VYPR

Windows Graphics Device Interface

by Microsoft

CVEs (17)

  • CVE-2016-3393HigKEVOct 14, 2016
    risk 0.68cvss 7.8epss 0.69

    Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via…

  • CVE-2017-0005HigKEVMar 17, 2017
    risk 0.64cvss 7.8epss 0.11

    The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted…

  • CVE-2017-0001HigKEVMar 17, 2017
    risk 0.63cvss 7.8epss 0.03

    The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted…

  • CVE-2018-0815HigMar 14, 2018
    risk 0.46cvss 7.0epss 0.01

    The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique…

  • CVE-2007-2237MedJun 6, 2007
    risk 0.40cvss 5.5epss 0.15

    Microsoft Windows Graphics Device Interface (GDI+, GdiPlus.dll) allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, which triggers a divide-by-zero error.

  • CVE-2017-11816MedOct 13, 2017
    risk 0.37cvss 5.5epss 0.20

    The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure…

  • CVE-2019-0903KEVMay 16, 2019
    risk 0.15cvss epss 0.22

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

  • CVE-2020-0883Mar 12, 2020
    risk 0.04cvss epss 0.22

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0881.

  • CVE-2007-1215Apr 4, 2007
    risk 0.03cvss epss 0.03

    Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images.

  • CVE-2019-1102Jul 29, 2019
    risk 0.02cvss epss 0.11

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

  • CVE-2020-16911Oct 16, 2020
    risk 0.01cvss epss 0.04

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install…

  • CVE-2020-1285Sep 11, 2020
    risk 0.01cvss epss 0.04

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install…

  • CVE-2020-16914Oct 16, 2020
    risk 0.00cvss epss 0.01

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code…

  • CVE-2020-1480Aug 17, 2020
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…

  • CVE-2020-0916Jun 9, 2020
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0915.

  • CVE-2020-1141May 21, 2020
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is…

  • CVE-2020-1142May 21, 2020
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'.