Vulnerabilities > Foxit

DATE CVE VULNERABILITY TITLE RISK
2022-02-18 CVE-2022-24369 Out-of-bounds Write vulnerability in Foxit PDF Editor and PDF Reader
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543.
network
foxit CWE-787
6.8
2022-02-18 CVE-2022-24370 Out-of-bounds Read vulnerability in Foxit PDF Editor and PDF Reader
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS.
network
foxit CWE-125
4.3
2022-02-18 CVE-2022-24971 Out-of-bounds Read vulnerability in Foxit PDF Editor and PDF Reader
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543.
network
foxit CWE-125
6.8
2022-02-11 CVE-2022-24954 Out-of-bounds Write vulnerability in Foxit PDF Editor and PDF Reader
Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings.
network
low complexity
foxit CWE-787
7.5
2022-02-11 CVE-2022-24955 Uncontrolled Search Path Element vulnerability in Foxit PDF Editor and PDF Reader
Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files.
network
low complexity
foxit CWE-427
7.5
2022-02-04 CVE-2021-40420 Use After Free vulnerability in Foxit PDF Reader 11.1.0.52543
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543.
network
foxit CWE-416
6.8
2022-02-04 CVE-2022-22150 Improper Handling of Exceptional Conditions vulnerability in Foxit PDF Reader 11.1.0.52543
A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543.
network
foxit CWE-755
6.8
2022-01-04 CVE-2021-45978 OS Command Injection vulnerability in Foxit PDF Editor and PDF Reader
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via xfa.host.gotoURL in the XFA API.
network
foxit CWE-78
6.8
2022-01-04 CVE-2021-45979 OS Command Injection vulnerability in Foxit PDF Editor and PDF Reader
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via app.launchURL in the JavaScript API.
network
foxit CWE-78
6.8
2022-01-04 CVE-2021-45980 Unspecified vulnerability in Foxit PDF Editor and PDF Reader
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API.
network
foxit
6.8