] CWE-416 CVE-2022-43649: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.12465. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2022-37381HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37381 [HIGH] CWE-416 CVE-2022-37381: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AFSpecial_KeystrokeEx method. The issue results from the lack of vali
nvd
CVE-2022-37377HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+2 more2023-03-29
CVE-2022-37377 [HIGH] CWE-843 CVE-2022-37377: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537;. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JavaScript optimizations. The issue results from an imprope
nvd