Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foxit pdf reader vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-27517
Foxit PDF SDK For Web up to and including 7.5.0 allows XSS. There is arbitrary JavaScript code execution in the browser if a victim uploads a malicious PDF document containing embedded JavaScript code that abuses app.alert (in the Acrobat JavaScript API).
Foxit Phantompdf
Foxit Reader
7.5
CVSSv3
CVE-2021-38565
An issue exists in Foxit PDF Reader prior to 11.0.1 and PDF Editor prior to 11.0.1. It allows writing to arbitrary files via submitForm.
Foxitsoftware Pdf Editor
Foxitsoftware Pdf Reader
9.1
CVSSv3
CVE-2021-38564
An issue exists in Foxit PDF Reader prior to 11.0.1 and PDF Editor prior to 11.0.1. It allows an out-of-bounds read via util.scand.
Foxitsoftware Pdf Editor
Foxitsoftware Pdf Reader
7.5
CVSSv3
CVE-2021-38566
An issue exists in Foxit PDF Reader prior to 11.0.1 and PDF Editor prior to 11.0.1. It allows stack consumption during recursive processing of embedded XML nodes.
Foxitsoftware Pdf Editor
Foxitsoftware Pdf Reader
8.8
CVSSv3
CVE-2017-10951
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...
Foxitsoftware Foxit Reader 8.3.0.14878
1 Github repository
1 Article
8.8
CVSSv3
CVE-2017-10952
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.0.2051. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
Foxitsoftware Foxit Reader 8.2.0.2051
1 Github repository
1 Article
8.8
CVSSv3
CVE-2018-9958
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
2 EDB exploits
1 Github repository
8.8
CVSSv3
CVE-2021-21822
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the ...
Foxitsoftware Foxit Reader 10.1.3.37598
8.8
CVSSv3
CVE-2020-13547
A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker nee...
Foxitsoftware Foxit Reader 10.0.0.37527
8.8
CVSSv3
CVE-2020-13557
A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the...
Foxitsoftware Foxit Reader 10.1.0.37527
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »