Xnview

xnview

174 CVEs • 4 products

Products (4)

Click to collapse

Toggle

CVEs (174)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-10736 1Xnview 1Xnview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at msvcrt!_VEC_memzero+0x000000000000006a...Show more XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at msvcrt!_VEC_memzero+0x000000000000006a."Show less
CVE-2012-4988 1Xnview 1Xnview May 6, 2026 Jul 9, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.
CVE-2013-3938 1Xnview 1Xnview May 6, 2026 Mar 18, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow.
CVE-2013-2577 1Xnview 1Xnview Apr 29, 2026 Aug 9, 2013 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file.
CVE-2012-0282 1Xnview 1Xnview Apr 29, 2026 Jul 17, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor st...Show more Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor structure in a GIF image.Show less
CVE-2012-0277 1Xnview 1Xnview Apr 29, 2026 Jul 17, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image.
CVE-2012-0276 1Xnview 1Xnview Apr 29, 2026 Jul 17, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SG...Show more Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL.Show less
CVE-2012-0685 1Xnview 1Xnview Apr 29, 2026 May 9, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0684.
CVE-2012-0684 1Xnview 1Xnview Apr 29, 2026 May 9, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0685.
CVE-2012-1051 1Xnview 1Xnview Apr 29, 2026 Feb 13, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnView 1.98.5 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
CVE-2011-1338 1Xnview 1Xnview Apr 29, 2026 Jul 11, 2011 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item.
CVE-2010-1932 1Xnview 1Xnview Apr 29, 2026 Jun 16, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap (MBM) file with a Paint Data Section that contains a malformed Encoding field.
CVE-2009-4001 1Xnview 1Xnview Apr 29, 2026 Mar 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow.
CVE-2008-1461 1Xnview 1Xnview Apr 23, 2026 Mar 24, 2008 N/A· v4 N/A· v3 7.6 HIGH· v2 Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in w...Show more Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker.Show less

Previous 1...5 6 7 89