Foxit Pdf Editor vulnerabilities
257 known vulnerabilities affecting foxit/pdf_editor.
Total CVEs
257
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH193MEDIUM31LOW30
Vulnerabilities
Page 9 of 13
CVE-2024-30351HIGHCVSS 7.8≤ 11.1.6.0109≥ 12.0.0.0601, ≤ 12.1.2.55366+7 more2024-04-02
CVE-2024-30351 [HIGH] CWE-416 CVE-2024-30351: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
nvd
CVE-2024-30354HIGHCVSS 7.8≤ 11.1.6.0109≥ 12.0.0.0601, ≤ 12.1.2.55366+7 more2024-04-02
CVE-2024-30354 [HIGH] CWE-416 CVE-2024-30354: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
nvd
CVE-2024-30362HIGHCVSS 7.8≤ 11.1.6.0109≥ 12.0.0.0601, ≤ 12.1.2.55366+7 more2024-04-02
CVE-2024-30362 [HIGH] CWE-416 CVE-2024-30362: Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerabi
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw
nvd
CVE-2024-30355HIGHCVSS 7.8≤ 10.1.12.37872≥ 11.0.0.49893, ≤ 11.2.8.53842+3 more2024-04-02
CVE-2024-30355 [HIGH] CWE-787 CVE-2024-30355: Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerabilit
Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exi
nvd
CVE-2024-30342HIGHCVSS 7.8≤ 11.1.6.0109≥ 12.0.0, ≤ 12.1.2.55366+6 more2024-04-02
CVE-2024-30342 [HIGH] CWE-416 CVE-2024-30342: Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability a
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
nvd
CVE-2024-30338HIGHCVSS 7.8≤ 11.2.8.53842≥ 12.0.0, ≤ 12.1.4.15400+2 more2024-04-02
CVE-2024-30338 [HIGH] CWE-416 CVE-2024-30338: Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability a
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
nvd
CVE-2024-30358HIGHCVSS 7.8≤ 10.1.12.37872≥ 11.0.0.49893, ≤ 11.2.8.53842+3 more2024-04-02
CVE-2024-30358 [HIGH] CWE-416 CVE-2024-30358: Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. This vulnerability al
Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
nvd
CVE-2024-30348HIGHCVSS 7.8≤ 11.1.6.0109≥ 12.0.0.0601, ≤ 12.1.2.55366+7 more2024-04-02
CVE-2024-30348 [HIGH] CWE-787 CVE-2024-30348: Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vuln
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
nvd
CVE-2024-30361HIGHCVSS 7.8≤ 11.1.6.0109≥ 12.0.0.0601, ≤ 12.1.2.55366+7 more2024-04-02
CVE-2024-30361 [HIGH] CWE-416 CVE-2024-30361: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
nvd
CVE-2024-30335HIGHCVSS 7.1≤ 11.2.8.53842≥ 12.0.0, ≤ 12.1.4.15400+2 more2024-04-02
CVE-2024-30335 [HIGH] CWE-125 CVE-2024-30335: Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This v
Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Th
nvd
CVE-2024-30337HIGHCVSS 7.8≤ 11.2.8.53842≥ 12.0.0, ≤ 12.1.4.15400+2 more2024-04-02
CVE-2024-30337 [HIGH] CWE-416 CVE-2024-30337: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
nvd
CVE-2024-30363MEDIUMCVSS 5.5≤ 11.1.6.0109≥ 12.0.0.0601, ≤ 12.1.2.55366+7 more2024-04-02
CVE-2024-30363 [MEDIUM] CWE-125 CVE-2024-30363: Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vuln
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2024-30356LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0.49893, ≤ 11.2.8.53842+3 more2024-04-02
CVE-2024-30356 [LOW] CWE-125 CVE-2024-30356: Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerabilit
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific f
nvd
CVE-2024-30347LOWCVSS 3.3fixed in 10.1.12.37872≥ 11.0.0, < 11.2.8.53842+3 more2024-04-02
CVE-2024-30347 [LOW] CWE-125 CVE-2024-30347: Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vuln
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The sp
nvd
CVE-2024-30350LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0.49893, ≤ 11.2.8.53842+3 more2024-04-02
CVE-2024-30350 [LOW] CWE-125 CVE-2024-30350: Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerabil
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
nvd
CVE-2024-30364LOWCVSS 3.3≤ 10.1.12.37872≥ 11.0.0.49893, ≤ 11.2.8.53842+3 more2024-04-02
CVE-2024-30364 [LOW] CWE-125 CVE-2024-30364: Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vuln
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The sp
nvd
CVE-2024-30340LOWCVSS 3.3≤ 11.2.8.53842≥ 12.0.0, ≤ 12.1.4.15400+2 more2024-04-02
CVE-2024-30340 [LOW] CWE-125 CVE-2024-30340: Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerabil
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
nvd
CVE-2024-25858HIGHCVSS 8.4fixed in 2024.42024-03-05
CVE-2024-25858 [HIGH] CWE-450 CVE-2024-25858: In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could
In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands.
nvd
CVE-2023-33240HIGHCVSS 7.8≤ 10.1.11.37866≥ 11.0.0, ≤ 11.2.5.53785+1 more2023-05-19
CVE-2023-33240 [HIGH] CWE-276 CVE-2023-33240: Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x
Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system servic
nvd
CVE-2022-37377HIGHCVSS 7.8fixed in 10.1.9≥ 11.0.0, < 11.2.3+2 more2023-03-29
CVE-2022-37377 [HIGH] CWE-843 CVE-2022-37377: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537;. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JavaScript optimizations. The issue results from an imprope
cvelistv5nvd