Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
4174044.8%CRITICAL

Related CVEs

100+
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2026-30007XnSoft NConvert 7.230 is vulnerable to Use-After-Free via a crafted .tiff fileMEDIUM6.25.4%Mar 23, 2026
CVE-2026-30006XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file.MEDIUM6.25.4%Mar 23, 2026
CVE-2024-11950XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RWZ files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22913.HIGH8.838.7%Dec 12, 2024
CVE-2024-22532Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x86) allows attackers to cause a denial of service via crafted xwd file.MEDIUM6.562.3%Feb 28, 2024
CVE-2023-52174XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3125D6.CRITICAL9.850.1%Dec 29, 2023
CVE-2023-52173XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3ADBD0.CRITICAL9.843.3%Dec 29, 2023
CVE-2023-46587Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local attacker to execute arbitrary code via a crafted TIF file.HIGH7.810.5%Oct 27, 2023
CVE-2023-43251XNSoft Nconvert 7.136 has an Exception Handler Chain Corrupted via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.HIGH7.841.2%Oct 19, 2023
CVE-2023-43252XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow via a crafted image file.HIGH7.840.4%Oct 19, 2023
CVE-2023-43250XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There is a User Mode Write AV via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.HIGH7.845.4%Oct 18, 2023
CVE-2021-28835Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.HIGH7.823.5%Aug 11, 2023
CVE-2021-28427Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.HIGH7.816.4%Aug 11, 2023
CVE-2020-23887XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted ico file. Related to a Read Access Violation starting at USER32!SmartStretchDIBits+0x33.MEDIUM5.548.4%Nov 10, 2021
CVE-2020-23886XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted pict file. Related to a User Mode Write AV starting at ntdll!RtlpLowFragHeapFree.MEDIUM5.556.7%Nov 10, 2021
CVE-2013-3493XnView 2.03 has an integer overflow vulnerabilityCRITICAL9.873.1%Jan 27, 2020
CVE-2013-3492XnView 2.03 has a stack-based buffer overflow vulnerabilityCRITICAL9.871.8%Jan 27, 2020
CVE-2013-3941Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow.CRITICAL9.884.4%Jan 2, 2020
CVE-2013-3939xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.HIGH7.874.7%Jan 2, 2020
CVE-2013-3937Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.HIGH7.875.0%Jan 2, 2020
CVE-2013-3247Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file.HIGH7.882.0%Jan 2, 2020