xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length...
9.8CVSS
7.7AI Score
0.002EPSS
Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a...
7.6AI Score
0.005EPSS
Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a crafted image...
8.2AI Score
0.016EPSS
Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer...
8AI Score
0.026EPSS