Export limit exceeded: 324785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (324785 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66499 | 5 Apple, Foxit, Foxit Software and 2 more | 7 Macos, Pdf Editor, Pdf Reader and 4 more | 2025-12-23 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code. | ||||
| CVE-2025-66497 | 4 Apple, Foxit, Foxitsoftware and 1 more | 5 Macos, Pdf Editor, Pdf Reader and 2 more | 2025-12-23 | 5.3 Medium |
| A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption. | ||||
| CVE-2025-66498 | 4 Foxit, Foxit Software, Foxitsoftware and 1 more | 6 Pdf Editor, Pdf Reader, Reader and 3 more | 2025-12-23 | 5.3 Medium |
| A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing U3D data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption. | ||||
| CVE-2025-66496 | 4 Foxit, Foxit Software, Foxitsoftware and 1 more | 6 Pdf Editor, Pdf Reader, Reader and 3 more | 2025-12-23 | 5.3 Medium |
| A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption. | ||||
| CVE-2025-66494 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-12-23 | 7.8 High |
| A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code. | ||||
| CVE-2025-66495 | 5 Apple, Foxit, Foxit Software and 2 more | 7 Macos, Pdf Editor, Pdf Reader and 4 more | 2025-12-23 | 7.8 High |
| A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code. | ||||
| CVE-2025-66493 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-12-23 | 7.8 High |
| A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code. | ||||
| CVE-2025-13941 | 3 Foxit, Foxitsoftware, Microsoft | 6 Pdf Editor, Pdf Reader, Reader and 3 more | 2025-12-23 | 8.8 High |
| A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these resources, which are later executed by the service, resulting in execution of arbitrary code with SYSTEM privileges. | ||||
| CVE-2025-14667 | 2 Angeljudesuarez, Itsourcecode | 2 Covid Tracking System, Covid Tracking System | 2025-12-23 | 7.3 High |
| A security vulnerability has been detected in itsourcecode COVID Tracking System 1.0. The impacted element is an unknown function of the file /admin/?page=system_info. Such manipulation of the argument meta_value leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-66501 | 2 Foxit, Foxitsoftware | 2 Pdf Editor Cloud, Pdfonline | 2025-12-23 | 6.3 Medium |
| A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Predefined Text feature of the Foxit eSign section. A crafted payload can be stored via the Identity “First Name” field, which is later rendered into the DOM without proper sanitization. As a result, the injected script may execute when predefined text is used or when viewing document properties. | ||||
| CVE-2025-66502 | 2 Foxit, Foxitsoftware | 2 Pdf Editor Cloud, Pdfonline | 2025-12-23 | 6.3 Medium |
| A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Page Templates feature. A crafted payload can be stored as the template name, which is later rendered into the DOM without proper sanitization. As a result, the injected script executes each time the affected PDF is loaded. | ||||
| CVE-2025-66519 | 2 Foxit, Foxitsoftware | 2 Pdf Editor Cloud, Pdfonline | 2025-12-23 | 6.3 Medium |
| A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Layer Import functionality. A crafted payload can be injected into the “Create new Layer” field during layer import and is later rendered into the DOM without proper sanitization. As a result, the injected script executes when the Layers panel is accessed. | ||||
| CVE-2025-66520 | 2 Foxit, Foxitsoftware | 2 Pdf Editor Cloud, Pdfonline | 2025-12-23 | 6.3 Medium |
| A stored cross-site scripting (XSS) vulnerability exists in the Portfolio feature of the Foxit PDF Editor cloud (pdfonline.foxit.com). User-supplied SVG files are not properly sanitized or validated before being inserted into the HTML structure. As a result, embedded HTML or JavaScript within a crafted SVG may execute whenever the Portfolio file list is rendered. | ||||
