462 matches found
CVE-2026-50387
Stack-based buffer overflow in Windows GDI allows an authorized attacker to elevate privileges locally...
CVE-2026-50387 Windows GDI Elevation of Privilege Vulnerability
...
CVE-2026-50387 Windows GDI Elevation of Privilege Vulnerability
...
CVE-2026-50380 Windows GDI+ Remote Code Execution Vulnerability
...
CVE-2026-49796
CVE-2026-49796 is a heap-based buffer overflow in Windows GDI+ that can let a local attacker execute code. Affected: Windows GDI+ component; root cause is a heap buffer overflow. Impact per CVSS: local attack with user interaction required, high confidentiality, integrity, and availability impact...
CVE-2026-49796 Windows GDI+ Remote Code Execution Vulnerability
...
CVE-2026-54122
CVE-2026-54122 describes a heap-based buffer overflow in Windows GDI+ that enables local code execution by an unauthenticated attacker. The vulnerability affects the Windows GDI+ component and is rated high (CVSS 3.1: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, 8.4). The available documents confirm the ...
Windows GDI+ Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network...
EUVD-2026-43004
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data while allocating bitmap-data only for the smaller DstWidth and...
DEBIAN-CVE-2026-44421
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...
CVE-2026-46156
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix potential ADE in loongsongpufixupdmahang The switch case in loongsongpufixupdmahang may not DC2 or DC3, and readlcrtcreg will access with random address, because the "device" is from "base+PCIDEVICEID", "base" is...
CVE-2026-40033
FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using unclamped cache entry...
CVE-2026-35421
Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally...
EUVD-2026-29628
Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally...
CVE-2026-35421 Windows GDI Remote Code Execution Vulnerability
...
CVE-2026-35421
CVE-2026-35421 describes a heap-based buffer overflow in Windows GDI that permits a local attacker to execute arbitrary code. The entry lists a CVSS v3.1 base score of 7.8 (HIGH) with LOCAL attack vector, LOW attack complexity, NO privileges required, user interaction required, and impacts to con...
Windows GDI Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally...
PT-2026-40182
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A heap-based buffer overflow in the Windows GDI Graphics Device Interface, which is the graphics subsystem of Windows, allows an unauthorized attacker to execute arbitrary code. This issue ca...
KLA91038 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of...
EUVD-2026-22486
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally...