VYPR

Vendor CVEs

NOS Microsystems

All CVEs

75 total · sorted by risk
  • CVE-2017-2804HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.01

    A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger…

  • CVE-2017-2803HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.01

    A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to…

  • CVE-2014-8393HigAug 29, 2017
    risk 0.54cvss 7.8epss 0.08

    DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.

  • CVE-2026-34676HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2026-34675HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2016-9043HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.03

    An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a…

  • CVE-2016-8730HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the…

  • CVE-2013-0742Oct 3, 2013
    risk 0.06cvss epss 0.35

    Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file.

  • CVE-2007-2366Apr 30, 2007
    risk 0.06cvss epss 0.34

    Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.

  • CVE-2013-3248Oct 3, 2013
    risk 0.04cvss epss 0.19

    Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf or .xps file.

  • CVE-2009-4251Dec 10, 2009
    risk 0.04cvss epss 0.08

    Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366.

  • CVE-2007-2209Apr 24, 2007
    risk 0.04cvss epss 0.12

    Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from…

  • CVE-2007-1735Mar 28, 2007
    risk 0.04cvss epss 0.09

    Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote attackers to execute arbitrary code via a long printer selection (PRS) name in a Wordperfect document.

  • CVE-2010-5240Sep 7, 2012
    risk 0.03cvss epss 0.03

    Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr,…

  • CVE-2009-2564Jul 21, 2009
    risk 0.03cvss epss 0.06

    NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which…

  • CVE-2000-0193Mar 2, 2000
    risk 0.03cvss epss 0.01

    The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges.

  • CVE-2000-0195Feb 24, 2000
    risk 0.03cvss epss 0.02

    setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.

  • CVE-2000-0194Feb 24, 2000
    risk 0.03cvss epss 0.02

    buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters.

  • CVE-2000-0048Jan 12, 2000
    risk 0.03cvss epss 0.02

    get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program.

  • CVE-2014-8398Jan 15, 2015
    risk 0.01cvss epss 0.07

    Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3) MSPStyleLib.dll, (4) uFioUtil.dll, (5) uhDSPlay.dll, (6) uipl.dll, (7)…

  • CVE-2014-8397Jan 15, 2015
    risk 0.01cvss epss 0.07

    Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll file that is located in the same folder as the file being processed.

  • CVE-2014-8396Jan 15, 2015
    risk 0.01cvss epss 0.07

    Untrusted search path vulnerability in Corel PDF Fusion allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll file that is located in the same folder as the file being processed.

  • CVE-2014-8395Jan 15, 2015
    risk 0.01cvss epss 0.07

    Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the same folder as the file being processed.

  • CVE-2014-8394Jan 15, 2015
    risk 0.01cvss epss 0.07

    Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) FxManagedCommands_3.08_9.tx or (2) TD_Mgd_3.08_9.dll file in the current working directory.

  • CVE-2007-2921Jun 14, 2007
    risk 0.01cvss epss 0.08

    Multiple buffer overflows in acgm.dll in the Corel / Micrografx ActiveCGM Browser ActiveX control before 7.1.4.19 allow remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2026-27218Mar 10, 2026
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of…

  • CVE-2026-27219Mar 10, 2026
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 11.1.2 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user…

  • CVE-2026-21365Mar 10, 2026
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user…

  • CVE-2025-54193Aug 12, 2025
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

  • CVE-2025-54190Aug 12, 2025
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

  • CVE-2025-47108Jun 10, 2025
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2025-30322May 13, 2025
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 11.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

  • CVE-2025-24451Mar 11, 2025
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2025-24450Mar 11, 2025
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2024-47437Nov 12, 2024
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user…

  • CVE-2024-47429Nov 12, 2024
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2024-47435Nov 12, 2024
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user…

  • CVE-2024-49517Nov 12, 2024
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…

  • CVE-2024-47433Nov 12, 2024
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2024-30307May 16, 2024
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2024-30308May 16, 2024
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires…

  • CVE-2024-30274May 16, 2024
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2024-30309May 16, 2024
    risk 0.00cvss epss 0.00

    Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires…

  • CVE-2022-43613Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-43610Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious…

  • CVE-2022-43618Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-43612Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious…

  • CVE-2022-43616Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-43617Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2022-43611Mar 29, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious…

Page 1 of 2