Foxit Reader vulnerabilities
155 known vulnerabilities affecting foxit/reader.
Total CVEs
155
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH129MEDIUM14LOW12
Vulnerabilities
Page 1 of 8
CVE-2021-34831HIGHCVSS 7.8v10.1.4.376512021-08-04
CVE-2021-34831 [HIGH] CWE-416 CVE-2021-34831: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.4.37651. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Document objects. The issue results from the lac
cvelistv5nvd
CVE-2021-27517MEDIUMCVSS 6.1≤ 10.1.3.375982021-07-20
CVE-2021-27517 [MEDIUM] CWE-79 CVE-2021-27517: Foxit PDF SDK For Web through 7.5.0 allows XSS. There is arbitrary JavaScript code execution in the
Foxit PDF SDK For Web through 7.5.0 allows XSS. There is arbitrary JavaScript code execution in the browser if a victim uploads a malicious PDF document containing embedded JavaScript code that abuses app.alert (in the Acrobat JavaScript API).
nvd
CVE-2021-31473HIGHCVSS 7.8v10.1.3.375982021-05-21
CVE-2021-31473 [HIGH] CWE-787 CVE-2021-31473: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the browseForDoc function. The issue results from the lack of pr
cvelistv5nvd
CVE-2021-31449HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31449 [HIGH] CWE-415 CVE-2021-31449: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue res
cvelistv5nvd
CVE-2021-31465HIGHCVSS 7.8v10.1.3.375982021-05-07
CVE-2021-31465 [HIGH] CWE-787 CVE-2021-31465: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from
cvelistv5nvd
CVE-2021-31458HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31458 [HIGH] CWE-416 CVE-2021-31458: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the l
cvelistv5nvd
CVE-2021-31457HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31457 [HIGH] CWE-416 CVE-2021-31457: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the l
cvelistv5nvd
CVE-2021-31451HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31451 [HIGH] CWE-416 CVE-2021-31451: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the l
cvelistv5nvd
CVE-2021-31453HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31453 [HIGH] CWE-416 CVE-2021-31453: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Forms. The issue results from the lack of va
cvelistv5nvd
CVE-2021-31441HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31441 [HIGH] CWE-416 CVE-2021-31441: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the l
cvelistv5nvd
CVE-2021-31450HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31450 [HIGH] CWE-416 CVE-2021-31450: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of va
cvelistv5nvd
CVE-2021-31468HIGHCVSS 7.8v10.1.3.375982021-05-07
CVE-2021-31468 [HIGH] CWE-125 CVE-2021-31468: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D files embedded in PDF documents. The issue r
cvelistv5nvd
CVE-2021-31460HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31460 [HIGH] CWE-416 CVE-2021-31460: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA templates. The issue results from the lack
cvelistv5nvd
CVE-2021-31456HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31456 [HIGH] CWE-416 CVE-2021-31456: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the l
cvelistv5nvd
CVE-2021-31472HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31472 [HIGH] CWE-787 CVE-2021-31472: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from
cvelistv5nvd
CVE-2021-31470HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31470 [HIGH] CWE-416 CVE-2021-31470: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from
cvelistv5nvd
CVE-2021-31461HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31461 [HIGH] CWE-843 CVE-2021-31461: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the the handling of app.media objects. The issue results from th
cvelistv5nvd
CVE-2021-31466HIGHCVSS 7.8v10.1.3.375982021-05-07
CVE-2021-31466 [HIGH] CWE-125 CVE-2021-31466: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from
cvelistv5nvd
CVE-2021-31454HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31454 [HIGH] CWE-122 CVE-2021-31454: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Decimal element. A crafted leadDigits value
cvelistv5nvd
CVE-2021-31452HIGHCVSS 7.8v10.1.1.375762021-05-07
CVE-2021-31452 [HIGH] CWE-787 CVE-2021-31452: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of pr
cvelistv5nvd
1 / 8Next →