NOS Microsystems
Products
27- 22 CVEs
- 9 CVEs
- 7 CVEs
- 6 CVEs
- 5 CVEs
- 5 CVEs
- 4 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 0 CVEs
- 0 CVEs
Recent CVEs
75| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2804 | Hig | 0.57 | 8.8 | 0.01 | Apr 24, 2018 | A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger… | ||
| CVE-2017-2803 | Hig | 0.57 | 8.8 | 0.01 | Apr 24, 2018 | A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to… | ||
| CVE-2014-8393 | Hig | 0.54 | 7.8 | 0.08 | Aug 29, 2017 | DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion. | ||
| CVE-2026-34676 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | ||
| CVE-2026-34675 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | ||
| CVE-2016-9043 | Hig | 0.51 | 7.8 | 0.03 | Apr 24, 2018 | An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a… | ||
| CVE-2016-8730 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the… | ||
| CVE-2013-0742 | 0.06 | — | 0.35 | Oct 3, 2013 | Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file. | |||
| CVE-2007-2366 | 0.06 | — | 0.34 | Apr 30, 2007 | Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. | |||
| CVE-2013-3248 | 0.04 | — | 0.19 | Oct 3, 2013 | Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file. | |||
| CVE-2009-4251 | 0.04 | — | 0.08 | Dec 10, 2009 | Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366. | |||
| CVE-2007-2209 | 0.04 | — | 0.12 | Apr 24, 2007 | Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from… | |||
| CVE-2007-1735 | 0.04 | — | 0.09 | Mar 28, 2007 | Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote attackers to execute arbitrary code via a long printer selection (PRS) name in a Wordperfect document. | |||
| CVE-2010-5240 | 0.03 | — | 0.03 | Sep 7, 2012 | Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr,… | |||
| CVE-2009-2564 | 0.03 | — | 0.06 | Jul 21, 2009 | NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which… | |||
| CVE-2000-0193 | 0.03 | — | 0.01 | Mar 2, 2000 | The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges. | |||
| CVE-2000-0195 | 0.03 | — | 0.02 | Feb 24, 2000 | setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file. | |||
| CVE-2000-0194 | 0.03 | — | 0.02 | Feb 24, 2000 | buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters. | |||
| CVE-2000-0048 | 0.03 | — | 0.02 | Jan 12, 2000 | get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program. | |||
| CVE-2014-8398 | 0.01 | — | 0.07 | Jan 15, 2015 | Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) uhDSPlay.dll, (6) uipl.dll, (7)… |
- risk 0.57cvss 8.8epss 0.01
A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger…
- risk 0.57cvss 8.8epss 0.01
A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to…
- risk 0.54cvss 7.8epss 0.08
DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.
- risk 0.51cvss 7.8epss 0.00
Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- risk 0.51cvss 7.8epss 0.00
Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- risk 0.51cvss 7.8epss 0.03
An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a…
- risk 0.51cvss 7.8epss 0.02
An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the…
- CVE-2013-0742Oct 3, 2013risk 0.06cvss —epss 0.35
Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file.
- CVE-2007-2366Apr 30, 2007risk 0.06cvss —epss 0.34
Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
- CVE-2013-3248Oct 3, 2013risk 0.04cvss —epss 0.19
Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file.
- CVE-2009-4251Dec 10, 2009risk 0.04cvss —epss 0.08
Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366.
- CVE-2007-2209Apr 24, 2007risk 0.04cvss —epss 0.12
Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from…
- CVE-2007-1735Mar 28, 2007risk 0.04cvss —epss 0.09
Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote attackers to execute arbitrary code via a long printer selection (PRS) name in a Wordperfect document.
- CVE-2010-5240Sep 7, 2012risk 0.03cvss —epss 0.03
Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr,…
- CVE-2009-2564Jul 21, 2009risk 0.03cvss —epss 0.06
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which…
- CVE-2000-0193Mar 2, 2000risk 0.03cvss —epss 0.01
The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges.
- CVE-2000-0195Feb 24, 2000risk 0.03cvss —epss 0.02
setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.
- CVE-2000-0194Feb 24, 2000risk 0.03cvss —epss 0.02
buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters.
- CVE-2000-0048Jan 12, 2000risk 0.03cvss —epss 0.02
get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program.
- CVE-2014-8398Jan 15, 2015risk 0.01cvss —epss 0.07
Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) uhDSPlay.dll, (6) uipl.dll, (7)…