Xnview

xnview

174 CVEs • 4 products

Products (4)

Click to collapse

Toggle

CVEs (174)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-30007 1Xnview 1Nconvert Mar 26, 2026 Mar 23, 2026 N/A· v4 6.2 MEDIUM· v3 N/A· v2 XnSoft NConvert 7.230 is vulnerable to Use-After-Free via a crafted .tiff file
CVE-2026-30006 1Xnview 1Nconvert Mar 26, 2026 Mar 23, 2026 N/A· v4 6.2 MEDIUM· v3 N/A· v2 XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file.
CVE-2024-11950 1Xnview 1Xnview Aug 15, 2025 Dec 12, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User...Show more XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RWZ files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22913.Show less
CVE-2024-22532 1Xnview 1Nconvert May 13, 2025 Feb 28, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x86) allows attackers to cause a denial of service via crafted xwd file.
CVE-2023-52174 1Xnview 1Xnview Classic Nov 21, 2024 Dec 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3125D6.
CVE-2023-52173 1Xnview 1Xnview Classic Nov 21, 2024 Dec 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3ADBD0.
CVE-2023-46587 1Xnview 1Xnview Nov 21, 2024 Oct 27, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local attacker to execute arbitrary code via a crafted TIF file.
CVE-2023-43251 1Xnview 1Nconvert Nov 21, 2024 Oct 19, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 XNSoft Nconvert 7.136 has an Exception Handler Chain Corrupted via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
CVE-2023-43252 1Xnview 1Nconvert Nov 21, 2024 Oct 19, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow via a crafted image file.
CVE-2023-43250 1Xnview 1Nconvert Nov 21, 2024 Oct 18, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There is a User Mode Write AV via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
CVE-2021-28835 1Xnview 1Xnview Nov 21, 2024 Aug 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.
CVE-2021-28427 1Xnview 1Xnview Nov 21, 2024 Aug 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.
CVE-2020-23887 1Xnview 1Xnview Mp Nov 21, 2024 Nov 10, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted ico file. Related to a Read Access Violation starting at USER32!SmartStretchDIBits+0x33.
CVE-2020-23886 1Xnview 1Xnview Mp Nov 21, 2024 Nov 10, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted pict file. Related to a User Mode Write AV starting at ntdll!RtlpLowFragHeapFree.
CVE-2013-3493 1Xnview 1Xnview Nov 21, 2024 Jan 27, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 XnView 2.03 has an integer overflow vulnerability
CVE-2013-3492 1Xnview 1Xnview Nov 21, 2024 Jan 27, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 XnView 2.03 has a stack-based buffer overflow vulnerability
CVE-2013-3941 1Xnview 1Xnview Nov 21, 2024 Jan 2, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a craft...Show more Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow.Show less
CVE-2013-3939 1Xnview 1Xnview Nov 21, 2024 Jan 2, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads...Show more xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.Show less
CVE-2013-3937 1Xnview 1Xnview Nov 21, 2024 Jan 2, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.
CVE-2013-3247 1Xnview 1Xnview Nov 21, 2024 Jan 2, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file.

12 3 4 5...9 Next