Export limit exceeded: 364439 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (838 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-14694 1 Foxitsoftware 1 Foxit Reader 2025-04-20 N/A
Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at tiptsf!CPenInputPanel::FinalRelease+0x000000000000002f.".
CVE-2017-14819 1 Foxitsoftware 1 Foxit Reader 2025-04-20 N/A
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the channel number member of the cdef box. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5011.
CVE-2016-8334 1 Foxitsoftware 1 Reader 2025-04-20 N/A
A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR.
CVE-2016-4065 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2025-04-12 N/A
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted (1) JPEG, (2) GIF, or (3) BMP image.
CVE-2014-6853 1 Foxitsoftware 1 Foxit Mobilepdf - Pdf Reader 2025-04-12 N/A
The Foxit MobilePDF - PDF Reader (aka com.foxit.mobile.pdf.lite) application 2.2.0.0616 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-8074 1 Foxitsoftware 1 Foxit Pdf Sdk Activex 2025-04-12 N/A
Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 through 5.0.1820 before 5.0.2.924 allows remote attackers to execute arbitrary code via a long string, related to global variables.
CVE-2015-2789 1 Foxitsoftware 1 Foxit Reader 2025-04-12 N/A
Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.
CVE-2014-4646 1 Foxitsoftware 1 Foxit Pdf Sdk Dll 2025-04-12 N/A
Buffer overflow in the FPDFBookmark_GetTitle method in Foxit PDF SDK DLL before 3.1.1.5005 allows context-dependent attackers to execute arbitrary code via unspecified vectors.
CVE-2016-8877 1 Foxitsoftware 2 Phantompdf, Reader 2025-04-12 N/A
Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue.
CVE-2016-4063 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2025-04-12 N/A
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document.
CVE-2015-3633 1 Foxitsoftware 3 Enterprise Reader, Foxit Reader, Phantompdf 2025-04-12 N/A
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures.
CVE-2016-4061 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2025-04-12 N/A
Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream.
CVE-2015-8843 1 Foxitsoftware 1 Foxit Reader 2025-04-12 N/A
The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption.
CVE-2015-8580 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2025-04-12 N/A
Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document.
CVE-2016-8879 1 Foxitsoftware 2 Phantompdf, Reader 2025-04-12 N/A
The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap Corruption" issue.
CVE-2015-3632 1 Foxitsoftware 3 Enterprise Reader, Foxit Reader, Phantompdf 2025-04-12 N/A
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file.
CVE-2016-8878 1 Foxitsoftware 2 Phantompdf, Reader 2025-04-12 N/A
Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return value starting at FOXITREADER."
CVE-2016-4062 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2025-04-12 N/A
Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF.
CVE-2016-4060 1 Foxitsoftware 2 Foxit Reader, Phantompdf 2025-04-12 N/A
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
CVE-2016-8876 1 Foxitsoftware 2 Phantompdf, Reader 2025-04-12 N/A
Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."