EUVD-2025-24289

Malicious code in bioql PyPI...

CVE-2025-53766

CVE-2025-53766 is a heap-based buffer overflow in Windows GDI+ that enables a remote attacker to execute code over a network. Public details describe the vulnerability as a memory overflow in GDI+ triggered by processing specially crafted metafiles, potentially allowing arbitrary code execution w...

KB5063927: Windows Server 2008 R2 Security Update (August 2025)

The remote Windows host is missing security update 5063927. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Concurrent execution using shared resource with improper...

PT-2025-32850

Name of the Vulnerable Software and Affected Versions: Windows GDI+ affected versions not specified Description: A heap-based buffer overflow exists in Windows GDI+. This allows an unauthorized attacker to execute code over a network. The vulnerability enables remote attackers to execute arbitrar...

KB5063899: Windows Server version 23H2 Security Update (August 2025)

The remote Windows host is missing security update 5063899. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Missing synchronization in Windows Hyper-V allows an...

KB5063709: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (August 2025)

The remote Windows host is missing security update 5063709. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Missing synchronization in Windows Hyper-V allows an...

KB5063880: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (August 2025)

The remote Windows host is missing security update 5063880 or hot patch 5063812. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Missing synchronization in Windows...

KB5063871: Windows 10 Version 1607 / Windows Server 2016 Security Update (August 2025)

The remote Windows host is missing security update 5063871. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Missing synchronization in Windows Hyper-V allows an...

KB5063878: Windows 11 Version 24H2 / Windows Server 2025 Security Update (August 2025)

The remote Windows host is missing security update 5063878. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Missing synchronization in Windows Hyper-V allows an...

CVE-2020-0643

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus GDI+ handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'...

Microsoft Windows GDI Security Vulnerability

Microsoft Windows GDI+ is a graphical device interface for the Windows operating system from Microsoft USA. The software is part of the .NET Framework and is responsible for drawing graphical images and displaying information on screens and printers. A security vulnerability exists in Microsoft...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox that stems from an overly lax check for large allocations of glsl shaders in Angle, so that a buffer overflow may occur when too much dedicated shader memory is allocated ...

SUSE CVE-2012-2819

The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service assertion failure and application crash or possibly have unspecified other impact vi...

Microsoft Windows GDI+ 安全漏洞

Microsoft Windows GDI+ is a graphical device interface for the Windows operating system from Microsoft USA. The software is part of the .NET Framework and is responsible for drawing graphical images and displaying information on screens and printers. A security vulnerability exists in Microsoft...

CVE-2022-41098

Windows GDI+ Information Disclosure Vulnerability...

CVE-2022-41098

Windows GDI+ Information Disclosure Vulnerability...

CVE-2022-34729

Windows GDI Elevation of Privilege Vulnerability...

Johnson Controls Metasys ADS/ADX/OAS Servers 跨站脚本漏洞

Johnson Controls Metasys ADS/ADX/OAS Servers is an application and data server from Johnson Controls, Inc. A cross-site scripting vulnerability exists in Johnson Controls Metasys ADS/ADX/OAS Servers versions 10 and 11, which arises from improper neutralization of input during web page generation...

PT-2022-1563 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows GDI component, allowing an attacker to potentially elevate their privileges. This could impact the system, enabling...

PT-2021-2738 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to incorrect code generation management in the GDI+ component of Windows operating systems. It allows remote attackers to execute arbitrary code, affecting the system...