CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-29333
https://notcve.org/view.php?id=CVE-2022-29333
24 May 2022 — A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file. Una vulnerabilidad en CyberLink Power Director versión v14, permite a atacantes escalar privilegios por medio de un archivo .exe diseñado • http://cyberlink.com • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 80%CPEs: 1EXPL: 3CVE-2017-14627 – CyberLink LabelPrint < 2.5 - Local Buffer Overflow (SEH Unicode)
https://notcve.org/view.php?id=CVE-2017-14627
23 Sep 2017 — Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) artist (inside the TRACK tag), or (4) default (inside the TEXT tag) parameter in an lpp project file. Desbordamientos de búfer basado en pila en la versión 2.5 de CyberLink LabelPrint permiten que los atacantes ejecuten código arbitrario mediante los parámetros (1) author (dentro de la etiqueta INFORMATION), (2) ... • https://www.exploit-db.com/exploits/42777 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 89%CPEs: 2EXPL: 3CVE-2011-5171 – CyberLink (Multiple Products) - File Project Handling Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2011-5171
15 Sep 2012 — Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 196) and 8 (build 1031) allow remote attackers to execute arbitrary code via the (1) src and (2) name parameters in a p2g project file. Múltiples desbordamientos de búfer basados en pila en CyberLink Power2Go v7 (build 196) y v8 (build 1031) permite a atacantes remotos ejecutar código arbitrario a través de los parámetros (1) (src) y (2) (name) en un fichero de proyecto p2g. • https://www.exploit-db.com/exploits/18220 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5237
https://notcve.org/view.php?id=CVE-2010-5237
07 Sep 2012 — Untrusted search path vulnerability in CyberLink PowerDirector 7 allows local users to gain privileges via a Trojan horse mfc71loc.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file. NOTE: some of these details are obtained from third party information. Vulnerabilidad de ruta de búsqueda no confiable en CyberLink PowerDirector 7 permite a usuarios locales obtener privilegios a través de un archivo mfc71loc.dll caballo de toya en el ... • http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5238
https://notcve.org/view.php?id=CVE-2010-5238
07 Sep 2012 — Untrusted search path vulnerability in CyberLink PowerDirector 8.00.3022 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file. NOTE: some of these details are obtained from third party information. Vulnerabilidad de ruta de búsqueda no confiable en CyberLink PowerDirector v8.00.3022 permite a usuarios locales obtener privilegios a través de un archivo troyano dwmapi.dll e... • http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5243
https://notcve.org/view.php?id=CVE-2010-5243
07 Sep 2012 — Multiple untrusted search path vulnerabilities in Cyberlink Power2Go 7.0.0.0816 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) MFC71LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .p2g, .iso, .pdl, .pds, or .p2i file. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de path de búsqueda no confiable en Cyberlink Power2Go v7.0.0.0816, permite a usuario locales obtener privilegios a tra... • http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4757
https://notcve.org/view.php?id=CVE-2012-4757
06 Sep 2012 — Multiple untrusted search path vulnerabilities in CyberLink StreamAuthor 4.0 build 3308 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .sta or .stp file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de busqueda de ruta no confiable en CyberLink StreamAuthor 4.0 build 3308 permite a ... • http://secunia.com/advisories/49290 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4758
https://notcve.org/view.php?id=CVE-2012-4758
06 Sep 2012 — Multiple untrusted search path vulnerabilities in CyberLink PowerProducer 5.5.3.2325 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .ppp or .rdf file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de busqueda de ruta no confiable en CyberLink PowerProducer v5.5.3.2325 permite a usuar... • http://secunia.com/advisories/49295 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4756
https://notcve.org/view.php?id=CVE-2012-4756
06 Sep 2012 — Multiple untrusted search path vulnerabilities in CyberLink LabelPrint 2.5.3602 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .lpp file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de busquea de ruta no confiable en CyberLink LabelPrint v2.5.3602 permite a usuarios locales obtener... • http://secunia.com/advisories/49281 •
CVSS: 7.5EPSS: 20%CPEs: 1EXPL: 2CVE-2007-5219 – CyberLink PowerDVD - CreateNewFile Remote Rewrite Denial of Service
https://notcve.org/view.php?id=CVE-2007-5219
05 Oct 2007 — Directory traversal vulnerability in the CLAVSetting.CLSetting.1 ActiveX control in CLAVSetting.DLL 1.00.1829 in the CLAVSetting module in CyberLink PowerDVD 7.0 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the CreateNewFile method. Vulnerabilidad de salto de directorio en el controlador Active X CLAVSetting.CLSetting.1 en CLAVSetting.CLSetting.DLL 1.00.1829 en el módulo CLAVSetting en CyberLink PowerDVD 7.0 permite a atacantes remotos crear o sobrescr... • https://www.exploit-db.com/exploits/4479 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •