Lucene search
K
CorelCoreldraw

11 matches found

CVE
CVE
added 2018/04/24 7:0 p.m.108 views

CVE-2016-9043

CorelDRAW X8 EMF parsing (CdrGfx.dll) contains an out-of-bounds write in EMF handling (EMR_CREATEBRUSHINDIRECT and related records), enabling potential memory corruption and code execution. Affected version: CorelDRAW X8 18.1.0.661. Exploitation involves sending a crafted EMF file; remote attacke...

8.8CVSS7.7AI score0.0274EPSS
CVE
CVE
added 2023/03/29 12:0 a.m.66 views

CVE-2022-43615

CorelDRAW Graphics Suite 23.5.0.506 is affected by a PDF file parsing vulnerability that can disclose sensitive information via a read past the end of an allocated object. The flaw arises from insufficient validation of user-supplied data during PDF parsing, and exploitation requires user interac...

5.5CVSS4.2AI score0.00828EPSS
CVE
CVE
added 2023/03/29 12:0 a.m.62 views

CVE-2022-43611

CVE-2022-43611 affects CorelDRAW Graphics Suite 23.5.0.506. The root cause is a BMP image parsing flaw that fails to validate user-supplied data, causing a read past the end of an allocated object. This results in information disclosure and, per the initial description, can be leveraged with othe...

5.5CVSS4.2AI score0.00828EPSS
CVE
CVE
added 2023/03/29 12:0 a.m.62 views

CVE-2022-43612

CorelDRAW Graphics Suite 23.5.0.506 is affected. The vulnerability resides in JP2 image parsing, caused by insufficient validation that can read past the end of an allocated object, enabling information disclosure. Exploitation is user-initiated (visiting a malicious page or opening a malicious f...

5.5CVSS4.2AI score0.00828EPSS
CVE
CVE
added 2023/03/29 12:0 a.m.61 views

CVE-2022-43610

CVE-2022-43610 affects CorelDRAW Graphics Suite 23.5.0.506. The vulnerability is a read-past-end-of-allocated-object due to improper validation while parsing GIF images, leading to potential information disclosure. Exploitation requires user interaction (target visits a malicious page or opens a ...

5.5CVSS4.2AI score0.00807EPSS
CVE
CVE
added 2023/03/29 12:0 a.m.60 views

CVE-2022-43616

CVE-2022-43616 affects CorelDRAW Graphics Suite 23.5.0.506, due to an error in EMF image parsing that allows a read past the end of an allocated object. This can enable remote code execution with current process privileges and requires user interaction (visiting a malicious page or opening a mali...

7.8CVSS7.8AI score0.00873EPSS
CVE
CVE
added 2023/03/29 12:0 a.m.59 views

CVE-2022-43613

CorelDRAW Graphics Suite 23.5.0.506 is affected by a stack-based buffer overflow in CGM file parsing, due to improper validation of the length of user-supplied data. The vulnerability allows remote code execution with the attacker gaining code execution in the context of the affected process, req...

7.8CVSS7.8AI score0.00926EPSS
CVE
CVE
added 2017/08/28 8:0 p.m.56 views

CVE-2014-8393

CVE-2014-8393 corresponds to a DLL hijacking vulnerability in Corel products (CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015 and Corel PDF Fusion, plus related apps). The flaw arises when a file is opened and the application searches the document’s directory for DL...

7.8CVSS7.5AI score0.08342EPSS
CVE
CVE
added 2023/03/29 12:0 a.m.55 views

CVE-2022-43617

CVE-2022-43617 affects Corel CorelDRAW Graphics Suite 23.5.0.506. It is a PCX file parsing out-of-bounds write vulnerability in CorelDRAW that allows code execution in the current process and requires user interaction (visiting a malicious page or opening a malicious file). Root cause: insufficie...

7.8CVSS7.8AI score0.00873EPSS
CVE
CVE
added 2023/03/29 12:0 a.m.54 views

CVE-2022-43614

CorelDRAW Graphics Suite 23.5.0.506 is affected by a GIF file parsing vulnerability that can cause a write past the end of an allocated object, enabling arbitrary code execution in the current process. Exploitation requires user interaction (visiting a malicious page or opening a malicious file)....

7.8CVSS7.8AI score0.00873EPSS
CVE
CVE
added 2023/03/29 12:0 a.m.50 views

CVE-2022-43618

CorelDRAW Graphics Suite 23.5.0.506 is affected by a buffer/write past end vulnerability in the PCX file parsing code. The flaw arises from insufficient validation of user-supplied data, enabling an out-of-bounds write that can allow remote code execution in the context of the current process. Ex...

7.8CVSS7.8AI score0.00873EPSS