VYPR
Vendor

NOS Microsystems

Products
27
CVEs
75
Across products
88
Status
Private

Products

27

Recent CVEs

75
View all 75 CVEs →
  • CVE-2017-2804HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.01

    A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger…

  • CVE-2017-2803HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.01

    A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to…

  • CVE-2014-8393HigAug 29, 2017
    risk 0.54cvss 7.8epss 0.08

    DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.

  • CVE-2026-34676HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2026-34675HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2016-9043HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.03

    An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a…

  • CVE-2016-8730HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the…

  • CVE-2013-0742Oct 3, 2013
    risk 0.06cvss epss 0.35

    Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file.

  • CVE-2007-2366Apr 30, 2007
    risk 0.06cvss epss 0.34

    Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.

  • CVE-2013-3248Oct 3, 2013
    risk 0.04cvss epss 0.19

    Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file.

  • CVE-2009-4251Dec 10, 2009
    risk 0.04cvss epss 0.08

    Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366.

  • CVE-2007-2209Apr 24, 2007
    risk 0.04cvss epss 0.12

    Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from…

  • CVE-2007-1735Mar 28, 2007
    risk 0.04cvss epss 0.09

    Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote attackers to execute arbitrary code via a long printer selection (PRS) name in a Wordperfect document.

  • CVE-2010-5240Sep 7, 2012
    risk 0.03cvss epss 0.03

    Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr,…

  • CVE-2009-2564Jul 21, 2009
    risk 0.03cvss epss 0.06

    NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which…

  • CVE-2000-0193Mar 2, 2000
    risk 0.03cvss epss 0.01

    The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges.

  • CVE-2000-0195Feb 24, 2000
    risk 0.03cvss epss 0.02

    setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.

  • CVE-2000-0194Feb 24, 2000
    risk 0.03cvss epss 0.02

    buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters.

  • CVE-2000-0048Jan 12, 2000
    risk 0.03cvss epss 0.02

    get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program.

  • CVE-2014-8398Jan 15, 2015
    risk 0.01cvss epss 0.07

    Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) uhDSPlay.dll, (6) uipl.dll, (7)…