Shodan
Vulnerabilities
Vulnerable Software
Xnview:  Security Vulnerabilities
CVE-2024-11950
XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RWZ files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22913.
CVSS Score
7.8
EPSS Score
0.003
Published
2024-12-12
CVE-2024-22532
Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x86) allows attackers to cause a denial of service via crafted xwd file.
CVSS Score
6.5
EPSS Score
0.056
Published
2024-02-28
CVE-2023-52173
XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3ADBD0.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-12-29
CVE-2023-52174
XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3125D6.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-12-29
CVE-2023-46587
Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local attacker to execute arbitrary code via a crafted TIF file.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-27
CVE-2023-43251
XNSoft Nconvert 7.136 has an Exception Handler Chain Corrupted via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-10-19
CVE-2023-43252
XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow via a crafted image file.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-10-19
CVE-2023-43250
XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There is a User Mode Write AV via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-10-18
CVE-2021-28427
Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-11
CVE-2021-28835
Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved