Xnview
Monthly
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 34.9%.
Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 12.2% and no vendor patch available.
Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 31.8%.
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.6%.
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 16.6%.
Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0684. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.
Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0685. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.
Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnView 1.98.5 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 34.9%.
Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 12.2% and no vendor patch available.
Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 31.8%.
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.6%.
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 16.6%.
Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0684. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.
Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0685. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.
Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnView 1.98.5 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.