Browse all 184 CVE security advisories affecting IrfanView. AI-powered Chinese analysis, POCs, and references for each vulnerability.
IrfanView is a widely used Windows image viewer and converter, primarily serving casual users and professionals requiring rapid batch processing of graphic files. Despite its utility, the software has accumulated 184 recorded Common Vulnerabilities and Exposures (CVEs), reflecting significant historical security debt. The majority of these flaws involve buffer overflows and memory corruption issues, which frequently enable remote code execution (RCE) when processing maliciously crafted image formats such as TIFF, JPEG, or PNG. While cross-site scripting (XSS) and privilege escalation are less common in this desktop application context, the prevalence of RCE vulnerabilities poses a critical risk, particularly when users open untrusted files. Notable incidents highlight the danger of automated batch processing features, where a single malformed image can trigger arbitrary code execution with the privileges of the current user. Regular updates are essential to mitigate these persistent memory safety defects.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2013-3944 | IrfanView 缓冲区错误漏洞 — MrSID plugin | 7.8 | - | 2020-01-02 |
| CVE-2013-3945 | IrfanView 输入验证错误漏洞 — MrSID plugin | 7.8 | - | 2020-01-02 |
| CVE-2013-3946 | IrfanView缓冲区错误漏洞 — MrSID plugin | 8.4 | - | 2020-01-02 |
| CVE-2017-2813 | IrfanView 数字错误漏洞 — Irfanview | 7.8 | - | 2017-06-21 |
This page lists every published CVE security advisory associated with IrfanView. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.