Foxit Security Vulnerabilities (CVEs)

Foxit PDF Editor Cloud (pdfonline) has a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input allows atta...

Foxit PDF Editor Cloud (pdfonline) has a stored cross-site scripting vulnerability in its file upload feature. Malicious usernames embedded in uploade...

A stored XSS vulnerability in Foxit PDF Editor cloud's Portfolio feature allows attackers to upload malicious SVG files containing embedded HTML/JavaS...

A stored XSS vulnerability in Foxit PDF Online's Trusted Certificates feature allows attackers to inject malicious scripts into certificate names. Whe...

A stored cross-site scripting vulnerability in Foxit PDF Editor Cloud allows attackers to inject malicious scripts into the Digital IDs Common Name fi...

A stored cross-site scripting vulnerability in Foxit eSign's pdfonline.foxit.com allows attackers to inject malicious scripts via the Identity 'First ...

A stored XSS vulnerability in Foxit PDF Online's Page Templates feature allows attackers to inject malicious scripts into template names. When users l...

A stored XSS vulnerability in Foxit PDF Online's Layer Import functionality allows attackers to inject malicious scripts into the 'Create new Layer' f...

A stored cross-site scripting vulnerability in webplugins.foxit.com allows attackers to inject malicious JavaScript via postMessage. This affects user...

A heap-based buffer overflow vulnerability in Foxit PDF Reader's JBIG2 image parsing allows remote code execution when opening malicious PDF files. Th...

A use-after-free vulnerability in Foxit PDF Reader's PDF parsing allows remote code execution when opening malicious PDF files. This affects Windows u...

A use-after-free vulnerability in Foxit PDF Reader's annotation handling allows remote code execution when opening malicious PDF files containing craf...

A memory corruption vulnerability in Foxit PDF Reader's 3D annotation handling allows attackers to cause out-of-bounds memory access via specially cra...

A memory corruption vulnerability in Foxit PDF Reader allows attackers to execute arbitrary code by tricking users into opening malicious PDF files co...

A memory corruption vulnerability in Foxit PDF Reader's 3D annotation handling allows attackers to execute arbitrary code or cause denial of service b...

A use-after-free vulnerability in Foxit PDF software allows remote code execution when opening malicious PDF files containing crafted JavaScript. This...

A local privilege escalation vulnerability in Foxit PDF Reader/Editor Update Service allows low-privileged local attackers to modify plugin installati...

Foxit PDF Editor and Reader versions before 2025.2.1 contain a signature spoofing vulnerability where attackers can embed triggers (like JavaScript) i...

This vulnerability in Foxit PDF Editor and Reader allows attackers to modify the visual content of digitally signed PDFs without invalidating the sign...

This vulnerability in Foxit PDF software allows attackers to trigger an out-of-bounds read by tricking users into opening malicious PDF files containi...

A use-after-free vulnerability in Foxit PDF and Editor for Windows allows memory corruption when opening a malicious PDF containing JavaScript that ca...

A use-after-free vulnerability in Foxit PDF and Editor allows memory corruption or crashes when processing malicious PDF files containing specific Jav...

This vulnerability allows attackers who can modify or replace static HTML files used by Foxit PDF's StartPage feature to inject malicious content that...

This vulnerability in Foxit PDF software allows attackers to create malicious PDFs that use JavaScript to modify annotation content and clear modifica...

A memory corruption vulnerability in Foxit PDF and Editor allows attackers to execute arbitrary code by exploiting improper state updates when deletin...

This vulnerability in Foxit PDF software allows arbitrary code execution when processing malicious PDF files. Attackers can exploit memory corruption ...

This vulnerability in Foxit PDF software allows memory corruption when pages are deleted via JavaScript, potentially enabling arbitrary code execution...

This vulnerability in Foxit PDF Reader allows remote attackers to execute arbitrary code by tricking users into opening malicious PRC files. The flaw ...

This vulnerability in Foxit PDF Reader allows remote attackers to execute arbitrary code by tricking users into opening malicious PRC files. The flaw ...

This vulnerability in Foxit PDF Reader's Update Service allows local attackers to escalate privileges by loading a malicious library from an unsecured...

This vulnerability in Foxit PDF Reader allows remote attackers to disclose sensitive information by tricking users into opening malicious JP2 files. T...

Foxit PDF Reader contains an out-of-bounds read vulnerability when parsing PRC files, allowing attackers to disclose sensitive information from affect...

This vulnerability in Foxit PDF Reader allows attackers to read memory beyond allocated bounds when parsing malicious PRC files, potentially disclosin...

A memory corruption vulnerability in Foxit Reader allows arbitrary code execution when users open malicious PDF files containing specially crafted Jav...

This vulnerability in Foxit PDF Reader allows remote attackers to execute arbitrary code by tricking users into opening malicious PDF files containing...

This vulnerability in Foxit PDF Reader allows local attackers to escalate privileges from low-privileged user accounts to SYSTEM level by exploiting a...

A use-after-free vulnerability in Foxit Reader 2024.3.0.26795 allows arbitrary code execution when processing malicious PDF files containing specially...

This CVE describes a use-after-free vulnerability in Foxit PDF Reader's annotation handling that allows information disclosure. Attackers can exploit ...

This vulnerability in Foxit PDF Reader allows remote attackers to read memory beyond allocated buffers when processing malicious PDF files with AcroFo...

This is a use-after-free vulnerability in Foxit PDF Reader's annotation handling that allows remote attackers to execute arbitrary code when users ope...

This vulnerability in Foxit PDF Reader's Update Service allows local attackers to escalate privileges from a low-privileged user to SYSTEM by exploiti...

This vulnerability in Foxit PDF Reader allows attackers to read memory beyond allocated buffers when processing malicious PDF files with specially cra...

This vulnerability in Foxit PDF Reader allows remote attackers to execute arbitrary code by tricking users into opening malicious PDF files. The flaw ...

This vulnerability in Foxit PDF Reader allows remote attackers to execute arbitrary code by tricking users into opening malicious PDF files. The flaw ...

This is a use-after-free vulnerability in Foxit PDF Reader's AcroForm handling that allows remote attackers to execute arbitrary code when a user open...

A use-after-free vulnerability in Foxit PDF Reader's Doc object handling allows remote attackers to disclose sensitive information. Attackers can expl...

This is a use-after-free vulnerability in Foxit PDF Reader's AcroForm handling that allows remote code execution when users open malicious PDF files. ...

CVE-2021-34976 is a use-after-free vulnerability in Foxit PDF Reader's PDF file parsing that allows remote attackers to disclose sensitive information...

This vulnerability allows remote attackers to execute arbitrary code on affected Foxit PDF Reader installations by tricking users into opening malicio...

CVE-2021-34973 is a use-after-free vulnerability in Foxit PDF Reader's PDF file parsing that allows attackers to disclose sensitive information. Users...