The vulnerability of the GDI component in Windows operating systems allows attackers to execute arbitrary code.

The vulnerability of the Windows Graphics Device Interface GDI component in operating systems is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote location...

freerdp: improper region checks in all clients allow out of bound write to memory

A flaw was found in the FreeRDP client where it fails to validate input data when using connections with GDI or SurfaceCommands. This flaw could allow a malicious server sending graphics updates to a client to cause an out of bounds write in client memory using a specially crafted input. The...

DEBIAN-CVE-2021-41160

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send 0...

UBUNTU-CVE-2021-41160

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send 0...

CVE-2021-41504

An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices command interface may allow further attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the...

USN-5073-3: Linux kernel (Raspberry Pi) vulnerabilities

Norbert Slusarek discovered that the CAN broadcast manger bcm protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-34693 Murray McAllister discovered that the...

USN-5073-2: Linux kernel (GCP) vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

USN-5070-1: Linux kernel vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

Nexus Control Panel Licensing Issue Vulnerability

Swisslog Healthcare Nexus Panel, a medical device from Swisslog Healthcare, has a security vulnerability in versions prior to Nexus Control Panel 7.2.5.7. The vulnerability stems from an improper method used to bind a local service to a port on the device interface. An attacker could use this...

CVE-2021-34496

Windows GDI Information Disclosure Vulnerability...

Microsoft Graphics Component 信息泄露漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA, Microsoft Windows is an operating system for personal devices, and Microsoft Windows Server is a server operating system. An information disclosure vulnerability exists in GDI in Microsoft Windows/Windo...

Microsoft Graphics Component 信息泄露漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA.Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. An information disclosure vulnerability exists in GDI in Microsoft...

Microsoft Windows 资源管理错误漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA Microsoft Windows is a set of operating systems for personal devices Microsoft Windows Server is a set of server operating systems. An elevation of privilege vulnerability exists in GDI in Microsoft...

PT-2021-6041 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the disclosure of protected information in the Windows GDI interface. It allows an attacker to gain unauthorized access to sensitive information. Recommendations: At...

PT-2021-5706 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the Windows GDI component and is caused by insufficient access restrictions when handling raster objects. This can allow an attacker to elevate their privileges and...

The vulnerability of the GDI+ component in Microsoft Windows operating systems, allowing a hacker to execute arbitrary code

The vulnerability of the GDI+ component in Microsoft Windows operating systems is related to incorrect code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created request...

The vulnerability of the Windows Graphics Device Interface Plus (GDI+) component in Windows operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Windows Graphics Device Interface Plus GDI+ component in operating systems exists due to insufficient checks on input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Microsoft Windows GDI+ 信息泄露漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An information disclosure vulnerability exists in GDI+ in Microsoft Windows and Windows...

Microsoft Windows GDI+ 代码注入漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, an operating system for personal devices, and Microsoft Windows Server, a server operating system. A remote code execution vulnerability exists in GDI in Microsoft Windows and Windows Server, which can be...

The vulnerability of the Windows GDI component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows GDI component in Windows operating systems exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...