Pdf-Xchange Editor vulnerabilities
289 known vulnerabilities affecting pdf-xchange/pdf-xchange_editor.
Total CVEs
289
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH166MEDIUM106LOW17
Vulnerabilities
Page 4 of 15
CVE-2023-42047P3HIGHCVSS 7.8v10.0.1.371v9.5.368.02024-05-03
CVE-2023-42047 [HIGH] CWE-119 CVE-2023-42047: PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vuln
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
nvd
CVE-2023-42074P3HIGHCVSS 7.8v9.5.368.02024-05-03
CVE-2023-42074 [HIGH] CWE-843 CVE-2023-42074: PDF-XChange Editor addScript Type Confusion Remote Code Execution Vulnerability. This vulnerability
PDF-XChange Editor addScript Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exis
nvd
CVE-2022-42374P3HIGHCVSS 7.8fixed in 9.5.366.0v9.4.362.02023-01-26
CVE-2022-42374 [HIGH] CWE-416 CVE-2022-42374: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of validating
nvd
CVE-2023-39490P3HIGHCVSS 7.8v9.5.366.02024-05-03
CVE-2023-39490 [HIGH] CWE-787 CVE-2023-39490: PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The speci
nvd
CVE-2023-39489P3HIGHCVSS 7.8v9.5.365.0v9.4.364.02024-05-03
CVE-2023-39489 [HIGH] CWE-787 CVE-2023-39489: PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The speci
nvd
CVE-2023-39485P3HIGHCVSS 7.8v9.4.364.0v10.0.1.3712024-05-03
CVE-2023-39485 [HIGH] CWE-787 CVE-2023-39485: PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The speci
nvd
CVE-2023-39501P3HIGHCVSS 7.8v9.5.366.02024-05-03
CVE-2023-39501 [HIGH] CWE-822 CVE-2023-39501: PDF-XChange Editor OXPS File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerabili
PDF-XChange Editor OXPS File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
nvd
CVE-2023-39486P3HIGHCVSS 7.8v9.4.364.0v10.0.1.3712024-05-03
CVE-2023-39486 [HIGH] CWE-119 CVE-2023-39486: PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vuln
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
nvd
CVE-2023-40472P3HIGHCVSS 7.8v9.5.368.0v9.5.367.02024-05-03
CVE-2023-40472 [HIGH] CWE-822 CVE-2023-40472: PDF-XChange Editor JavaScript String Untrusted Pointer Dereference Remote Code Execution Vulnerabili
PDF-XChange Editor JavaScript String Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
nvd
CVE-2023-40471P3HIGHCVSS 7.8v9.5.368.0v9.5.367.02024-05-03
CVE-2023-40471 [HIGH] CWE-822 CVE-2023-40471: PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulne
PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
nvd
CVE-2023-39492P3HIGHCVSS 7.8v9.5.366.02024-05-03
CVE-2023-39492 [HIGH] CWE-122 CVE-2023-39492: PDF-XChange Editor PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.
PDF-XChange Editor PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
nvd
CVE-2023-39494P3HIGHCVSS 7.8v9.5.366.02024-05-03
CVE-2023-39494 [HIGH] CWE-122 CVE-2023-39494: PDF-XChange Editor OXPS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.
PDF-XChange Editor OXPS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
T
nvd
CVE-2024-8815P3HIGHCVSS 7.8v10.3.0.3862024-11-22
CVE-2024-8815 [HIGH] CWE-119 CVE-2024-8815: PDF-XChange Editor U3D File Parsing Memory Corruption Remote Code Execution Vulnerability. This vuln
PDF-XChange Editor U3D File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
nvd
CVE-2025-6654P3HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6654 [HIGH] CWE-787 CVE-2025-6654: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
nvd
CVE-2025-6651P3HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6651 [HIGH] CWE-787 CVE-2025-6651: PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
nvd
CVE-2025-6647P3HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6647 [HIGH] CWE-787 CVE-2025-6647: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
nvd
CVE-2025-6659P3HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6659 [HIGH] CWE-787 CVE-2025-6659: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
nvd
CVE-2025-6642P3HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6642 [HIGH] CWE-125 CVE-2025-6642: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vul
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
nvd
CVE-2022-37356P3HIGHCVSS 7.8v9.3.361.02023-03-29
CVE-2022-37356 [HIGH] CWE-787 CVE-2022-37356: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. Crafted data in a JPG file can trigger a writ
nvd
CVE-2022-37355P3HIGHCVSS 7.8v9.3.361.02023-03-29
CVE-2022-37355 [HIGH] CWE-787 CVE-2022-37355: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. Crafted data in a JPG file can trigger a writ
nvd