Vulnerabilities > Tracker Software
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2022-42420 | Out-of-bounds Write vulnerability in Tracker-Software Pdf-Xchange Editor This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. | 7.8 |
| 2023-01-26 | CVE-2022-42421 | Out-of-bounds Write vulnerability in Tracker-Software Pdf-Xchange Editor This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. | 7.8 |
| 2023-01-26 | CVE-2022-42423 | Out-of-bounds Write vulnerability in Tracker-Software Pdf-Xchange Editor This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. | 7.8 |
| 2021-01-07 | CVE-2018-18689 | Improper Verification of Cryptographic Signature vulnerability in multiple products The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. network low complexity avanquest foxitsoftware gonitro iskysoft pdfforge qoppa sodapdf soft-xpansion tracker-software visagesoft CWE-347 | 5.3 |
| 2019-10-11 | CVE-2019-17497 | Insufficiently Protected Credentials vulnerability in Tracker-Software Pdf-Xchange Editor Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). | 6.5 |
| 2018-09-01 | CVE-2018-16303 | XXE vulnerability in Tracker-Software Pdf-Xchange Editor PDF-XChange Editor through 7.0.326.1 allows remote attackers to cause a denial of service (resource consumption) via a crafted x:xmpmeta structure, a related issue to CVE-2003-1564. | 7.5 |
| 2018-01-31 | CVE-2018-6462 | Out-of-bounds Write vulnerability in Tracker-Software Pdf-Xchange Viewer and Viewer AX SDK Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document. | 7.8 |
| 2017-12-27 | CVE-2017-13056 | Improper Input Validation vulnerability in Tracker-Software Pdf-Xchange Viewer 2.5 The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file. | 7.8 |