Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Accusoft Subscribe
Total 53 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6094 1 Accusoft 1 Imagegear 2022-05-12 6.8 MEDIUM 8.8 HIGH
An exploitable code execution vulnerability exists in the TIFF fillinraster function of the igcore19d.dll library of Accusoft ImageGear 19.4, 19.5 and 19.6. A specially crafted TIFF file can cause an out-of-bounds write, resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2022-22137 1 Accusoft 1 Imagegear 2022-05-10 4.3 MEDIUM 6.5 MEDIUM
A memory corruption vulnerability exists in the ioca_mys_rgb_allocate functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to an arbitrary free. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2022-23400 1 Accusoft 1 Imagegear 2022-05-09 5.8 MEDIUM 7.1 HIGH
A stack-based buffer overflow vulnerability exists in the IGXMPXMLParser::parseDelimiter functionality of Accusoft ImageGear 19.10. A specially-crafted PSD file can overflow a stack buffer, which could either lead to denial of service or, depending on the application, to an information leak. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2021-40398 1 Accusoft 1 Imagegear 2022-04-21 6.8 MEDIUM 7.8 HIGH
An out-of-bounds write vulnerability exists in the parse_raster_data functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2021-21949 1 Accusoft 1 Imagegear 2022-04-21 6.8 MEDIUM 8.8 HIGH
An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2021-21943 1 Accusoft 1 Imagegear 2022-04-21 6.8 MEDIUM 8.8 HIGH
A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2021-21939 1 Accusoft 1 Imagegear 2022-04-21 6.8 MEDIUM 8.8 HIGH
A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2021-21942 1 Accusoft 1 Imagegear 2022-04-21 6.8 MEDIUM 8.8 HIGH
An out-of-bounds write vulnerability exists in the TIFF YCbCr image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2021-21914 1 Accusoft 1 Imagegear 2022-04-21 6.8 MEDIUM 8.8 HIGH
A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2012-5190 1 Accusoft 1 Prizm Content Connect 2020-01-29 7.5 HIGH 9.8 CRITICAL
Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability
CVE-2018-15805 1 Accusoft 1 Prizmdoc 2019-01-03 6.4 MEDIUM 9.1 CRITICAL
Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE) vulnerability, allowing an attacker to read arbitrary files or cause a denial of service (resource consumption).
CVE-2018-15546 1 Accusoft 1 Prizmdoc 2018-11-02 4.3 MEDIUM 6.1 MEDIUM
Accusoft PrizmDoc version 13.3 and earlier contains a Stored Cross-Site Scripting issue through a crafted PDF file.
CVE-2007-2209 2 Accusoft, Corel 2 Imagegear, Paint Shop Pro 2017-10-10 6.8 MEDIUM N/A
Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from third party sources.