Xnview Security Vulnerabilities and Issues — Xnview CVE List

cve

CVE-2023-46587

Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local attacker to execute arbitrary code via a crafted TIF...

7.8CVSS

7.8AI Score

0.001EPSS

2023-10-27 11:15 PM

36

cve

CVE-2021-28427

Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF...

7.8CVSS

7.8AI Score

0.001EPSS

2023-08-11 02:15 PM

9

cve

CVE-2021-28835

Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap...

7.8CVSS

7.8AI Score

0.001EPSS

2023-08-11 02:15 PM

6

cve

CVE-2013-3492

XnView 2.03 has a stack-based buffer overflow...

9.8CVSS

7.3AI Score

0.003EPSS

2020-01-27 03:15 PM

23

cve

CVE-2013-3493

XnView 2.03 has an integer overflow...

9.8CVSS

7.1AI Score

0.002EPSS

2020-01-27 03:15 PM

22

cve

CVE-2013-3941

Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer...

9.8CVSS

8AI Score

0.009EPSS

2020-01-02 08:15 PM

62

cve

CVE-2013-3247

Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF...

7.8CVSS

8.2AI Score

0.004EPSS

2020-01-02 08:15 PM

61

cve

CVE-2013-3937

Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP...

7.8CVSS

8.3AI Score

0.004EPSS

2020-01-02 08:15 PM

64

cve

CVE-2013-3246

Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF...

7.8CVSS

8.2AI Score

0.016EPSS

2020-01-02 08:15 PM

70

cve

CVE-2013-3939

xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer...

7.8CVSS

8.1AI Score

0.004EPSS

2020-01-02 08:15 PM

59

cve

CVE-2019-17262

XnView Classic 2.49.1 allows a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2019-10-08 12:15 PM

22

cve

CVE-2019-17261

XnView Classic 2.49.1 allows a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2019-10-08 12:15 PM

18

cve

CVE-2019-13257

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-07-04 04:15 PM

24

cve

CVE-2019-13260

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-07-04 04:15 PM

24

cve

CVE-2019-13256

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-07-04 04:15 PM

23

cve

CVE-2019-13254

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-07-04 04:15 PM

34

cve

CVE-2019-13259

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-07-04 04:15 PM

32

cve

CVE-2019-13255

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-07-04 04:15 PM

29

cve

CVE-2019-13253

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-07-04 04:15 PM

25

cve

CVE-2019-13258

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-07-04 04:15 PM

23

cve

CVE-2019-13261

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-07-04 04:15 PM

37

cve

CVE-2019-13262

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-07-04 04:15 PM

48

cve

CVE-2019-13083

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-06-30 04:15 PM

42

cve

CVE-2019-13084

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-06-30 04:15 PM

44

cve

CVE-2019-13085

XnView Classic 2.48 has a User Mode Write AV starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2019-06-30 04:15 PM

47

cve

CVE-2018-15175

XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at Qt5Core!QVariant::~QVariant+0x0000000000000014 and application crash) or possibly have unspecified other impact via a crafted RLE...

7.8CVSS

7.7AI Score

0.001EPSS

2018-08-08 12:29 AM

27

cve

CVE-2018-15176

XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at MSVCR120!memcpy+0x0000000000000074 and application crash) or possibly have unspecified other impact via a crafted RLE...

7.8CVSS

7.7AI Score

0.001EPSS

2018-08-08 12:29 AM

21

cve

CVE-2018-15174

XnView 2.45 allows remote attackers to cause a denial of service (Read Access Violation at the Instruction Pointer and application crash) or possibly have unspecified other impact via a crafted ICO...

7.8CVSS

7.7AI Score

0.001EPSS

2018-08-08 12:29 AM

21

cve

CVE-2017-15779

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at...

7.8CVSS

7.8AI Score

0.001EPSS

2017-10-22 08:29 PM

20

cve

CVE-2017-15785

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from...

7.8CVSS

8AI Score

0.001EPSS

2017-10-22 08:29 PM

23

cve

CVE-2017-15773

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2017-10-22 08:29 PM

23

cve

CVE-2017-15774

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow starting at...

7.8CVSS

7.9AI Score

0.001EPSS

2017-10-22 08:29 PM

19

cve

CVE-2017-15782

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at...

7.8CVSS

7.8AI Score

0.001EPSS

2017-10-22 08:29 PM

21

cve

CVE-2017-15788

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at...

7.8CVSS

7.8AI Score

0.001EPSS

2017-10-22 08:29 PM

26

cve

CVE-2017-15777

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at...

7.8CVSS

7.8AI Score

0.001EPSS

2017-10-22 08:29 PM

25

2

cve

CVE-2017-15778

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2017-10-22 08:29 PM

21

cve

CVE-2017-15786

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2017-10-22 08:29 PM

21

cve

CVE-2017-15775

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2017-10-22 08:29 PM

19

cve

CVE-2017-15776

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2017-10-22 08:29 PM

22

cve

CVE-2017-15784

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to an "Illegal Instruction Violation starting at...

7.8CVSS

7.8AI Score

0.001EPSS

2017-10-22 08:29 PM

19

cve

CVE-2017-15789

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at...

7.8CVSS

7.8AI Score

0.001EPSS

2017-10-22 08:29 PM

21

cve

CVE-2017-15772

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2017-10-22 08:29 PM

29

cve

CVE-2017-15780

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2017-10-22 08:29 PM

24

cve

CVE-2017-15781

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting at...

7.8CVSS

7.8AI Score

0.001EPSS

2017-10-22 08:29 PM

21

cve

CVE-2017-15783

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2017-10-22 08:29 PM

22

cve

CVE-2017-15787

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at...

7.8CVSS

8AI Score

0.001EPSS

2017-10-22 08:29 PM

22

cve

CVE-2017-15803

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a...

7.8CVSS

7.5AI Score

0.001EPSS

2017-10-22 07:29 PM

24

cve

CVE-2017-15801

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2017-10-22 07:29 PM

23

cve

CVE-2017-15802

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2017-10-22 07:29 PM

25

cve

CVE-2017-14541

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS

7.6AI Score

0.0004EPSS

2017-09-18 05:29 PM

23