DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.
Credits
Thanks to Namjun Jo for reporting these vulnerabilities.
