Vulnerabilities > Foxit > PDF Reader

DATE CVE VULNERABILITY TITLE RISK
2022-01-04 CVE-2021-45978 OS Command Injection vulnerability in Foxit PDF Editor and PDF Reader
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via xfa.host.gotoURL in the XFA API.
local
low complexity
foxit CWE-78
7.8
7.8
2022-01-04 CVE-2021-45979 OS Command Injection vulnerability in Foxit PDF Editor and PDF Reader
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via app.launchURL in the JavaScript API.
local
low complexity
foxit CWE-78
7.8
7.8
2022-01-04 CVE-2021-45980 Unspecified vulnerability in Foxit PDF Editor and PDF Reader
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API.
local
low complexity
foxit
7.8
7.8
2021-08-11 CVE-2021-38563 Improper Validation of Array Index vulnerability in multiple products
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1.
network
low complexity
foxitsoftware foxit CWE-129
critical
 9.8
9.8
2021-08-11 CVE-2021-38567 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS.
network
low complexity
foxitsoftware foxit CWE-476
7.5
7.5
2021-08-05 CVE-2021-21831 Use After Free vulnerability in Foxit PDF Reader 10.1.3.37598
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598.
network
low complexity
foxit CWE-416
8.8
8.8
2021-08-05 CVE-2021-21870 Use After Free vulnerability in Foxit PDF Reader 10.1.4.37651
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651.
network
low complexity
foxit CWE-416
8.8
8.8
2021-08-05 CVE-2021-21893 Use After Free vulnerability in Foxit PDF Reader 11.0.0.49893
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.0.0.49893.
network
low complexity
foxit CWE-416
8.8
8.8
2021-08-04 CVE-2021-34831 Use After Free vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.4.37651.
local
low complexity
foxit foxitsoftware CWE-416
7.8
7.8
2021-08-04 CVE-2021-34832 Use After Free vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893.
local
low complexity
foxit foxitsoftware CWE-416
7.8
7.8