cbcvebase.

Pdf-Xchange Editor vulnerabilities

289 known vulnerabilities affecting pdf-xchange/pdf-xchange_editor.

Total CVEs
289
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH166MEDIUM106LOW17

Vulnerabilities

Page 7 of 15
CVE-2023-39500P3HIGHCVSS 7.8v9.5.366.02024-05-03
CVE-2023-39500 [HIGH] CWE-787 CVE-2023-39500: PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The speci
nvd
CVE-2023-39497P3HIGHCVSS 7.8v9.5.366.02024-05-03
CVE-2023-39497 [HIGH] CWE-787 CVE-2023-39497: PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The speci
nvd
CVE-2023-39499P3HIGHCVSS 7.8v9.5.366.02024-05-03
CVE-2023-39499 [HIGH] CWE-787 CVE-2023-39499: PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The speci
nvd
CVE-2022-42377P3HIGHCVSS 7.8fixed in 9.5.366.0v9.4.363.02023-01-26
CVE-2022-42377 [HIGH] CWE-119 CVE-2022-42377: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper val
nvd
CVE-2024-8812P3HIGHCVSS 7.8v10.3.0.3862024-11-22
CVE-2024-8812 [HIGH] CWE-125 CVE-2024-8812: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vul PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific
nvd
CVE-2024-8833P3HIGHCVSS 7.8v10.3.0.3862024-11-22
CVE-2024-8833 [HIGH] CWE-125 CVE-2024-8833: PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vul PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific
nvd
CVE-2024-8814P3HIGHCVSS 7.8v10.3.0.3862024-11-22
CVE-2024-8814 [HIGH] CWE-125 CVE-2024-8814: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vul PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific
nvd
CVE-2024-8813P3HIGHCVSS 7.8v10.3.0.3862024-11-22
CVE-2024-8813 [HIGH] CWE-787 CVE-2024-8813: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specifi
nvd
CVE-2024-8817P3HIGHCVSS 7.8v10.3.0.3862024-11-22
CVE-2024-8817 [HIGH] CWE-787 CVE-2024-8817: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specifi
nvd
CVE-2024-8847P3HIGHCVSS 7.8v10.3.1.3872024-11-22
CVE-2024-8847 [HIGH] CWE-125 CVE-2024-8847: PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerabi PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw
nvd
CVE-2025-2231P3HIGHCVSS 7.8v10.5.1.394v10.4.1.3892025-03-24
CVE-2025-2231 [HIGH] CWE-125 CVE-2025-2231: PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vul PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific
nvd
CVE-2026-2040P3HIGHCVSS 7.3v10.7.2.4002026-02-20
CVE-2026-2040 [HIGH] CWE-427 CVE-2026-2040: PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnera PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of PDF-XChange Editor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
nvd
CVE-2022-42420P3HIGHCVSS 7.8fixed in 9.5.366.0v9.4.363.02023-01-26
CVE-2022-42420 [HIGH] CWE-787 CVE-2022-42420: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a writ
nvd
CVE-2022-42417P3HIGHCVSS 7.8fixed in 9.5.366.0v9.4.363.02023-01-26
CVE-2022-42417 [HIGH] CWE-125 CVE-2022-42417: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a read
nvd
CVE-2022-42419P3HIGHCVSS 7.8fixed in 9.5.366.0v9.4.363.02023-01-26
CVE-2022-42419 [HIGH] CWE-787 CVE-2022-42419: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a writ
nvd
CVE-2022-42423P3HIGHCVSS 7.8fixed in 9.5.366.0v9.4.363.02023-01-26
CVE-2022-42423 [HIGH] CWE-787 CVE-2022-42423: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a writ
nvd
CVE-2022-42416P3HIGHCVSS 7.8fixed in 9.5.366.0v9.4.363.02023-01-26
CVE-2022-42416 [HIGH] CWE-787 CVE-2022-42416: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a writ
nvd
CVE-2022-42415P3HIGHCVSS 7.8fixed in 9.5.366.0v9.4.362.02023-01-26
CVE-2022-42415 [HIGH] CWE-787 CVE-2022-42415: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. Crafted data in a JP2 file can trigger a writ
nvd
CVE-2022-42421P3HIGHCVSS 7.8fixed in 9.5.366.0v9.4.363.02023-01-26
CVE-2022-42421 [HIGH] CWE-787 CVE-2022-42421: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a writ
nvd
CVE-2022-42395P3HIGHCVSS 7.8fixed in 9.5.366.0v9.4.362.02023-01-26
CVE-2022-42395 [HIGH] CWE-787 CVE-2022-42395: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPS files. Crafted data in an XPS file can trigger a wri
nvd
Pdf-Xchange Editor vulnerabilities | cvebase