Lucene search
+L

2175 matches found

nvd
nvd
added 3 days ago6 views

CVE-2026-50380

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network...

9.6CVSS0.00625EPSS
Exploits0References1
nvd
nvd
added 3 days ago3 views

CVE-2026-54122

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code locally...

8.4CVSS0.0029EPSS
Exploits0References1
nvd
nvd
added 3 days ago2 views

CVE-2026-49796

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code locally...

7.8CVSS0.00398EPSS
Exploits0References1
cve
cve
added 3 days ago14 views

CVE-2026-50387

CVE-2026-50387 — Windows GDI Elevation of Privilege Affects: Windows GDI subsystem. The vulnerability is a stack-based buffer overflow in GDI that can be triggered by an authorized attacker to achieve local privilege escalation. Impact: Local elevation of privileges with a CVSS v3.1 base score of...

7.8CVSS6.1AI score0.01725EPSS
Exploits0References1
cve
cve
added 3 days ago35 views

CVE-2026-50380

CVE-2026-50380 is a Windows GDI+ heap-based buffer overflow that enables a remote attacker to execute code over a network. The CVE is listed among highly critical Windows vulnerabilities in July 2026 patch advisories, with Microsoft updating GDI+ and related components in the July security releas...

9.6CVSS6.3AI score0.00625EPSS
Exploits0References1
vulnrichment
vulnrichment
added 3 days ago3 views

CVE-2026-50380 Windows GDI+ Remote Code Execution Vulnerability

...

9.6CVSS6.1AI score0.00625EPSS
Exploits0References1
cvelist
cvelist
added 3 days ago29 views

CVE-2026-49796 Windows GDI+ Remote Code Execution Vulnerability

...

7.8CVSS0.00398EPSS
Exploits0References1
vulnrichment
vulnrichment
added 3 days ago3 views

CVE-2026-54122 Windows GDI+ Remote Code Execution Vulnerability

...

8.4CVSS6.1AI score0.0029EPSS
Exploits0References1
cvelist
cvelist
added 3 days ago25 views

CVE-2026-54122 Windows GDI+ Remote Code Execution Vulnerability

...

8.4CVSS0.0029EPSS
Exploits0References1
mscve
mscve
added 3 days ago4 views

Windows GDI+ Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code locally...

7.8CVSS6.3AI score0.00398EPSS
Exploits0
mscve
mscve
added 3 days ago5 views

Windows GDI Elevation of Privilege Vulnerability

Stack-based buffer overflow in Windows GDI allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.01725EPSS
Exploits0
ptsecurity
ptsecurity
added 3 days ago5 views

PT-2026-58168

Name of the Vulnerable Software and Affected Versions Windows GDI+ affected versions not specified Description A heap-based buffer overflow exists in Windows GDI+, which allows an unauthorized attacker to execute code locally. This issue can lead to remote code execution RCE on PCs and servers wh...

7.8CVSS6.6AI score0.00398EPSS
Exploits0References3
cvelist
cvelist
added last week34 views

CVE-2026-55827 FreeRDP: Heap out-of-bounds write in RemoteFX (RFX) Cache Bitmap V3 decode

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data while allocating bitmap-data only for the smaller DstWidth and...

7.5CVSS0.00526EPSS
Exploits1References4
redhat
redhat
added 2026/07/07 2:14 p.m.7 views

freerdp: FreeRDP: Remote code execution via heap-buffer-overflow in gdi_CacheToSurface

A flaw was found in FreeRDP.If a user connects to a malicious Remote Desktop RDP server, a security flaw in FreeRDP could cause the application to crash or allow the server to run unauthorized code on the user's system...

8.8CVSS7.3AI score0.00827EPSS
Exploits1References7
redos
redos
added 2026/07/07 12:0 a.m.5 views

ROS-20260707-73-0014

The vulnerability of the gdiCacheToSurface function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause a service failure by sending specially crafted RDPGFX packets...

8.8CVSS7.8AI score0.00827EPSS
Exploits1
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the gdiSurfaceToSurface path of the FreeRDP client due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, deleting offscreen bitmaps caused gdi-drawing to point to freed memory, leading to UAF when related update packets arrived. A malicious server could trigger client-side use after the objects were freed,...

9.8CVSS7.4AI score0.00402EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, the gdisurfacebits function processed SURFACEBITSCOMMAND messages sent by the RDP server. When these commands were processed using NSCodec, the bmp.width and bmp.height values provided by the server were not...

9.8CVSS6.1AI score0.00656EPSS
Exploits1References3
redos
redos
added 2026/06/24 12:0 a.m.5 views

ROS-20260624-73-0009

The vulnerability of the gdisurfacebits function in the RDP client of FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9.8CVSS6.5AI score0.00656EPSS
Exploits1
osv
osv
added 2026/06/20 6:53 a.m.2 views

SUSE-SU-2026:22194-1 Security update for freerdp

This update for freerdp fixes the following issues Update to version 3.26.0: - CVE-2026-33982: heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpralignedoffsetrecalloc bsc1261222. - CVE-2026-33985: FreeRDP: Information disclosure via heap memory out of bounds read...

9.8CVSS6.2AI score0.03453EPSS
Exploits6References24
Rows per page
Query Builder