Xnview

xnview

Vendor: Xnview • 156 CVEs

CVEs (156)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-11950 1Xnview 1Xnview Aug 15, 2025 Dec 12, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User...Show more XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RWZ files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22913.Show less
CVE-2023-46587 1Xnview 1Xnview Nov 21, 2024 Oct 27, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local attacker to execute arbitrary code via a crafted TIF file.
CVE-2021-28835 1Xnview 1Xnview Nov 21, 2024 Aug 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.
CVE-2021-28427 1Xnview 1Xnview Nov 21, 2024 Aug 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.
CVE-2013-3493 1Xnview 1Xnview Nov 21, 2024 Jan 27, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 XnView 2.03 has an integer overflow vulnerability
CVE-2013-3492 1Xnview 1Xnview Nov 21, 2024 Jan 27, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 XnView 2.03 has a stack-based buffer overflow vulnerability
CVE-2013-3941 1Xnview 1Xnview Nov 21, 2024 Jan 2, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a craft...Show more Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow.Show less
CVE-2013-3939 1Xnview 1Xnview Nov 21, 2024 Jan 2, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads...Show more xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.Show less
CVE-2013-3937 1Xnview 1Xnview Nov 21, 2024 Jan 2, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.
CVE-2013-3247 1Xnview 1Xnview Nov 21, 2024 Jan 2, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file.
CVE-2013-3246 1Xnview 1Xnview Nov 21, 2024 Jan 2, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file.
CVE-2019-17262 1Xnview 1Xnview Nov 21, 2024 Oct 8, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001fc0.
CVE-2019-17261 1Xnview 1Xnview Nov 21, 2024 Oct 8, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001e51.
CVE-2019-13262 1Xnview 1Xnview Nov 21, 2024 Jul 4, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x00000000003283eb.
CVE-2019-13261 1Xnview 1Xnview Nov 21, 2024 Jul 4, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000328384.
CVE-2019-13260 1Xnview 1Xnview Nov 21, 2024 Jul 4, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327a07.
CVE-2019-13259 1Xnview 1Xnview Nov 21, 2024 Jul 4, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000032e566.
CVE-2019-13258 1Xnview 1Xnview Nov 21, 2024 Jul 4, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000328165.
CVE-2019-13257 1Xnview 1Xnview Nov 21, 2024 Jul 4, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x00000000003273aa.
CVE-2019-13256 1Xnview 1Xnview Nov 21, 2024 Jul 4, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000032e849.

12 3 4 5...8 Next