Vulnerabilities > Xnview

DATE CVE VULNERABILITY TITLE RISK
2023-08-11 CVE-2021-28427 Classic Buffer Overflow vulnerability in Xnview 2.49.3
Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.
local
low complexity
xnview CWE-120
7.8
2023-08-11 CVE-2021-28835 Classic Buffer Overflow vulnerability in Xnview
Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.
local
low complexity
xnview CWE-120
7.8
2021-11-10 CVE-2020-23886 Out-of-bounds Write vulnerability in Xnview MP
XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted pict file.
local
low complexity
xnview CWE-787
5.5
2021-11-10 CVE-2020-23887 Out-of-bounds Write vulnerability in Xnview MP
XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted ico file.
network
xnview CWE-787
4.3
2020-01-27 CVE-2013-3493 Integer Overflow or Wraparound vulnerability in Xnview 2.03
XnView 2.03 has an integer overflow vulnerability
network
low complexity
xnview CWE-190
7.5
2020-01-27 CVE-2013-3492 Out-of-bounds Write vulnerability in Xnview 2.03
XnView 2.03 has a stack-based buffer overflow vulnerability
network
low complexity
xnview CWE-787
7.5
2020-01-02 CVE-2013-3941 Out-of-bounds Write vulnerability in Xnview
Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow.
network
low complexity
xnview CWE-787
7.5
2020-01-02 CVE-2013-3939 Out-of-bounds Write vulnerability in Xnview
xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.
network
xnview CWE-787
6.8
2020-01-02 CVE-2013-3937 Out-of-bounds Write vulnerability in Xnview
Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.
network
xnview CWE-787
6.8
2020-01-02 CVE-2013-3247 Out-of-bounds Write vulnerability in Xnview
Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file.
network
xnview CWE-787
6.8