VYPR

Vendor CVEs

IrfanView

All CVEs

385 total · sorted by risk
  • CVE-2017-9528HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.03

    IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000000f53."

  • CVE-2017-8766HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) allows remote attackers to execute code via a crafted .mov file, because of a "User Mode Write AV near NULL" issue.

  • CVE-2017-8370HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.03

    IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote attackers to execute arbitrary code or cause a denial of service (Heap Corruption and application crash) in processing a FlashPix (.FPX) file, a different vulnerability than CVE-2017-7721.

  • CVE-2017-8369HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.01

    IrfanView version 4.44 (32bit) has a "Data from Faulting Address controls Branch Selection starting at USER32!wvsprintfA+0x00000000000002f3" issue, which might allow attackers to execute arbitrary code via a crafted file.

  • CVE-2017-10926HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at wow64!Wow64NotifyDebugger+0x000000000000001d."

  • CVE-2017-10925HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at…

  • CVE-2017-10924HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529."

  • CVE-2017-10735HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca."

  • CVE-2017-10734HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wow64NotifyDebugger+0x000000000000001d."

  • CVE-2017-10733HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpEnterCriticalSectionContended+0x000…

  • CVE-2017-10732HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x0000000000000429."

  • CVE-2017-10731HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d80."

  • CVE-2017-10730HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d96."

  • CVE-2017-10729HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121."

  • CVE-2017-7721HigApr 30, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an Access Violation and crash in processing a FlashPix (.FPX) file.

  • CVE-2024-31007MedOct 21, 2024
    risk 0.36cvss 5.5epss 0.00

    Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows a local attacker to cause a denial of service via a crafted file. Affected component is IrfanView 32bit 4.66 with plugin formats.dll.

  • CVE-2012-0897Jan 20, 2012
    risk 0.07cvss epss 0.53

    Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.

  • CVE-2012-0025Nov 2, 2012
    risk 0.04cvss epss 0.06

    Double free vulnerability in the Free_All_Memory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial of service (crash) via a crafted FPX image.

  • CVE-2011-5233Oct 25, 2012
    risk 0.04cvss epss 0.09

    Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file.

  • CVE-2012-3585Jul 5, 2012
    risk 0.04cvss epss 0.08

    Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.

  • CVE-2012-0278Apr 18, 2012
    risk 0.04cvss epss 0.10

    Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression.

  • CVE-2008-0493Jan 30, 2008
    risk 0.04cvss epss 0.09

    fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information.

  • CVE-2007-2363Apr 30, 2007
    risk 0.04cvss epss 0.09

    Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file.

  • CVE-2007-1948Apr 11, 2007
    risk 0.04cvss epss 0.08

    Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and…

  • CVE-2007-1867Apr 4, 2007
    risk 0.04cvss epss 0.08

    Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file.

  • CVE-2006-4374Aug 26, 2006
    risk 0.03cvss epss 0.03

    IrfanView 3.98 (with plugins) allows user-assisted attackers to cause a denial of service (application crash) via a crafted ANI image file, possibly due to a buffer overflow.

  • CVE-1999-1112Nov 9, 1999
    risk 0.03cvss epss 0.04

    Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header.

  • CVE-2021-27224Feb 17, 2021
    risk 0.01cvss epss 0.38

    The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote attackers to execute arbitrary code.

  • CVE-2013-3944Jan 2, 2020
    risk 0.01cvss epss 0.28

    Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.

  • CVE-2025-7299Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7325Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7324Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7323Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7322Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7321Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7320Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7319Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7318Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7317Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7316Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7315Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7314Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7313Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7312Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7311Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7309Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7310Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7308Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7307Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

  • CVE-2025-7306Jul 21, 2025
    risk 0.00cvss epss 0.00

    IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this…

Page 3 of 8