Lucene search

Irfanview Security Vulnerabilities

cve

CVE-2021-46064

IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff...

7.8CVSS

7.8AI Score

0.001EPSS

2022-03-23 06:15 PM

cve

CVE-2020-13880

IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf heap-based out-of-bounds...

9.8CVSS

7.4AI Score

0.001EPSS

2024-01-05 09:15 AM

cve

CVE-2020-13878

IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef heap-based out-of-bounds...

9.8CVSS

7.4AI Score

0.001EPSS

2024-01-05 08:15 AM

cve

CVE-2020-13879

IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f heap-based out-of-bounds...

9.8CVSS

7.4AI Score

0.001EPSS

2024-01-05 08:15 AM

cve

CVE-2023-26974

Irfanview v4.62 allows a user-mode write access violation via a crafted JPEG 2000 file starting at...

5.5CVSS

5.5AI Score

0.0004EPSS

2023-04-04 04:15 PM

cve

CVE-2023-24304

Improper input validation in the PDF.dll plugin of IrfanView v4.60 allows attackers to execute arbitrary code via opening a crafted PDF...

7.8CVSS

7.8AI Score

0.001EPSS

2023-03-28 09:15 PM

cve

CVE-2020-23555

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23557

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23551

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23550

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23553

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23552

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23556

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23559

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23554

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23558

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23560

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-09-16 03:15 AM

cve

CVE-2020-23562

IrfanView 4.54 allows a user-mode write access violation starting at...

5.5CVSS

7.4AI Score

0.001EPSS

2022-07-18 12:15 AM

cve

CVE-2020-23561

IrfanView 4.54 allows a user-mode write access violation starting at...

5.5CVSS

7.4AI Score

0.001EPSS

2022-07-18 12:15 AM

cve

CVE-2020-23563

IrfanView 4.54 allows a user-mode write access violation starting at...

5.5CVSS

7.4AI Score

0.001EPSS

2022-07-18 12:15 AM

cve

CVE-2020-23545

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2021-12-15 08:15 AM

cve

CVE-2020-23567

Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to "Integer Divide By Zero starting at...

5.5CVSS

5.3AI Score

0.001EPSS

2021-11-05 05:15 PM

cve

CVE-2020-23565

Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to a "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS

7.8AI Score

0.001EPSS

2021-11-05 05:15 PM

cve

CVE-2020-23566

Irfanview v4.53 was discovered to contain an infinity loop via...

5.5CVSS

5.6AI Score

0.0004EPSS

2021-11-05 05:15 PM

cve

CVE-2020-23546

IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2021-10-28 10:15 PM

cve

CVE-2020-23549

IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2021-10-28 10:15 PM

cve

CVE-2021-29360

A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE...

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29358

A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR...

5.5CVSS

5.5AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29362

A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE...

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29363

A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE...

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29361

A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE...

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29364

A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE...

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29365

Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component. This can cause a denial of service...

5.5CVSS

5.4AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29366

A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE...

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-29367

A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG...

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-28 04:15 PM

cve

CVE-2021-27362

The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary...

9.8CVSS

9.7AI Score

0.014EPSS

2021-02-17 04:15 PM

cve

CVE-2021-27224

The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote attackers to execute arbitrary...

7.5CVSS

7.9AI Score

0.078EPSS

2021-02-17 04:15 PM

cve

CVE-2020-35133

irfanView 4.56 contains an error processing parsing files of type .pcx. Which leads to out-of-bounds writing at...

7.5CVSS

7.5AI Score

0.001EPSS

2020-12-16 06:15 PM

cve

CVE-2020-13906

IrfanView 4.54 allows a user-mode write access violation starting at...

7.8CVSS

7.4AI Score

0.001EPSS

2020-06-10 07:15 PM

cve

CVE-2020-13905

IrfanView 4.54 allows a user-mode write access violation starting at...

8.8CVSS

7.4AI Score

0.002EPSS

2020-06-10 07:15 PM

cve

CVE-2013-3486

IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow...

9.6CVSS

6.7AI Score

0.003EPSS

2020-01-27 03:15 PM

cve

CVE-2013-3944

Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE...

7.8CVSS

8.3AI Score

0.632EPSS

2020-01-02 07:15 PM

cve

CVE-2013-3945

The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband...

7.8CVSS

7.9AI Score

0.004EPSS

2020-01-02 07:15 PM

cve

CVE-2013-3946

Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels...

7.8CVSS

8.3AI Score

0.024EPSS

2020-01-02 07:15 PM

cve

CVE-2019-17244

IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2019-10-08 12:15 PM

cve

CVE-2019-17257

IrfanView 4.53 allows a Exception Handler Chain to be Corrupted starting at...

5.5CVSS

7.5AI Score

0.001EPSS

2019-10-08 12:15 PM

cve

CVE-2019-17256

IrfanView 4.53 allows a User Mode Write AV starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2019-10-08 12:15 PM

cve

CVE-2019-17255

IrfanView 4.53 allows a User Mode Write AV starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2019-10-08 12:15 PM

cve

CVE-2019-17246

IrfanView 4.53 allows a User Mode Write AV starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2019-10-08 12:15 PM

cve

CVE-2019-17243

IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at...

7.8CVSS

7.6AI Score

0.001EPSS

2019-10-08 12:15 PM

Total number of security vulnerabilities128