Painter
CVEs (22)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-8393 | Hig | 0.54 | 7.8 | 0.08 | Aug 29, 2017 | DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion. | ||
| CVE-2026-34676 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | ||
| CVE-2026-34675 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | ||
| CVE-2014-8395 | 0.01 | — | 0.07 | Jan 15, 2015 | Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed. | |||
| CVE-2026-27218 | 0.00 | — | 0.00 | Mar 10, 2026 | Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of… | |||
| CVE-2026-27219 | 0.00 | — | 0.00 | Mar 10, 2026 | Substance3D - Painter versions 11.1.2 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user… | |||
| CVE-2026-21365 | 0.00 | — | 0.00 | Mar 10, 2026 | Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user… | |||
| CVE-2025-54193 | 0.00 | — | 0.00 | Aug 12, 2025 | Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||
| CVE-2025-54190 | 0.00 | — | 0.00 | Aug 12, 2025 | Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||
| CVE-2025-47108 | 0.00 | — | 0.00 | Jun 10, 2025 | Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | |||
| CVE-2025-30322 | 0.00 | — | 0.00 | May 13, 2025 | Substance3D - Painter versions 11.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||
| CVE-2025-24451 | 0.00 | — | 0.00 | Mar 11, 2025 | Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | |||
| CVE-2025-24450 | 0.00 | — | 0.00 | Mar 11, 2025 | Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | |||
| CVE-2024-47437 | 0.00 | — | 0.00 | Nov 12, 2024 | Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user… | |||
| CVE-2024-47429 | 0.00 | — | 0.00 | Nov 12, 2024 | Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | |||
| CVE-2024-47435 | 0.00 | — | 0.00 | Nov 12, 2024 | Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user… | |||
| CVE-2024-49517 | 0.00 | — | 0.00 | Nov 12, 2024 | Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a… | |||
| CVE-2024-47433 | 0.00 | — | 0.00 | Nov 12, 2024 | Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | |||
| CVE-2024-30307 | 0.00 | — | 0.00 | May 16, 2024 | Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | |||
| CVE-2024-30308 | 0.00 | — | 0.00 | May 16, 2024 | Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires… |
- risk 0.54cvss 7.8epss 0.08
DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.
- risk 0.51cvss 7.8epss 0.00
Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- risk 0.51cvss 7.8epss 0.00
Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- CVE-2014-8395Jan 15, 2015risk 0.01cvss —epss 0.07
Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed.
- CVE-2026-27218Mar 10, 2026risk 0.00cvss —epss 0.00
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of…
- CVE-2026-27219Mar 10, 2026risk 0.00cvss —epss 0.00
Substance3D - Painter versions 11.1.2 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user…
- CVE-2026-21365Mar 10, 2026risk 0.00cvss —epss 0.00
Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user…
- CVE-2025-54193Aug 12, 2025risk 0.00cvss —epss 0.00
Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- CVE-2025-54190Aug 12, 2025risk 0.00cvss —epss 0.00
Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- CVE-2025-47108Jun 10, 2025risk 0.00cvss —epss 0.00
Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- CVE-2025-30322May 13, 2025risk 0.00cvss —epss 0.00
Substance3D - Painter versions 11.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- CVE-2025-24451Mar 11, 2025risk 0.00cvss —epss 0.00
Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- CVE-2025-24450Mar 11, 2025risk 0.00cvss —epss 0.00
Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- CVE-2024-47437Nov 12, 2024risk 0.00cvss —epss 0.00
Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user…
- CVE-2024-47429Nov 12, 2024risk 0.00cvss —epss 0.00
Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- CVE-2024-47435Nov 12, 2024risk 0.00cvss —epss 0.00
Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user…
- CVE-2024-49517Nov 12, 2024risk 0.00cvss —epss 0.00
Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…
- CVE-2024-47433Nov 12, 2024risk 0.00cvss —epss 0.00
Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- CVE-2024-30307May 16, 2024risk 0.00cvss —epss 0.00
Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- CVE-2024-30308May 16, 2024risk 0.00cvss —epss 0.00
Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires…
Page 1 of 2