Pdf-Xchange Editor vulnerabilities
289 known vulnerabilities affecting pdf-xchange/pdf-xchange_editor.
Total CVEs
289
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH166MEDIUM106LOW17
Vulnerabilities
Page 1 of 15
CVE-2025-0899P3HIGHCVSS 8.8fixed in 10.4.1.389v10.3.1.3872025-02-11
CVE-2025-0899 [HIGH] CWE-416 CVE-2025-0899: PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability a
PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists
nvd
CVE-2025-0903P3HIGHCVSS 8.8fixed in 10.4.2.390v10.4.0.3882025-02-11
CVE-2025-0903 [HIGH] CWE-122 CVE-2025-0903: PDF-XChange Editor RTF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.
PDF-XChange Editor RTF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The s
nvd
CVE-2025-0910P3HIGHCVSS 8.8fixed in 10.5.0.393v10.4.3.3912025-02-11
CVE-2025-0910 [HIGH] CWE-787 CVE-2025-0910: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
nvd
CVE-2025-0901P3HIGHCVSS 8.8fixed in 10.4.1.389v10.4.0.3882025-02-11
CVE-2025-0901 [HIGH] CWE-125 CVE-2025-0901: PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerabi
PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw
nvd
CVE-2025-0908P3HIGHCVSS 8.8fixed in 10.4.2.390v10.4.2.3902025-02-11
CVE-2025-0908 [HIGH] CWE-125 CVE-2025-0908: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2025-0906P3HIGHCVSS 8.8fixed in 10.4.2.390v10.4.0.3882025-02-11
CVE-2025-0906 [HIGH] CWE-125 CVE-2025-0906: PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2025-0904P3HIGHCVSS 8.8fixed in 10.4.2.390v10.4.0.3882025-02-11
CVE-2025-0904 [HIGH] CWE-125 CVE-2025-0904: PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2025-0902P3HIGHCVSS 8.8fixed in 10.4.2.390v10.4.0.3882025-02-11
CVE-2025-0902 [HIGH] CWE-125 CVE-2025-0902: PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2025-0909P3HIGHCVSS 8.8fixed in 10.5.0.393v10.4.3.3912025-02-11
CVE-2025-0909 [HIGH] CWE-125 CVE-2025-0909: PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2025-0907P3HIGHCVSS 8.8fixed in 10.4.2.390v10.4.0.3882025-02-11
CVE-2025-0907 [HIGH] CWE-125 CVE-2025-0907: PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2025-0911P3HIGHCVSS 8.8fixed in 10.5.0.393v10.4.4.3922025-02-11
CVE-2025-0911 [HIGH] CWE-125 CVE-2025-0911: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2025-0905P3HIGHCVSS 8.8fixed in 10.4.2.390v10.4.0.3882025-02-11
CVE-2025-0905 [HIGH] CWE-125 CVE-2025-0905: PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2024-27323P3HIGHCVSS 7.5v10.1.1.3812024-04-01
CVE-2024-27323 [HIGH] CWE-295 CVE-2024-27323: PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability. This
PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is not required to exploit this vulnerability.
The specific flaw exists within the update functionality. The is
nvd
CVE-2023-42041P3HIGHCVSS 7.8v9.5.368.0v9.5.367.02024-05-03
CVE-2023-42041 [HIGH] CWE-416 CVE-2023-42041: PDF-XChange Editor Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability
PDF-XChange Editor Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw ex
nvd
CVE-2023-39506P3HIGHCVSS 7.8v9.5.367.02024-05-03
CVE-2023-39506 [HIGH] CWE-22 CVE-2023-39506: PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability. This vu
PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specif
nvd
CVE-2023-27348P3HIGHCVSS 7.8v9.4.364.02024-05-03
CVE-2023-27348 [HIGH] CWE-416 CVE-2023-27348: PDF-XChange Editor TIF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnera
PDF-XChange Editor TIF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific f
nvd
CVE-2025-6644P3HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6644 [HIGH] CWE-416 CVE-2025-6644: PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnera
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific fla
nvd
CVE-2025-6661P3HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6661 [HIGH] CWE-416 CVE-2025-6661: PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability
PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exis
nvd
CVE-2025-6640P3HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6640 [HIGH] CWE-416 CVE-2025-6640: PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnera
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific fla
nvd
CVE-2025-6645P3HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6645 [HIGH] CWE-416 CVE-2025-6645: PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnera
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific fla
nvd
1 / 15Next →