VYPR

Xnview

by Xnview

CVEs (149)

  • CVE-2017-10752HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpLowFragHeapFree+0x00000000…

  • CVE-2017-10751HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!GenericEngineGetGlyphs+0x00000000000001…

  • CVE-2017-10750HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at ntdll_77df0000!RtlEnterCriticalSection+0x0000000000000012."

  • CVE-2017-10749HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d."

  • CVE-2017-10748HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at xnview+0x000000000022bf8d."

  • CVE-2017-10747HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at xnview+0x000000000037a8aa."

  • CVE-2017-10746HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlEnterCriticalSection+0x0000000000000012."

  • CVE-2017-10745HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!RtlProcessFlsData+0x00000000000000b0."

  • CVE-2017-10744HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting at COMCTL32!CToolTipsMgr::s_ToolTipsWndProc+0x0000000000000032."

  • CVE-2017-10743HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!LdrpInitializeNode+0x000000000000015b."

  • CVE-2017-10742HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x00000000380a0500 called from…

  • CVE-2017-10741HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121."

  • CVE-2017-10740HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlRbInsertNodeEx+0x000000000000002d."

  • CVE-2017-10739HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnview+0x00000000003826ec."

  • CVE-2017-10738HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000002f32332f called from…

  • CVE-2017-10737HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000002e6."

  • CVE-2017-10736HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.00

    XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at msvcrt!_VEC_memzero+0x000000000000006a."

  • CVE-2019-25328HigFeb 12, 2026
    risk 0.49cvss 7.5epss 0.00

    XnConvert 1.82 contains a denial of service vulnerability in its registration code input field that allows attackers to crash the application. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the registration code field to trigger an application…

  • CVE-2007-2194Apr 24, 2007
    risk 0.05cvss epss 0.19

    Stack-based buffer overflow in XnView 1.90.3 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information.

  • CVE-2012-4988Jul 9, 2014
    risk 0.04cvss epss 0.10

    Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.

Page 6 of 8