Graphics Component
by Microsoft
CVEs (97)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-8553 | 0.02 | — | 0.19 | Nov 14, 2018 | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008,… | |||
| CVE-2022-29112 | 0.01 | — | 0.03 | May 10, 2022 | Windows Graphics Component Information Disclosure Vulnerability | |||
| CVE-2021-26861 | 0.01 | — | 0.02 | Mar 11, 2021 | Windows Graphics Component Remote Code Execution Vulnerability | |||
| CVE-2020-1167 | 0.01 | — | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would… | |||
| CVE-2020-16923 | 0.01 | — | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would… | |||
| CVE-2020-1562 | 0.01 | — | 0.04 | Aug 17, 2020 | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open… | |||
| CVE-2020-1561 | 0.01 | — | 0.04 | Aug 17, 2020 | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open… | |||
| CVE-2020-0746 | 0.01 | — | 0.05 | Feb 11, 2020 | An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'. | |||
| CVE-2020-0607 | 0.01 | — | 0.06 | Jan 14, 2020 | An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'. | |||
| CVE-2026-25169 | 0.00 | — | 0.00 | Mar 10, 2026 | Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally. | |||
| CVE-2026-23668 | 0.00 | — | 0.04 | Mar 10, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-21235 | 0.00 | — | 0.01 | Feb 10, 2026 | Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-21246 | 0.00 | — | 0.00 | Feb 10, 2026 | Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-20822 | 0.00 | — | 0.00 | Jan 13, 2026 | Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-64670 | 0.00 | — | 0.01 | Dec 9, 2025 | Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network. | |||
| CVE-2025-59261 | 0.00 | — | 0.00 | Oct 14, 2025 | Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-59205 | 0.00 | — | 0.00 | Oct 14, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-59195 | 0.00 | — | 0.00 | Oct 14, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to deny service locally. | |||
| CVE-2025-59216 | 0.00 | — | 0.00 | Sep 18, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-59215 | 0.00 | — | 0.00 | Sep 18, 2025 | Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. |
- CVE-2018-8553Nov 14, 2018risk 0.02cvss —epss 0.19
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008,…
- CVE-2022-29112May 10, 2022risk 0.01cvss —epss 0.03
Windows Graphics Component Information Disclosure Vulnerability
- CVE-2021-26861Mar 11, 2021risk 0.01cvss —epss 0.02
Windows Graphics Component Remote Code Execution Vulnerability
- CVE-2020-1167Oct 16, 2020risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would…
- CVE-2020-16923Oct 16, 2020risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would…
- CVE-2020-1562Aug 17, 2020risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open…
- CVE-2020-1561Aug 17, 2020risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open…
- CVE-2020-0746Feb 11, 2020risk 0.01cvss —epss 0.05
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'.
- CVE-2020-0607Jan 14, 2020risk 0.01cvss —epss 0.06
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'.
- CVE-2026-25169Mar 10, 2026risk 0.00cvss —epss 0.00
Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.
- CVE-2026-23668Mar 10, 2026risk 0.00cvss —epss 0.04
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
- CVE-2026-21235Feb 10, 2026risk 0.00cvss —epss 0.01
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
- CVE-2026-21246Feb 10, 2026risk 0.00cvss —epss 0.00
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
- CVE-2026-20822Jan 13, 2026risk 0.00cvss —epss 0.00
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
- CVE-2025-64670Dec 9, 2025risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network.
- CVE-2025-59261Oct 14, 2025risk 0.00cvss —epss 0.00
Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
- CVE-2025-59205Oct 14, 2025risk 0.00cvss —epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
- CVE-2025-59195Oct 14, 2025risk 0.00cvss —epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to deny service locally.
- CVE-2025-59216Sep 18, 2025risk 0.00cvss —epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
- CVE-2025-59215Sep 18, 2025risk 0.00cvss —epss 0.00
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
Page 2 of 5