Lucene search

Irfanview Security Vulnerabilities

cve

CVE-2019-17258

IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x000000000000839c.

7.8CVSS

7.5AI Score

0.001EPSS

2019-10-08 12:15 PM

cve

CVE-2020-13905

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038ed4.

8.8CVSS

8.6AI Score

0.002EPSS

2020-06-10 07:15 PM

cve

CVE-2020-13906

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038eb7.

7.8CVSS

7.6AI Score

0.001EPSS

2020-06-10 07:15 PM

cve

CVE-2020-23545

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531.

7.8CVSS

7.6AI Score

0.001EPSS

2021-12-15 08:15 AM

cve

CVE-2020-23546

IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981.

7.8CVSS

7.6AI Score

0.001EPSS

2021-10-28 10:15 PM

cve

CVE-2020-23549

IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6".

7.8CVSS

7.6AI Score

0.001EPSS

2021-10-28 10:15 PM

cve

CVE-2020-23550

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e82.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23551

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e30.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23552

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e62.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23553

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007d33.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23554

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e20.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23555

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e6e.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23556

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e28.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23557

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000755d.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23558

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007f4b.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23559

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007d7f.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23560

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000001bcab.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23561

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722.

5.5CVSS

5.5AI Score

0.001EPSS

2022-07-18 12:15 AM

cve

CVE-2020-23562

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe.

5.5CVSS

5.5AI Score

0.001EPSS

2022-07-18 12:15 AM

cve

CVE-2020-23563

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.

5.5CVSS

5.5AI Score

0.001EPSS

2022-07-18 12:15 AM

cve

CVE-2020-23565

Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to a "Data from Faulting Address controls Branch Selection starting at JPEG2000!ShowPlugInSaveOptions_W+0x0000000000032850".

7.8CVSS

7.8AI Score

0.001EPSS

2021-11-05 05:15 PM

cve

CVE-2020-23566

Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptions_W+0x1ecd8.

5.5CVSS

5.5AI Score

0.0004EPSS

2021-11-05 05:15 PM

cve

CVE-2020-23567

Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to "Integer Divide By Zero starting at JPEG2000!ShowPlugInSaveOptions_W+0x00000000000082ea"

5.5CVSS

5.3AI Score

0.001EPSS

2021-11-05 05:15 PM

cve

CVE-2020-35133

irfanView 4.56 contains an error processing parsing files of type .pcx. Which leads to out-of-bounds writing at i_view32+0xdb60.

7.5CVSS

7.5AI Score

0.001EPSS

2020-12-16 06:15 PM

cve

CVE-2021-29358

A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file.

5.5CVSS

5.5AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29360

A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29361

A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29362

A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29363

A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29364

A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29365

Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component. This can cause a denial of service (DOS).

5.5CVSS

5.4AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29366

A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29367

A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file.

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-46064

IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image.

7.8CVSS

7.8AI Score

0.001EPSS

2022-03-23 06:15 PM

cve

CVE-2023-24304

Improper input validation in the PDF.dll plugin of IrfanView v4.60 allows attackers to execute arbitrary code via opening a crafted PDF file.

7.8CVSS

7.8AI Score

0.001EPSS

2023-03-28 09:15 PM

cve

CVE-2023-26974

Irfanview v4.62 allows a user-mode write access violation via a crafted JPEG 2000 file starting at JPEG2000+0x0000000000001bf0.

5.5CVSS

5.5AI Score

0.0004EPSS

2023-04-04 04:15 PM

Total number of security vulnerabilities186