VYPR

Vendor CVEs

IrfanView

All CVEs

385 total · sorted by risk
  • CVE-2024-6817Nov 22, 2024
    risk 0.00cvss epss 0.01

    IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must…

  • CVE-2024-6816Nov 22, 2024
    risk 0.00cvss epss 0.01

    IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target…

  • CVE-2024-6815Nov 22, 2024
    risk 0.00cvss epss 0.01

    IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must…

  • CVE-2024-5877Nov 22, 2024
    risk 0.00cvss epss 0.01

    IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must…

  • CVE-2024-5876Nov 22, 2024
    risk 0.00cvss epss 0.01

    IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target…

  • CVE-2024-5875Nov 22, 2024
    risk 0.00cvss epss 0.01

    IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must…

  • CVE-2024-5874Nov 22, 2024
    risk 0.00cvss epss 0.01

    IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must…

  • CVE-2024-44913Aug 28, 2024
    risk 0.00cvss epss 0.00

    An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2024-44914Aug 28, 2024
    risk 0.00cvss epss 0.00

    An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2024-44915Aug 28, 2024
    risk 0.00cvss epss 0.00

    An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2024-6812Aug 21, 2024
    risk 0.00cvss epss 0.01

    IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must…

  • CVE-2024-6811Aug 21, 2024
    risk 0.00cvss epss 0.01

    IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must…

  • CVE-2020-13878Jan 5, 2024
    risk 0.00cvss epss 0.01

    IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef heap-based out-of-bounds write.

  • CVE-2020-13879Jan 5, 2024
    risk 0.00cvss epss 0.01

    IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f heap-based out-of-bounds write.

  • CVE-2020-13880Jan 5, 2024
    risk 0.00cvss epss 0.01

    IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf heap-based out-of-bounds write.

  • CVE-2023-26974Apr 4, 2023
    risk 0.00cvss epss 0.01

    Irfanview v4.62 allows a user-mode write access violation via a crafted JPEG 2000 file starting at JPEG2000+0x0000000000001bf0.

  • CVE-2023-24304Mar 28, 2023
    risk 0.00cvss epss 0.00

    Improper input validation in the PDF.dll plugin of IrfanView v4.60 allows attackers to execute arbitrary code via opening a crafted PDF file.

  • CVE-2020-23560Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000001bcab.

  • CVE-2020-23559Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007d7f.

  • CVE-2020-23558Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007f4b.

  • CVE-2020-23557Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000755d.

  • CVE-2020-23556Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e28.

  • CVE-2020-23555Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e6e.

  • CVE-2020-23554Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e20.

  • CVE-2020-23553Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007d33.

  • CVE-2020-23552Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e62.

  • CVE-2020-23551Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e30.

  • CVE-2020-23550Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e82.

  • CVE-2020-23563Jul 17, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.

  • CVE-2020-23562Jul 17, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe.

  • CVE-2020-23561Jul 17, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722.

  • CVE-2021-46064Mar 23, 2022
    risk 0.00cvss epss 0.01

    IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image.

  • CVE-2020-23545Dec 15, 2021
    risk 0.00cvss epss 0.01

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531.

  • CVE-2020-23567Nov 5, 2021
    risk 0.00cvss epss 0.01

    Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to "Integer Divide By Zero starting at JPEG2000!ShowPlugInSaveOptions_W+0x00000000000082ea"

  • CVE-2020-23566Nov 5, 2021
    risk 0.00cvss epss 0.01

    Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptions_W+0x1ecd8.

  • CVE-2020-23565Nov 5, 2021
    risk 0.00cvss epss 0.01

    Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to a "Data from Faulting Address controls Branch Selection starting at JPEG2000!ShowPlugInSaveOptions_W+0x0000000000032850".

  • CVE-2020-23549Oct 28, 2021
    risk 0.00cvss epss 0.01

    IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6".

  • CVE-2020-23546Oct 28, 2021
    risk 0.00cvss epss 0.01

    IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981.

  • CVE-2021-29367Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file.

  • CVE-2021-29365Sep 28, 2021
    risk 0.00cvss epss 0.01

    Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component. This can cause a denial of service (DOS).

  • CVE-2021-29366Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

  • CVE-2021-29364Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

  • CVE-2021-29363Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74

  • CVE-2021-29362Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

  • CVE-2021-29361Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

  • CVE-2021-29360Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

  • CVE-2021-29358Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file.

  • CVE-2021-27362Feb 17, 2021
    risk 0.00cvss epss 0.04

    The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code.

  • CVE-2020-35133Dec 16, 2020
    risk 0.00cvss epss 0.04

    irfanView 4.56 contains an error processing parsing files of type .pcx. Which leads to out-of-bounds writing at i_view32+0xdb60.

  • CVE-2020-13906Jun 10, 2020
    risk 0.00cvss epss 0.01

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038eb7.

Page 7 of 8