cbcvebase.

Foxit Pdf Reader vulnerabilities

310 known vulnerabilities affecting foxit/pdf_reader.

Total CVEs
310
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH239MEDIUM38LOW30

Vulnerabilities

Page 11 of 16
CVE-2022-37384HIGHCVSS 7.8fixed in 12.0.1v11.2.1.535372023-03-29
CVE-2022-37384 [HIGH] CWE-416 CVE-2022-37384: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the delay method. The issue results from the lack of validat
nvd
CVE-2022-43641HIGHCVSS 7.8fixed in 12.0.2v12.0.1.124302023-03-29
CVE-2022-43641 [HIGH] CWE-416 CVE-2022-43641: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the
nvd
CVE-2022-37389HIGHCVSS 7.8fixed in 12.0.1v11.2.2.535752023-03-29
CVE-2022-37389 [HIGH] CWE-416 CVE-2022-37389: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack o
nvd
CVE-2022-43638HIGHCVSS 7.8fixed in 12.0.2v12.0.1.124302023-03-29
CVE-2022-43638 [HIGH] CWE-416 CVE-2022-43638: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of
nvd
CVE-2022-43639HIGHCVSS 7.8fixed in 12.0.2v12.0.1.124302023-03-29
CVE-2022-43639 [HIGH] CWE-416 CVE-2022-43639: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of
nvd
CVE-2022-43649HIGHCVSS 7.8fixed in 12.1v12.0.2.124652023-03-29
CVE-2022-43649 [HIGH] CWE-416 CVE-2022-43649: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.12465. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2022-37381HIGHCVSS 7.8fixed in 12.0.1v11.2.1.535372023-03-29
CVE-2022-37381 [HIGH] CWE-416 CVE-2022-37381: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AFSpecial_KeystrokeEx method. The issue results from the lack of vali
nvd
CVE-2022-37377HIGHCVSS 7.8fixed in 12.0.12023-03-29
CVE-2022-37377 [HIGH] CWE-843 CVE-2022-37377: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537;. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JavaScript optimizations. The issue results from an imprope
nvd
CVE-2022-37378HIGHCVSS 7.8fixed in 12.0.12023-03-29
CVE-2022-37378 [HIGH] CWE-416 CVE-2022-37378: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the optimization of JavaScript functions. The issue results
nvd
CVE-2022-37387HIGHCVSS 7.8fixed in 12.0.1v11.2.2.535752023-03-29
CVE-2022-37387 [HIGH] CWE-416 CVE-2022-37387: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack o
nvd
CVE-2022-37388HIGHCVSS 7.8fixed in 12.0.1v11.2.2.535752023-03-29
CVE-2022-37388 [HIGH] CWE-125 CVE-2022-37388: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can tri
nvd
CVE-2022-43640MEDIUMCVSS 5.5fixed in 12.0.2v12.0.1.124302023-03-29
CVE-2022-43640 [MEDIUM] CWE-125 CVE-2022-43640: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12.0.1.12430. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF fi
nvd
CVE-2022-37386MEDIUMCVSS 5.5fixed in 12.0.1v11.2.2.535752023-03-29
CVE-2022-37386 [MEDIUM] CWE-125 CVE-2022-37386: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the resetForm method. By performing actions in Jav
nvd
CVE-2022-37382MEDIUMCVSS 5.5fixed in 12.0.1v11.2.1.535372023-03-29
CVE-2022-37382 [MEDIUM] CWE-416 CVE-2022-37382: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeIcon method. The issue results from the
nvd
CVE-2022-37379MEDIUMCVSS 5.5fixed in 12.0.1v11.2.1.535372023-03-29
CVE-2022-37379 [MEDIUM] CWE-416 CVE-2022-37379: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the AFSpecial_KeystrokeEx method.
nvd
CVE-2022-37380MEDIUMCVSS 5.5fixed in 12.0.1v11.2.1.535372023-03-29
CVE-2022-37380 [MEDIUM] CWE-125 CVE-2022-37380: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ADBC objects. By performing action
nvd
CVE-2022-37383MEDIUMCVSS 5.5fixed in 12.0.1v11.2.1.535372023-03-29
CVE-2022-37383 [MEDIUM] CWE-125 CVE-2022-37383: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions
nvd
CVE-2022-37376LOWCVSS 3.3fixed in 12.0.12023-03-29
CVE-2022-37376 [LOW] CWE-125 CVE-2022-37376: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of arrays. By performing actions in Java
nvd
CVE-2022-24908HIGHCVSS 7.8fixed in 11.2.1v11.1.0.525432023-03-28
CVE-2022-24908 [HIGH] CWE-125 CVE-2022-24908: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. Crafted data in a JP2 image can t
nvd
CVE-2022-24907HIGHCVSS 7.8fixed in 11.2.1v11.1.0.525432023-03-28
CVE-2022-24907 [HIGH] CWE-125 CVE-2022-24907: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. Crafted data in a JP2 image can t
nvd
← Previous11 / 16Next →