Corel Coreldraw vulnerabilities
11 known vulnerabilities affecting corel/coreldraw.
Total CVEs
11
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH7MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2014-8393P3HIGHCVSS 7.8PoCvx72017-08-29
CVE-2014-8393 [HIGH] CWE-427 CVE-2014-8393: DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Pai
DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.
nvd
CVE-2022-43613P3HIGHCVSS 7.8fixed in 24.2.12023-03-29
CVE-2022-43613 [HIGH] CWE-121 CVE-2022-43613: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Co
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CGM files. When parsing CGM files
nvd
CVE-2022-43614P3HIGHCVSS 7.8fixed in 24.2.12023-03-29
CVE-2022-43614 [HIGH] CWE-787 CVE-2022-43614: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Co
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF images. The issue results fro
nvd
CVE-2022-43618P3HIGHCVSS 7.8fixed in 24.2.12023-03-29
CVE-2022-43618 [HIGH] CWE-787 CVE-2022-43618: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Co
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PCX files. The issue results from
nvd
CVE-2022-43616P3HIGHCVSS 7.8fixed in 24.2.12023-03-29
CVE-2022-43616 [HIGH] CWE-125 CVE-2022-43616: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Co
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF images. The issue results fro
nvd
CVE-2022-43617P3HIGHCVSS 7.8fixed in 24.2.12023-03-29
CVE-2022-43617 [HIGH] CWE-787 CVE-2022-43617: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Co
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PCX files. The issue results from
nvd
CVE-2016-9043P3HIGHCVSS 7.8vx8vX8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661) - x64 version2018-04-24
CVE-2016-9043 [HIGH] CWE-787 CVE-2016-9043: An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx
An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific EMF file to trigger this vulnerability.
nvd
CVE-2022-43612P4MEDIUMCVSS 5.5fixed in 24.2.12023-03-29
CVE-2022-43612 [MEDIUM] CWE-125 CVE-2022-43612: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. The issue r
nvd
CVE-2022-43611P4MEDIUMCVSS 5.5fixed in 24.2.12023-03-29
CVE-2022-43611 [MEDIUM] CWE-125 CVE-2022-43611: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue r
nvd
CVE-2022-43615P4MEDIUMCVSS 5.5fixed in 24.2.12023-03-29
CVE-2022-43615 [MEDIUM] CWE-125 CVE-2022-43615: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue re
nvd
CVE-2022-43610P4MEDIUMCVSS 5.5fixed in 24.2.12023-03-29
CVE-2022-43610 [MEDIUM] CWE-125 CVE-2022-43610: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF images. The issue r
nvd