Foxit Pdf Editor vulnerabilities
257 known vulnerabilities affecting foxit/pdf_editor.
Total CVEs
257
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH193MEDIUM31LOW30
Vulnerabilities
Page 10 of 13
CVE-2022-37391HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37391 [HIGH] CWE-416 CVE-2022-37391: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack o
nvd
CVE-2022-43637HIGHCVSS 7.8fixed in 10.1.10≥ 11.0.0, < 11.2.4+1 more2023-03-29
CVE-2022-43637 [HIGH] CWE-416 CVE-2022-43637: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of
nvd
CVE-2022-37390HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37390 [HIGH] CWE-416 CVE-2022-37390: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack o
nvd
CVE-2022-37385HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37385 [HIGH] CWE-416 CVE-2022-37385: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack
nvd
CVE-2022-37384HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37384 [HIGH] CWE-416 CVE-2022-37384: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the delay method. The issue results from the lack of validat
nvd
CVE-2022-43641HIGHCVSS 7.8fixed in 10.1.10≥ 11.0.0, < 11.2.4+1 more2023-03-29
CVE-2022-43641 [HIGH] CWE-416 CVE-2022-43641: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the
nvd
CVE-2022-37389HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37389 [HIGH] CWE-416 CVE-2022-37389: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack o
nvd
CVE-2022-43638HIGHCVSS 7.8fixed in 10.1.10≥ 11.0.0, < 11.2.4+1 more2023-03-29
CVE-2022-43638 [HIGH] CWE-416 CVE-2022-43638: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of
nvd
CVE-2022-43639HIGHCVSS 7.8fixed in 10.1.10≥ 11.0.0, < 11.2.4+1 more2023-03-29
CVE-2022-43639 [HIGH] CWE-416 CVE-2022-43639: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of
nvd
CVE-2022-43649HIGHCVSS 7.8fixed in 10.1.11≥ 11.0.0, < 11.2.5+1 more2023-03-29
CVE-2022-43649 [HIGH] CWE-416 CVE-2022-43649: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.12465. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2022-37381HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37381 [HIGH] CWE-416 CVE-2022-37381: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AFSpecial_KeystrokeEx method. The issue results from the lack of vali
nvd
CVE-2022-37378HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+2 more2023-03-29
CVE-2022-37378 [HIGH] CWE-416 CVE-2022-37378: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the optimization of JavaScript functions. The issue results
cvelistv5nvd
CVE-2022-37387HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37387 [HIGH] CWE-416 CVE-2022-37387: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack o
nvd
CVE-2022-37388HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37388 [HIGH] CWE-125 CVE-2022-37388: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can tri
nvd
CVE-2022-43640MEDIUMCVSS 5.5fixed in 10.1.10≥ 11.0.0, < 11.2.4+1 more2023-03-29
CVE-2022-43640 [MEDIUM] CWE-125 CVE-2022-43640: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF fi
nvd
CVE-2022-37386MEDIUMCVSS 5.5fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37386 [MEDIUM] CWE-125 CVE-2022-37386: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the resetForm method. By performing actions in Jav
nvd
CVE-2022-37382MEDIUMCVSS 5.5fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37382 [MEDIUM] CWE-416 CVE-2022-37382: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeIcon method. The issue results from the
nvd
CVE-2022-37379MEDIUMCVSS 5.5fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37379 [MEDIUM] CWE-416 CVE-2022-37379: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the AFSpecial_KeystrokeEx method.
nvd
CVE-2022-37380MEDIUMCVSS 5.5fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37380 [MEDIUM] CWE-125 CVE-2022-37380: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ADBC objects. By performing action
nvd
CVE-2022-37383MEDIUMCVSS 5.5fixed in 10.1.9≥ 11.0.0, < 11.2.3+1 more2023-03-29
CVE-2022-37383 [MEDIUM] CWE-125 CVE-2022-37383: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions
nvd