ZDI-25-071: PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2025-0904.

vyper-0.4.1-1.fc41

FEDORA-2025-c7fae57601 Packages in this update: vyper-0.4.1-1.fc41 Update description: Vyper ver. 0.4.1 Another one small fix Fix for a few known...

March 3, 2025

vyper-0.4.1-1.fc40

FEDORA-2025-77c63e7236 Packages in this update: vyper-0.4.1-1.fc40 Update description: Vyper ver. 0.4.1 Another one small fix Fix for a few known...

March 3, 2025

tigervnc-1.15.0-2.fc42

FEDORA-2025-ef7fb833f2 Packages in this update: tigervnc-1.15.0-2.fc42 Update description: Fixes for xorg-x11-server CVEs. Read More

March 3, 2025

tigervnc-1.15.0-2.fc40

FEDORA-2025-a87bc329fe Packages in this update: tigervnc-1.15.0-2.fc40 Update description: Fixes for xorg-x11-server CVEs. Read More

March 3, 2025

ZDI-25-103: (0Day) Delta Electronics ISPSoft CBDGL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ISPSoft. User interaction is required...

March 3, 2025

ZDI-25-102: (0Day) Delta Electronics ISPSoft DVP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ISPSoft. User interaction is required...

March 3, 2025

Friday Squid Blogging: Eating Bioluminescent Squid

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Third-Party Attacks Drive Major Financial Losses in 2024

Cybersecurity M&A Roundup: SolarWinds Acquired for $4.4bn

Old Vulnerabilities Among the Most Widely Exploited

Prolific Data Extortion Actor Arrested in Thailand

“Emergent Misalignment” in LLMs

Warning issued as hackers offer firms fake cybersecurity audits to break into their systems

The Ransomware Threat: Preparing Schools and Libraries for Ransomware Attacks

ZDI-25-071: PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

vyper-0.4.1-1.fc41

vyper-0.4.1-1.fc40

tigervnc-1.15.0-2.fc42

tigervnc-1.15.0-2.fc40

ZDI-25-103: (0Day) Delta Electronics ISPSoft CBDGL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-25-102: (0Day) Delta Electronics ISPSoft DVP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability