Foxit Pdf Reader vulnerabilities
310 known vulnerabilities affecting foxit/pdf_reader.
Total CVEs
310
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH239MEDIUM38LOW30
Vulnerabilities
Page 15 of 16
CVE-2021-38567HIGHCVSS 7.5≤ 11.0.0.05102021-08-11
CVE-2021-38567 [HIGH] CWE-476 CVE-2021-38567: An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS. It
An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS. It mishandles missing dictionary entries, leading to a NULL pointer dereference, aka CNVD-C-2021-95204.
nvd
CVE-2021-21893HIGHCVSS 8.8v11.0.0.498932021-08-05
CVE-2021-21893 [HIGH] CWE-416 CVE-2021-21893: A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, versi
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.0.0.49893. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is
nvd
CVE-2021-21870HIGHCVSS 8.8v10.1.4.376512021-08-05
CVE-2021-21870 [HIGH] CWE-416 CVE-2021-21870: A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, versi
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a malicious file or site to trigger this vulnerability if the
nvd
CVE-2021-21831HIGHCVSS 8.8v10.1.3.375982021-08-05
CVE-2021-21831 [HIGH] CWE-416 CVE-2021-21831: A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, versi
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is
nvd
CVE-2021-34839HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34839 [HIGH] CWE-416 CVE-2021-34839: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34842HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34842 [HIGH] CWE-416 CVE-2021-34842: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34852HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34852 [HIGH] CWE-416 CVE-2021-34852: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34849HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34849 [HIGH] CWE-416 CVE-2021-34849: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34840HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34840 [HIGH] CWE-416 CVE-2021-34840: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34835HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34835 [HIGH] CWE-416 CVE-2021-34835: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34846HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34846 [HIGH] CWE-416 CVE-2021-34846: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34853HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34853 [HIGH] CWE-416 CVE-2021-34853: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34847HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34847 [HIGH] CWE-416 CVE-2021-34847: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34848HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34848 [HIGH] CWE-416 CVE-2021-34848: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34832HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34832 [HIGH] CWE-416 CVE-2021-34832: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the delay property. The issue results from t
nvd
CVE-2021-34834HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34834 [HIGH] CWE-416 CVE-2021-34834: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34843HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34843 [HIGH] CWE-416 CVE-2021-34843: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34833HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34833 [HIGH] CWE-416 CVE-2021-34833: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34837HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34837 [HIGH] CWE-416 CVE-2021-34837: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd
CVE-2021-34836HIGHCVSS 7.8≤ 11.0.0.49893v11.0.0.498932021-08-04
CVE-2021-34836 [HIGH] CWE-416 CVE-2021-34836: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from t
nvd