Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x x11 vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-1999-0526
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
X.org X11 7.1 1.1.0
890
VMScore
CVE-2012-2118
Format string vulnerability in the LogVHdrMessageVerb function in os/log.c in X.Org X11 1.11 allows malicious users to cause a denial of service or possibly execute arbitrary code via format string specifiers in an input device name.
X.org X11 1.11
890
VMScore
CVE-2008-2362
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent malicious users to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient reques...
X X11 R7.3
828
VMScore
CVE-2011-3193
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt prior to 4.7.4 and Pango, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Gnome Pango
Qt Qt
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.1
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Workstation 6.0
Opensuse Opensuse 11.3
Opensuse Opensuse 11.4
828
VMScore
CVE-2011-3194
Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the TIFFTAG_SAMPLESPERPIXEL tag in a greyscale TIFF image with multiple samples per pixel.
Qt Qt 4.7.4
828
VMScore
CVE-2011-0465
xrdb.c in xrdb prior to 1.0.9 in X.Org X11R7.6 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
X X11
X X11 R7.5
Matthias Hopf Xrdb 1.0.6
Matthias Hopf Xrdb 1.0.5
Matthias Hopf Xrdb 1.0.4
X X11 R6.8.0
X X11 R6.7.0
X X11 R6
X X11 R5
Matthias Hopf Xrdb
Matthias Hopf Xrdb 1.0.7
X X11 R6.8.2
X X11 R6.8.1
X X11 R6.3
X X11 R6.1
X X11 R7.2
X X11 R7.1
X X11 R7.0
X X11 R6.9.0
X X11 R6.5.1
X X11 R6.4
X X11 R2
802
VMScore
CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions prior to 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote malicious users to conduct brute force guessing attacks against cryptographic keys.
Openssl Openssl
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
3 EDB exploits
22 Github repositories
801
VMScore
CVE-2008-1377
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent malicious users to execute arbitrar...
X X11 R7.3
801
VMScore
CVE-2008-2360
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent malicious users to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based...
X X11 R7.3
801
VMScore
CVE-2007-1003
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions prior to 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in...
X.org X11 7.1 1.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »