Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x.org x server vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-4568
Integer overflow in the build_range function in X.Org X Font Server (xfs) prior to 1.0.5 allows context-dependent malicious users to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer o...
X.org X Font Server 1.0.1
X.org X Font Server 1.0.2
X.org X Font Server 1.0.4
1.2
CVSSv2
CVE-2011-4028
The LockServer function in os/utils.c in X.Org xserver prior to 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.
X.org X Server
X.org X Server 1.11.0
1.9
CVSSv2
CVE-2011-4029
The LockServer function in os/utils.c in X.Org xserver prior to 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
X.org X Server
X.org X Server 1.11.0
1 EDB exploit
1 Github repository
3.6
CVSSv2
CVE-2010-4819
The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and previous versions allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization...
X X.org-xserver
X X.org-xserver 1.7.7
X X.org-xserver 1.7.6.902
X X.org-xserver 1.7
4.6
CVSSv2
CVE-2012-0064
xkeyboard-config prior to 2.5 in X.Org prior to 7.6 enables certain XKB debugging functions by default, which allows physically proximate malicious users to bypass an X screen lock via keyboard combinations that break the input grab.
Xkeyboard Config Project Xkeyboard-config 2.0
X X.org X11 1.0
X X.org X11 3.0
X X.org X11 4.0
X X.org X11 5.0
X X.org X11 7.1
X X.org X11 7.2
X X.org X11 7.3
X X.org X11 7.4
X X.org X11 6.5.1
X X.org X11 6.6
X X.org X11 6.7
X X.org X11 6.8
Xkeyboard Config Project Xkeyboard-config
Xkeyboard Config Project Xkeyboard-config 2.2
X X.org X11 6.0
X X.org X11 6.3
X X.org X11 6.8.2
X X.org X11 7.0
X X.org X11 7.5
Xkeyboard Config Project Xkeyboard-config 2.3
Xkeyboard Config Project Xkeyboard-config 2.1
10
CVSSv2
CVE-2006-6102
Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified da...
X.org X.org 6.9.0
X.org X.org 7.0
X.org X.org 6.8.2
X.org X.org 7.1
Xfree86 Project Xfree86 X Server
7.2
CVSSv2
CVE-2021-4010
A flaw was found in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
X.org X Server
X.org X Server 21.1.1
X.org X Server 21.1.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-3553
A vulnerability, which was classified as problematic, was found in X.org Server. This affects an unknown part of the file hw/xquartz/X11Controller.m of the component xquartz. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The id...
X.org X Server -
4.4
CVSSv2
CVE-2020-25697
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an malicious user to take control of an X application by impersonating the server it is expecting to connect to.
X.org X Server -
6.1
CVSSv2
CVE-2020-14360
A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
X.org X Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »