cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-0911,https://securityvulnerability.io/vulnerability/CVE-2025-0911,Information Disclosure Vulnerability in PDF-XChange Editor by Tracker Software,"A vulnerability in PDF-XChange Editor allows for the disclosure of sensitive information due to improper validation of U3D file parsing. This flaw can cause the application to read past the allocated memory, potentially exposing user data. Exploitation requires user interaction, as the victim must visit a malicious webpage or open a compromised file. This vulnerability potentially opens the door for further exploitation in conjunction with other flaws, leading to arbitrary code execution within the affected process.",PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:58:33.626Z,0
CVE-2025-0910,https://securityvulnerability.io/vulnerability/CVE-2025-0910,Out-Of-Bounds Write Vulnerability in PDF-XChange Editor by Tracker Software Products,"The vulnerability in PDF-XChange Editor arises from the parsing of U3D files, where the application fails to properly validate user-supplied data. This oversight can allow attackers to execute arbitrary code by causing the application to write past the end of an allocated object. Successful exploitation requires user interaction, such as visiting a malicious page or opening a crafted file, enabling the attacker to leverage the flaw in the context of the current process.",PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:58:17.542Z,0
CVE-2025-0909,https://securityvulnerability.io/vulnerability/CVE-2025-0909,Information Disclosure Vulnerability in PDF-XChange Editor by Tracker Software Products,The vulnerability arises from improper validation of user-supplied data during the parsing of XPS files within PDF-XChange Editor. This flaw can allow remote attackers to disclose sensitive information by tricking users into visiting malicious pages or opening compromised files. Exploitation requires user interaction but can potentially lead to further attacks by enabling code execution within the vulnerable process context.,PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:58:09.870Z,0
CVE-2025-0908,https://securityvulnerability.io/vulnerability/CVE-2025-0908,Information Disclosure Vulnerability in PDF-XChange Editor by Tracker Software,"The vulnerability in PDF-XChange Editor is triggered by improper validation during the parsing of U3D files. This flaw can be exploited by remote attackers to disclose sensitive information, requiring the user to visit a malicious webpage or open a compromised file. By exploiting this vulnerability, attackers could possibly read past the allocated memory buffer, leading to potential exposure of confidential data. This vulnerability can be utilized alongside other vulnerabilities to execute arbitrary code in the context of the affected application.",PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:58:02.722Z,0
CVE-2025-0907,https://securityvulnerability.io/vulnerability/CVE-2025-0907,Information Disclosure Vulnerability in PDF-XChange Editor Products by Tracker Software,"The vulnerability in PDF-XChange Editor relates to improper handling of JB2 file parsing, leading to potential exposure of sensitive user data. Attackers must entice users to open malicious JB2 files or visit compromised web pages, triggering an out-of-bounds read that allows unauthorized information disclosure. This flaw arises from inadequate validation of input parameters, paving the way for further exploitation in conjunction with other vulnerabilities, including the potential for arbitrary code execution within the affected application's context.",PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:57:51.572Z,0
CVE-2025-0906,https://securityvulnerability.io/vulnerability/CVE-2025-0906,Out-Of-Bounds Read Vulnerability in PDF-XChange Editor by Tracker Software,"The vulnerability identified in PDF-XChange Editor occurs during the parsing of JB2 files, where inadequate validation of user-supplied data can lead to an out-of-bounds read. This flaw enables remote attackers to potentially disclose sensitive information by prompting a user to open a malicious file or visit a compromised webpage. Exploitation may allow the attacker to gather critical data and could be combined with other vulnerabilities for further damage.",PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:57:41.221Z,0
CVE-2025-0905,https://securityvulnerability.io/vulnerability/CVE-2025-0905,Information Disclosure Risk in PDF-XChange Editor by Tracker Software Products,"A vulnerability in PDF-XChange Editor allows remote attackers to exploit the JB2 file parsing process, leading to the disclosure of sensitive information. This flaw arises from insufficient validation of user-supplied data, enabling an attacker to read data beyond allocated memory boundaries. Successful exploitation requires user interaction, as the target must open a specially crafted file or visit a malicious website. Attackers may leverage this vulnerability in conjunction with others to compromise system security further.",PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:57:31.522Z,0
CVE-2025-0904,https://securityvulnerability.io/vulnerability/CVE-2025-0904,Information Disclosure Vulnerability in PDF-XChange Editor by Tracker Software,The vulnerability affects PDF-XChange Editor due to improper validation of user-supplied data while parsing XPS files. This flaw enables remote attackers to disclose sensitive information by persuading users to visit a malicious page or open a harmful file. An attacker could exploit this information disclosure to execute further attacks or compromise the system's integrity. Proper security measures are essential to mitigate potential threats related to this vulnerability.,PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:57:11.371Z,0
CVE-2025-0903,https://securityvulnerability.io/vulnerability/CVE-2025-0903,Heap-based Buffer Overflow Vulnerability in PDF-XChange Editor,"A vulnerability exists in PDF-XChange Editor where improper validation of user-supplied data length during RTF file parsing leads to a heap-based buffer overflow. This flaw could allow an attacker to exploit the system by executing arbitrary code when a victim opens a malicious RTF file or visits a compromised web page. Successful exploitation requires user interaction, as the malicious content needs to be processed within the application.",PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:57:00.237Z,0
CVE-2025-0902,https://securityvulnerability.io/vulnerability/CVE-2025-0902,Out-Of-Bounds Read Vulnerability in PDF-XChange Editor by Tracker Software,"The vulnerability in PDF-XChange Editor arises from improper validation of user-supplied data during the parsing of XPS files. This flaw allows remote attackers to disclose sensitive information by tricking the user into opening a malicious file or visiting a compromised webpage. By exploiting this vulnerability, attackers can potentially read beyond the allocated memory, increasing the risk of further exploiting the affected system. This can lead to arbitrary code execution under the context of the current user, making it crucial for organizations to patch affected installations promptly.",PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:56:41.379Z,0
CVE-2025-0901,https://securityvulnerability.io/vulnerability/CVE-2025-0901,PDF-XChange Editor Out-Of-Bounds Read Vulnerability by Tracker Software,"A security vulnerability exists in PDF-XChange Editor that allows attackers to execute arbitrary code on affected systems. The flaw arises from inadequate validation of user-supplied data when handling Doc objects, leading to a potential out-of-bounds read. This can enable an attacker to read data past the allocated buffer, allowing them to execute code within the context of the application. Successful exploitation necessitates that a user interacts with a malicious PDF file or webpage, making awareness and caution critical.",PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:56:31.557Z,0
CVE-2025-0899,https://securityvulnerability.io/vulnerability/CVE-2025-0899,PDF-XChange Editor AcroForm Use-After-Free Vulnerability Exposes Users to Remote Code Execution Risks,"The vulnerability in PDF-XChange Editor arises from improper handling of AcroForms, which fails to validate object existence before operations. This oversight allows remote attackers to execute arbitrary code if users visit a malicious page or open a harmful file. The flaw can lead to severe security breaches, compromising user systems and data integrity. To mitigate risks, users should apply patches as soon as available and exercise caution when opening documents from untrusted sources.",PDF-xchange,PDF-xchange Editor,8.8,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T19:22:58.592Z,0
CVE-2024-7352,https://securityvulnerability.io/vulnerability/CVE-2024-7352,PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"A critical flaw has been identified in the PDF file parsing functionality of PDF-XChange Editor by Tracker Software. This vulnerability stems from inadequate validation of user-supplied data during the parsing process, resulting in an out-of-bounds write. Attackers can exploit this weakness to execute arbitrary code within the context of the affected system. Successful exploitation necessitates user interaction, as the user must either access a malicious web page or open a compromised PDF file. Organizations using PDF-XChange Editor should prioritize applying the latest security patches to mitigate potential risks.",PDF-xchange,PDF-xchange Editor,7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-11-22T22:15:00.000Z,0
CVE-2024-8830,https://securityvulnerability.io/vulnerability/CVE-2024-8830,Remote Code Execution Vulnerability in PDF-XChange Editor,"This vulnerability in PDF-XChange Editor arises from improper validation during the parsing of XPS files, enabling remote attackers to execute arbitrary code. The flaw permits attackers to perform an out-of-bounds write, which can lead to code execution in the context of the currently running process. Exploitation requires the target user to either visit a malicious web page or open a compromised file, providing a vector for remote code execution attacks. Users and administrators of PDF-XChange Editor should ensure to apply appropriate security measures to mitigate this risk.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8831,https://securityvulnerability.io/vulnerability/CVE-2024-8831,Out-Of-Bounds Read Vulnerability in PDF-XChange Editor,"A vulnerability identified in PDF-XChange Editor involves the parsing of XPS files, allowing remote attackers to execute arbitrary code on affected systems. The flaw stems from insufficient validation of user-supplied data, potentially leading to a read operation beyond the allocated buffer limits. Successful exploitation necessitates user interaction, whereby the target must either visit a malicious webpage or open a compromised file. This vulnerability emphasizes the importance of user awareness and security updates for PDF-XChange Editor installations.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8842,https://securityvulnerability.io/vulnerability/CVE-2024-8842,Remote Code Execution Risk in PDF-XChange Editor Due to RTF File Parsing Flaw,"A vulnerability exists in PDF-XChange Editor that stems from improper initialization of memory during RTF file parsing. This flaw could enable remote attackers to execute arbitrary code on the affected installation when a user interacts with a malicious RTF file or visits a harmful webpage. The vulnerability relies on user action to exploit, making awareness and caution imperative for users of the software.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8840,https://securityvulnerability.io/vulnerability/CVE-2024-8840,JB2 File Parsing Vulnerability in PDF-XChange Editor,"A vulnerability exists in the JB2 file parsing functionality of PDF-XChange Editor that enables remote attackers to execute arbitrary code. The flaw arises from insufficient validation of user-supplied data, leading to an out-of-bounds read condition. To exploit this vulnerability, user interaction is necessary; specifically, the victim must either navigate to a compromised webpage or open a specially crafted JB2 file. This can result in code execution within the context of the affected application, potentially leading to unauthorized access and control over the system.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8813,https://securityvulnerability.io/vulnerability/CVE-2024-8813,Remote Code Execution Vulnerability in PDF-XChange Editor Due to U3D File Parsing,"A remote code execution vulnerability exists in the PDF-XChange Editor due to improper validation of user-supplied data during U3D file parsing. This oversight can lead to an out-of-bounds write, allowing attackers to execute arbitrary code in the context of the affected process. Exploitation requires user interaction, as the victim must either visit a specially crafted web page or open a malicious file containing the vulnerable U3D content. Organizations using PDF-XChange Editor should ensure they are on the latest versions to mitigate this risk and secure their systems against potential exploitation.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8814,https://securityvulnerability.io/vulnerability/CVE-2024-8814,Remote Code Execution Vulnerability in PDF-XChange Editor,"A vulnerability exists in the PDF-XChange Editor that allows for remote code execution through improper handling of U3D file parsing. The flaw arises from the absence of adequate validation for user-supplied data, leading to out-of-bounds reads. Attackers can exploit this weakness by enticing users to visit a malicious webpage or open a compromised file. Once triggered, this vulnerability permits the execution of arbitrary code within the context of the affected application, potentially compromising system integrity.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8847,https://securityvulnerability.io/vulnerability/CVE-2024-8847,Out-Of-Bounds Read Vulnerability in PDF-XChange Editor,"The out-of-bounds read vulnerability in PDF-XChange Editor stems from improper handling of Doc objects, which fails to validate user-supplied data adequately. This flaw allows attackers to read data beyond the limits of allocated buffers. Successful exploitation requires user interaction, such as visiting a malicious website or opening a compromised PDF file, potentially leading to arbitrary code execution in the context of the affected application.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8825,https://securityvulnerability.io/vulnerability/CVE-2024-8825,Out-Of-Bounds Read Vulnerability in PDF-XChange Editor,"A vulnerability exists in PDF-XChange Editor that stems from improper validation during the parsing of PDF files. This specific flaw can lead to an out-of-bounds read condition, allowing attackers to execute arbitrary code in the context of the current process. For exploitation to occur, user interaction is necessary, which includes visiting a malicious webpage or opening a compromised PDF file. Attackers can leverage this flaw to gain unauthorized control over affected installations, posing serious risks to user data and system integrity.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8838,https://securityvulnerability.io/vulnerability/CVE-2024-8838,Remote Code Execution Vulnerability in PDF-XChange Editor,"The vulnerability within PDF-XChange Editor involves a critical flaw in the parsing of XPS files. This flaw arises due to inadequate validation of user-supplied data, leading to an out-of-bounds read condition. By exploiting this vulnerability, remote attackers can execute arbitrary code on vulnerable installations once the user opens a malicious file or visits a related webpage, triggering the flaw.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8833,https://securityvulnerability.io/vulnerability/CVE-2024-8833,Out-Of-Bounds Read Vulnerability in PDF-XChange Editor,"A vulnerability exists in the PDF-XChange Editor due to improper validation of user-supplied data during the parsing of XPS files. The flaw allows remote attackers to manipulate malicious files or navigate to harmful links, leading to an out-of-bounds read condition. An attacker can exploit this vulnerability to execute arbitrary code within the context of the currently running process on affected installations. This vulnerability requires the user to interact with the malicious content to initiate the attack, enhancing its potential impact in environments where users are likely to open unpredictable files.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8812,https://securityvulnerability.io/vulnerability/CVE-2024-8812,Remote Code Execution Vulnerability in PDF-XChange Editor,"This vulnerability involves a flaw in the handling of U3D files within the PDF-XChange Editor. Specifically, the absence of sufficient validation for user-supplied data leads to an out-of-bounds read, allowing an attacker to manipulate the process's memory. By enticing a user to visit a compromised web page or open a malicious document, remote attackers can exploit this vulnerability to execute arbitrary code within the context of the application. The threat underscores the importance of secure coding practices and the continual updating of software to mitigate potential attack vectors.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0
CVE-2024-8815,https://securityvulnerability.io/vulnerability/CVE-2024-8815,Memory Corruption Vulnerability in PDF-XChange Editor,"This vulnerability in PDF-XChange Editor arises from improper validation of user-supplied data during the parsing of U3D files, leading to memory corruption. An attacker can exploit this flaw to execute arbitrary code within the context of the affected application's process. Exploitation requires user interaction, such as opening a malicious file or visiting a compromised webpage, putting users at risk if proper precautions are not taken. The issue has been documented in ZDI-CAN-24210.",PDF-xchange,"PDF-xchange Editor,PDF-tools",7.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-11-22T21:15:00.000Z,0