Vulnerabilidades em Foxit
776 resultadosAnálise Vexday
Com 776 CVEs catalogadas e nenhuma atualmente listada no catálogo KEV da CISA, o Foxit apresenta taxa de exploração ativa abaixo da média geral do catálogo, o que sugere menor pressão imediata de ameaças confirmadas em campo. No entanto, o escore EPSS de 0,8948 associado a CVE-2021-34833 indica altíssima probabilidade estatística de exploração para essa vulnerabilidade específica, merecendo atenção prioritária mesmo na ausência de confirmação formal no KEV. O tipo de falha mais recorrente é CWE-416 (use-after-free), categoria historicamente propícia à execução de código arbitrário e frequentemente visada em leitores e editores de PDF. A existência de PoCs públicas para duas vulnerabilidades reforça a necessidade de manter patches aplicados, ainda que o volume de novas CVEs nos últimos 90 dias esteja zerado.
CVE-2021-31467LOWThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User inEPSS 2.0%CVE-2021-31464LOWThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User inEPSS 2.0%CVE-2021-31462LOWThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User inEPSS 2.0%CVE-2021-31463LOWThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User inEPSS 2.0%CVE-2023-40194HIGHAn arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of wEPSS 2.0%CVE-2020-17415HIGHThis vulnerability allows local attackers to escalate privileges on affected installations of Foxit PhantomPDF 10.0.0.35798. An attacker musEPSS 2.0%CVE-2022-24368LOWThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.1.0.52543. UseEPSS 2.0%CVE-2024-28888HIGHA use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a checkbox field object. A specially crafted JavascripEPSS 1.9%CVE-2023-38573HIGHA use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field. A specially crafted Javascript code inEPSS 1.9%CVE-2023-32616HIGHA use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code insidEPSS 1.8%CVE-2022-28672HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaEPSS 1.8%CVE-2020-17414HIGHThis vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader 10.0.0.35798. An attacker must fiEPSS 1.8%CVE-2022-24370LOWThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0EPSS 1.8%CVE-2023-41257HIGHA type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript cEPSS 1.6%CVE-2022-37332HIGHA use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDFEPSS 1.4%CVE-2024-47810HIGHA use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially crafted Javascript code iEPSS 1.3%CVE-2024-49576HIGHA use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBF_Widget object. A specially crafted JavasEPSS 1.1%CVE-2022-28683HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaEPSS 1.1%CVE-2022-28682HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaEPSS 1.1%CVE-2022-43649HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.12465. User interaEPSS 1.1%