Vulnerabilities > Foxitsoftware > Foxit Reader

DATE CVE VULNERABILITY TITLE RISK
2023-11-27 CVE-2023-32616 Use After Free vulnerability in Foxitsoftware Foxit Reader 12.1.2.15356
A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations.
network
low complexity
foxitsoftware CWE-416
8.8
2023-11-27 CVE-2023-35985 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Foxitsoftware Foxit Reader 12.1.3.15356
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension.
network
low complexity
foxitsoftware CWE-610
8.8
2023-11-27 CVE-2023-38573 Use After Free vulnerability in Foxitsoftware Foxit Reader 12.1.2.15356
A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field.
network
low complexity
foxitsoftware CWE-416
8.8
2023-11-27 CVE-2023-39542 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Foxitsoftware Foxit Reader 12.1.3.15356
A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356.
network
low complexity
foxitsoftware CWE-610
8.8
2023-11-27 CVE-2023-40194 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Foxitsoftware Foxit Reader 12.1.3.15356
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of whitespace characters.
network
low complexity
foxitsoftware CWE-610
8.8
2023-11-27 CVE-2023-41257 Type Confusion vulnerability in Foxitsoftware Foxit Reader 12.1.3.15356
A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties.
network
low complexity
foxitsoftware CWE-843
8.8
2022-11-09 CVE-2022-43310 Uncontrolled Search Path Element vulnerability in Foxitsoftware Foxit Reader
An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows attackers to escalate privileges when searching for DLL libraries without specifying an absolute path.
local
low complexity
foxitsoftware CWE-427
7.8
2021-08-11 CVE-2021-38568 Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4.
network
low complexity
foxitsoftware CWE-787
critical
9.8
2021-08-11 CVE-2021-38569 Uncontrolled Recursion vulnerability in Foxitsoftware Foxit Reader
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4.
network
low complexity
foxitsoftware CWE-674
7.5
2021-08-11 CVE-2021-38570 Link Following vulnerability in Foxitsoftware Foxit Reader
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4.
network
low complexity
foxitsoftware CWE-59
critical
9.1