Foxit Pdf Editor vulnerabilities
257 known vulnerabilities affecting foxit/pdf_editor.
Total CVEs
257
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH193MEDIUM31LOW30
Vulnerabilities
Page 7 of 13
CVE-2023-38105LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0, ≤ 11.2.6.53790+1 more2024-05-03
CVE-2023-38105 [LOW] CWE-125 CVE-2023-38105: Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vuln
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The sp
nvd
CVE-2023-51559LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0, ≤ 11.2.7.53812+9 more2024-05-03
CVE-2023-51559 [LOW] CWE-125 CVE-2023-51559: Foxit PDF Reader Doc Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allo
Foxit PDF Reader Doc Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists wit
nvd
CVE-2023-51554LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0, ≤ 11.2.7.53812+9 more2024-05-03
CVE-2023-51554 [LOW] CWE-416 CVE-2023-51554: Foxit PDF Reader Signature Use-After-Free Information Disclosure Vulnerability. This vulnerability a
Foxit PDF Reader Signature Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw
nvd
CVE-2023-38110LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0, ≤ 11.2.6.53790+3 more2024-05-03
CVE-2023-38110 [LOW] CWE-125 CVE-2023-38110: Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This v
Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2023-51558LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0, ≤ 11.2.7.53812+4 more2024-05-03
CVE-2023-51558 [LOW] CWE-125 CVE-2023-51558: Foxit PDF Reader AcroForm Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerab
Foxit PDF Reader AcroForm Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specif
nvd
CVE-2023-42098LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0, ≤ 11.2.7.53812+2 more2024-05-03
CVE-2023-42098 [LOW] CWE-416 CVE-2023-42098: Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw
nvd
CVE-2024-25648HIGHCVSS 8.8≤ 11.2.8.53842≥ 12.0.0.12394, ≤ 12.1.4.15400+8 more2024-04-30
CVE-2024-25648 [HIGH] CWE-416 CVE-2024-25648: A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widg
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the mali
nvd
CVE-2024-25938HIGHCVSS 8.8≤ 11.2.8.53842≥ 12.0.0.12394, ≤ 12.1.4.15400+6 more2024-04-30
CVE-2024-25938 [HIGH] CWE-416 CVE-2024-25938: A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widge
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malic
nvd
CVE-2024-25575HIGHCVSS 8.8≤ 11.2.8.53842≥ 12.0.0.12394, ≤ 12.1.4.15400+6 more2024-04-30
CVE-2024-25575 [HIGH] CWE-843 CVE-2024-25575: A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a
A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious
nvd
CVE-2024-32488HIGHCVSS 7.8fixed in 10.1.12.37872≥ 11.0.0, < 11.2.8.53842+3 more2024-04-15
CVE-2024-32488 [HIGH] CWE-280 CVE-2024-32488: In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update c
In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there.
nvd
CVE-2024-30334HIGHCVSS 7.8fixed in 10.1.12.37872≥ 11.0.0.49893, < 11.2.8.53842+3 more2024-04-03
CVE-2024-30334 [HIGH] CWE-416 CVE-2024-30334: Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability a
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
nvd
CVE-2024-30325HIGHCVSS 7.8≤ 10.1.12.37872≥ 11.0.0.49893, ≤ 11.2.8.53842+3 more2024-04-03
CVE-2024-30325 [HIGH] CWE-416 CVE-2024-30325: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
nvd
CVE-2024-30323HIGHCVSS 7.8≤ 10.1.12.37872≥ 11.0.0.49893, ≤ 11.2.8.53842+3 more2024-04-03
CVE-2024-30323 [HIGH] CWE-125 CVE-2024-30323: Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability
Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exis
nvd
CVE-2024-30332HIGHCVSS 7.8fixed in 10.1.12.37872≥ 11.0.0.49893, < 11.2.8.53842+3 more2024-04-03
CVE-2024-30332 [HIGH] CWE-416 CVE-2024-30332: Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability a
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
nvd
CVE-2024-30324HIGHCVSS 7.8≤ 11.1.6.0109≥ 12.0.0.0601, ≤ 12.1.2.55366+7 more2024-04-03
CVE-2024-30324 [HIGH] CWE-416 CVE-2024-30324: Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability a
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
nvd
CVE-2024-30333HIGHCVSS 7.8fixed in 10.1.12.37872≥ 11.0.0.49893, < 11.2.8.53842+3 more2024-04-03
CVE-2024-30333 [HIGH] CWE-416 CVE-2024-30333: Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability a
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
nvd
CVE-2024-30366HIGHCVSS 7.8fixed in 11.1.6.0109≥ 12.0.0.0601, < 12.1.2.55366+7 more2024-04-03
CVE-2024-30366 [HIGH] CWE-416 CVE-2024-30366: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
nvd
CVE-2024-30331HIGHCVSS 7.8fixed in 11.1.6.0109≥ 12.0.0.0601, < 12.1.2.55366+7 more2024-04-03
CVE-2024-30331 [HIGH] CWE-416 CVE-2024-30331: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
nvd
CVE-2024-30328HIGHCVSS 7.8≤ 11.1.6.0109≥ 12.0.0.0601, ≤ 12.1.2.55366+7 more2024-04-03
CVE-2024-30328 [HIGH] CWE-416 CVE-2024-30328: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
nvd
CVE-2024-30330HIGHCVSS 7.8fixed in 10.1.12.37872≥ 11.0.0, ≤ 11.2.8.53842+3 more2024-04-03
CVE-2024-30330 [HIGH] CWE-416 CVE-2024-30330: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
nvd