Foxit Pdf Reader vulnerabilities
301 known vulnerabilities affecting foxit/pdf_reader.
Total CVEs
301
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH235MEDIUM33LOW30
Vulnerabilities
Page 7 of 16
CVE-2023-51553LOWCVSS 3.3≤ 2023.2.0.21408≤ 2023.2.0.61611+1 more2024-05-03
CVE-2023-51553 [LOW] CWE-125 CVE-2023-51553: Foxit PDF Reader Bookmark Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerabilit
Foxit PDF Reader Bookmark Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific f
cvelistv5nvd
CVE-2023-42098LOWCVSS 3.3≤ 12.1.3.15356v12.1.3.153562024-05-03
CVE-2023-42098 [LOW] CWE-416 CVE-2023-42098: Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw
cvelistv5nvd
CVE-2023-38105LOWCVSS 3.3≤ 12.1.2.15332v12.1.2.153322024-05-03
CVE-2023-38105 [LOW] CWE-125 CVE-2023-38105: Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vuln
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The sp
cvelistv5nvd
CVE-2023-38110LOWCVSS 3.3≤ 12.1.2.15332fixed in 12.1.0.1229+1 more2024-05-03
CVE-2023-38110 [LOW] CWE-125 CVE-2023-38110: Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This v
Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
cvelistv5nvd
CVE-2023-38108LOWCVSS 3.3≤ 12.1.2.15332v12.1.2.153322024-05-03
CVE-2023-38108 [LOW] CWE-125 CVE-2023-38108: Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vuln
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The sp
cvelistv5nvd
CVE-2023-51555LOWCVSS 3.3≤ 2023.2.0.21408≤ 2023.2.0.61611+1 more2024-05-03
CVE-2023-51555 [LOW] CWE-125 CVE-2023-51555: Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability all
Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw e
cvelistv5nvd
CVE-2023-42093LOWCVSS 3.3≤ 12.1.3.15356v12.1.3.153562024-05-03
CVE-2023-42093 [LOW] CWE-416 CVE-2023-42093: Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw
cvelistv5nvd
CVE-2023-51558LOWCVSS 3.3≤ 2023.2.0.21408v2023.2.0.214082024-05-03
CVE-2023-51558 [LOW] CWE-125 CVE-2023-51558: Foxit PDF Reader AcroForm Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerab
Foxit PDF Reader AcroForm Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specif
cvelistv5nvd
CVE-2024-25648HIGHCVSS 8.8v2024.1.0.23997v2024.1.0.636822024-04-30
CVE-2024-25648 [HIGH] CWE-416 CVE-2024-25648: A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widg
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the mali
nvd
CVE-2024-25938HIGHCVSS 8.8v2024.1.0.239972024-04-30
CVE-2024-25938 [HIGH] CWE-416 CVE-2024-25938: A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widge
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malic
nvd
CVE-2024-25575HIGHCVSS 8.8v2024.1.0.239972024-04-30
CVE-2024-25575 [HIGH] CWE-843 CVE-2024-25575: A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a
A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious
nvd
CVE-2024-32488HIGHCVSS 7.8fixed in 2023.3.0.230282024-04-15
CVE-2024-32488 [HIGH] CWE-280 CVE-2024-32488: In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update c
In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there.
nvd
CVE-2024-30334HIGHCVSS 7.8fixed in 2023.3.0.23028v2023.2.0.214082024-04-03
CVE-2024-30334 [HIGH] CWE-416 CVE-2024-30334: Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability a
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
cvelistv5nvd
CVE-2024-30325HIGHCVSS 7.8≤ 2023.3.0.23028v2023.2.0.214082024-04-03
CVE-2024-30325 [HIGH] CWE-416 CVE-2024-30325: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
cvelistv5nvd
CVE-2024-30323HIGHCVSS 7.8≤ 2023.3.0.23028v2023.2.0.214082024-04-03
CVE-2024-30323 [HIGH] CWE-125 CVE-2024-30323: Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability
Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exis
cvelistv5nvd
CVE-2024-30366HIGHCVSS 7.8fixed in 2023.3.0.63083fixed in 2023.3.0.23028+1 more2024-04-03
CVE-2024-30366 [HIGH] CWE-416 CVE-2024-30366: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
cvelistv5nvd
CVE-2024-30326HIGHCVSS 7.8≤ 2023.3.0.23028v2023.2.0.214082024-04-03
CVE-2024-30326 [HIGH] CWE-416 CVE-2024-30326: Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability a
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
cvelistv5nvd
CVE-2024-30332HIGHCVSS 7.8fixed in 2023.3.0.23028v2023.2.0.214082024-04-03
CVE-2024-30332 [HIGH] CWE-416 CVE-2024-30332: Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability a
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
cvelistv5nvd
CVE-2024-30331HIGHCVSS 7.8fixed in 2023.3.0.63083fixed in 2023.3.0.23028+1 more2024-04-03
CVE-2024-30331 [HIGH] CWE-416 CVE-2024-30331: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
cvelistv5nvd
CVE-2024-30322HIGHCVSS 7.8≤ 2023.3.0.23028v2023.2.0.214082024-04-03
CVE-2024-30322 [HIGH] CWE-416 CVE-2024-30322: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability all
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists w
cvelistv5nvd