ZDI-25-071: PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2025-0904.

USN-7316-1: Raptor vulnerabilities

It was discovered that Raptor incorrectly handled memory operations when processing certain input files. A remote attacker could possibly use...

March 3, 2025

USN-7315-1: PostgreSQL vulnerability

Stephen Fewer discovered that PostgreSQL incorrectly handled quoting syntax in certain scenarios. A remote attacker could possibly use this issue...

March 3, 2025

USN-7314-1: Kerberos vulnerabilities

It was discovered that Kerberos incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause...

March 3, 2025

USN-7313-1: Erlang vulnerability

It was discovered that Erlang incorrectly handled SFTP packet sizes. A remote attacker could possibly use this issue to cause...

March 3, 2025

vyper-0.4.1-1.fc41

FEDORA-2025-c7fae57601 Packages in this update: vyper-0.4.1-1.fc41 Update description: Vyper ver. 0.4.1 Another one small fix Fix for a few known...

March 3, 2025

vyper-0.4.1-1.fc40

FEDORA-2025-77c63e7236 Packages in this update: vyper-0.4.1-1.fc40 Update description: Vyper ver. 0.4.1 Another one small fix Fix for a few known...

March 3, 2025

CISA Denies Reports of Shift in Cybersecurity Posture Amid Russian Threats

Phishing Campaign Uses Havoc Framework to Control Infected Systems

Stop targeting Russian hackers, Trump administration orders US Cyber Command

Vodafone Trials Quantum-Safe Tech to Protect Smartphone Browsing

ICO Launches TikTok Investigation Over Use of Children’s Data

BYOVD Attacks Exploit Zero-Day in Paragon Partition Manager

Friday Squid Blogging: Eating Bioluminescent Squid

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Third-Party Attacks Drive Major Financial Losses in 2024

ZDI-25-071: PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

USN-7316-1: Raptor vulnerabilities

USN-7315-1: PostgreSQL vulnerability

USN-7314-1: Kerberos vulnerabilities

USN-7313-1: Erlang vulnerability

vyper-0.4.1-1.fc41

vyper-0.4.1-1.fc40