Foxit

Pdf Editor

296 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.17%
  • Veröffentlicht 27.04.2026 11:00:36
  • Zuletzt bearbeitet 29.04.2026 17:26:50

Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes.

  • EPSS 0.18%
  • Veröffentlicht 27.04.2026 11:00:33
  • Zuletzt bearbeitet 29.04.2026 17:18:37

Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program.

Medienbericht
  • EPSS 0.18%
  • Veröffentlicht 27.04.2026 11:00:31
  • Zuletzt bearbeitet 29.04.2026 17:18:04

Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing...

  • EPSS 0.11%
  • Veröffentlicht 27.04.2026 11:00:29
  • Zuletzt bearbeitet 29.04.2026 17:28:10

A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution.

  • EPSS 0.17%
  • Veröffentlicht 27.04.2026 11:00:25
  • Zuletzt bearbeitet 29.04.2026 17:24:15

Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during internal data structure construction.

  • EPSS 0.11%
  • Veröffentlicht 01.04.2026 01:40:39
  • Zuletzt bearbeitet 10.04.2026 01:36:58

The application allows PDF JavaScript and document/print actions (such as WillPrint/DidPrint) to update form fields, annotations, or optional content groups (OCGs) immediately before or after redaction, encryption, or printing. These script‑driven up...

Medienbericht
  • EPSS 0.25%
  • Veröffentlicht 01.04.2026 01:40:36
  • Zuletzt bearbeitet 14.04.2026 17:56:31

The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these librar...

  • EPSS 0.1%
  • Veröffentlicht 01.04.2026 01:40:35
  • Zuletzt bearbeitet 14.04.2026 17:55:57

The application does not validate the presence of required appearance (AP) data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code continues to dereference the associated object without ...

  • EPSS 0.12%
  • Veröffentlicht 01.04.2026 01:40:33
  • Zuletzt bearbeitet 28.04.2026 14:14:57

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and ...

  • EPSS 0.1%
  • Veröffentlicht 01.04.2026 01:40:31
  • Zuletzt bearbeitet 14.04.2026 17:50:53

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs (e.g., SOAP) that perform deep tr...