| CVE-2025-66521 | 2 Foxit, Foxitsoftware | 2 Pdf Editor Cloud, Pdfonline | 2025-12-23 | 6.3 Medium |
| A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Trusted Certificates feature. A crafted payload can be injected as the certificate name, which is later rendered into the DOM without proper sanitization. As a result, the injected script executes each time the Trusted Certificates view is loaded. | ||||
| CVE-2025-66522 | 2 Foxit, Foxitsoftware | 2 Pdf Editor Cloud, Pdfonline | 2025-12-23 | 6.3 Medium |
| A stored cross-site scripting (XSS) vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud (pdfonline.foxit.com). The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result, embedded HTML or JavaScript may execute whenever the Digital IDs dialog is accessed or when the affected PDF is loaded. | ||||
| CVE-2025-66500 | 2 Foxit, Foxitsoftware | 2 Pdf Editor Cloud, Webplugins | 2025-12-23 | 6.3 Medium |
| A stored cross-site scripting (XSS) vulnerability exists in webplugins.foxit.com. A postMessage handler fails to validate the message origin and directly assigns externalPath to a script source, allowing an attacker to execute arbitrary JavaScript when a crafted postMessage is received. | ||||
| CVE-2025-36745 | 1 Solaredge | 2 Se3680h, Se3680h Firmware | 2025-12-23 | 7.8 High |
| SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in core subsystems. An attacker with network or local access can exploit these flaws to achieve remote code execution, privilege escalation, or disclosure of sensitive information. | ||||
| CVE-2025-36744 | 1 Solaredge | 2 Se3680h, Se3680h Firmware | 2025-12-23 | 2.4 Low |
| SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information. | ||||
| CVE-2025-59397 | 1 Openwebanalytics | 1 Open Web Analytics | 2025-12-23 | 5 Medium |
| Open Web Analytics (OWA) before 1.8.1 allows owa_db.php v[value] SQL injection. | ||||
| CVE-2025-40237 | 1 Linux | 1 Linux Kernel | 2025-12-23 | 7.0 High |
| In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfs_encode_fid with s_umount Calling intotify_show_fdinfo() on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NULL ptr. This issue was found by syzkaller. Race Condition Diagram: Thread 1 Thread 2 -------- -------- generic_shutdown_super() shrink_dcache_for_umount sb->s_root = NULL | | vfs_read() | inotify_fdinfo() | * inode get from mark * | show_mark_fhandle(m, inode) | exportfs_encode_fid(inode, ..) | ovl_encode_fh(inode, ..) | ovl_check_encode_origin(inode) | * deref i_sb->s_root * | | v fsnotify_sb_delete(sb) Which then leads to: [ 32.133461] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN NOPTI [ 32.134438] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 32.135032] CPU: 1 UID: 0 PID: 4468 Comm: systemd-coredum Not tainted 6.17.0-rc6 #22 PREEMPT(none) <snip registers, unreliable trace> [ 32.143353] Call Trace: [ 32.143732] ovl_encode_fh+0xd5/0x170 [ 32.144031] exportfs_encode_inode_fh+0x12f/0x300 [ 32.144425] show_mark_fhandle+0xbe/0x1f0 [ 32.145805] inotify_fdinfo+0x226/0x2d0 [ 32.146442] inotify_show_fdinfo+0x1c5/0x350 [ 32.147168] seq_show+0x530/0x6f0 [ 32.147449] seq_read_iter+0x503/0x12a0 [ 32.148419] seq_read+0x31f/0x410 [ 32.150714] vfs_read+0x1f0/0x9e0 [ 32.152297] ksys_read+0x125/0x240 IOW ovl_check_encode_origin derefs inode->i_sb->s_root, after it was set to NULL in the unmount path. Fix it by protecting calling exportfs_encode_fid() from show_mark_fhandle() with s_umount lock. This form of fix was suggested by Amir in [1]. [1]: https://lore.kernel.org/all/CAOQ4uxhbDwhb+2Brs1UdkoF0a3NSdBAOQPNfEHjahrgoKJpLEw@mail.gmail.com/ | ||||