Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Irfanview Subscribe
Total 381 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9922 1 Irfanview 2 Irfanview, Tools 2025-04-20 4.4 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpCompareResourceNames_U+0x0000000000000062."
CVE-2017-9889 1 Irfanview 2 Fpx, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000003714."
CVE-2017-9535 1 Irfanview 2 Fpx, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000016e53."
CVE-2017-15254 1 Irfanview 2 Irfanview, Pdf 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlGetGlobalState+0x000000000007dfa5."
CVE-2017-15253 1 Irfanview 2 Irfanview, Pdf 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting at PDF!xmlGetGlobalState+0x000000000007dff2."
CVE-2017-15740 1 Irfanview 2 Cadimage, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow starting at CADIMAGE+0x000000000033228e."
CVE-2017-9891 1 Irfanview 2 Fpx, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007053."
CVE-2017-9875 1 Irfanview 2 Fpx, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!DE_Decode+0x0000000000000cdb."
CVE-2017-9876 1 Irfanview 2 Fpx, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c995."
CVE-2017-15749 1 Irfanview 2 Cadimage, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x00000000000348b9."
CVE-2017-9530 1 Irfanview 2 Irfanview, Tools 2025-04-20 4.4 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77df0000!LdrpResCompareResourceNames+0x0000000000000150."
CVE-2017-9531 1 Irfanview 2 Fpx, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX+0x000000000000176c."
CVE-2017-15251 1 Irfanview 2 Irfanview, Pdf 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x00000000000e7326."
CVE-2017-9532 1 Irfanview 2 Fpx, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX+0x0000000000001555."
CVE-2017-9886 1 Irfanview 2 Fpx, Irfanview 2025-04-20 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpLowFragHeapFree+0x000000000000001f."
CVE-2020-13879 1 Irfanview 1 B3d 2025-04-17 N/A 9.8 CRITICAL
IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f heap-based out-of-bounds write.
CVE-2012-0278 1 Irfanview 2 Flashpix Plugin, Irfanview 2025-04-11 9.3 HIGH N/A
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression.
CVE-2010-1509 1 Irfanview 1 Irfanview 2025-04-11 5.0 MEDIUM N/A
IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow, related to a "sign-extension error."
CVE-2012-5904 1 Irfanview 1 Irfanview 2025-04-11 6.8 MEDIUM N/A
Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image.
CVE-2010-1510 1 Irfanview 1 Irfanview 2025-04-11 5.0 MEDIUM N/A
Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression.