VYPR

Windows GDI+

by Microsoft

CVEs (81)

  • CVE-2025-53766CriAug 12, 2025
    risk 0.64cvss 9.8epss 0.07

    Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

  • CVE-2018-0817HigMar 14, 2018
    risk 0.46cvss 7.0epss 0.01

    The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation…

  • CVE-2018-0816HigMar 14, 2018
    risk 0.46cvss 7.0epss 0.01

    The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation…

  • CVE-2018-8424MedSep 13, 2018
    risk 0.43cvss 6.5epss 0.13

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows…

  • CVE-2018-8422MedSep 13, 2018
    risk 0.43cvss 6.5epss 0.06

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8424.

  • CVE-2018-8398MedAug 15, 2018
    risk 0.43cvss 6.5epss 0.08

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows…

  • CVE-2018-8394MedAug 15, 2018
    risk 0.43cvss 6.5epss 0.08

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows…

  • CVE-2018-8239MedJun 14, 2018
    risk 0.40cvss 5.5epss 0.59

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

  • CVE-2017-8685MedSep 13, 2017
    risk 0.39cvss 5.5epss 0.03

    Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8684 and CVE-2017-8688.

  • CVE-2018-8472MedOct 10, 2018
    risk 0.37cvss 5.5epss 0.19

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows…

  • CVE-2018-0750MedJan 4, 2018
    risk 0.36cvss 5.5epss 0.02

    The Windows GDI component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Windows Elevation of Privilege Vulnerability".

  • CVE-2018-8396MedAug 15, 2018
    risk 0.31cvss 4.7epss 0.02

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from…

  • CVE-2017-0073MedMar 17, 2017
    risk 0.31cvss 4.3epss 0.33

    The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from…

  • CVE-2020-0881Mar 12, 2020
    risk 0.03cvss epss 0.16

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0883.

  • CVE-2019-0618Mar 6, 2019
    risk 0.03cvss epss 0.67

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0662.

  • CVE-2021-1708Jan 12, 2021
    risk 0.02cvss epss 0.03

    Windows GDI+ Information Disclosure Vulnerability

  • CVE-2020-1097Sep 11, 2020
    risk 0.02cvss epss 0.05

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple…

  • CVE-2020-1091Sep 11, 2020
    risk 0.02cvss epss 0.04

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple…

  • CVE-2020-1348Jun 9, 2020
    risk 0.02cvss epss 0.05

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

  • CVE-2020-1179May 21, 2020
    risk 0.02cvss epss 0.06

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0963, CVE-2020-1141, CVE-2020-1145.

Page 1 of 5