Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x11 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2012-2118
Format string vulnerability in the LogVHdrMessageVerb function in os/log.c in X.Org X11 1.11 allows malicious users to cause a denial of service or possibly execute arbitrary code via format string specifiers in an input device name.
X.org X11 1.11
10
CVSSv2
CVE-2008-2362
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent malicious users to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient reques...
X X11 R7.3
10
CVSSv2
CVE-2004-0994
Multiple integer overflows in xzgv 0.8 and previous versions allow remote malicious users to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-200...
Zgv Zgv Image Viewer 5.8
Zgv Zgv Image Viewer 5.6
Zgv Zgv Image Viewer 5.7
Zgv Xzgv Image Viewer 0.8
Zgv Zgv Image Viewer 5.5
Zgv Xzgv Image Viewer 0.6
Zgv Xzgv Image Viewer 0.7
Debian Debian Linux 3.0
10
CVSSv2
CVE-1999-0526
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
X.org X11 7.1 1.1.0
9.3
CVSSv2
CVE-2011-3193
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt prior to 4.7.4 and Pango, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Gnome Pango
Qt Qt
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.1
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Workstation 6.0
Opensuse Opensuse 11.3
Opensuse Opensuse 11.4
9.3
CVSSv2
CVE-2011-3194
Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the TIFFTAG_SAMPLESPERPIXEL tag in a greyscale TIFF image with multiple samples per pixel.
Qt Qt 4.7.4
9.3
CVSSv2
CVE-2011-0465
xrdb.c in xrdb prior to 1.0.9 in X.Org X11R7.6 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
X X11
X X11 R7.5
Matthias Hopf Xrdb 1.0.6
Matthias Hopf Xrdb 1.0.5
Matthias Hopf Xrdb 1.0.4
X X11 R6.8.0
X X11 R6.7.0
X X11 R6
X X11 R5
Matthias Hopf Xrdb
Matthias Hopf Xrdb 1.0.7
X X11 R6.8.2
X X11 R6.8.1
X X11 R6.3
X X11 R6.1
X X11 R7.2
X X11 R7.1
X X11 R7.0
X X11 R6.9.0
X X11 R6.5.1
X X11 R6.4
X X11 R2
9.3
CVSSv2
CVE-2009-1725
WebKit in Apple Safari prior to 4.0.2, as used on iPhone OS prior to 3.1, iPhone OS prior to 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allow...
Apple Safari 3.0.4b
Apple Safari 2.0.3
Apple Safari
Apple Safari 3.0.4
Apple Safari 3.0.1
Apple Safari 2.0.1
Apple Safari 2.0.2
Apple Safari 3.0.0
Apple Safari 3.1.1
Apple Safari 3.1.0b
Apple Safari 3.0.2
Apple Safari 4.0.0b
Apple Safari 3.1.0
Apple Safari 4.0
Apple Safari 3.2.2
Apple Safari 3.0.3b
Apple Safari 3.0.0b
Apple Safari 3.1.2
Apple Safari 3.0.3
Apple Safari 2.0.4
Apple Safari 2.0.0
Apple Safari 2.0
9.3
CVSSv2
CVE-2009-1698
WebKit in Apple Safari prior to 4.0, iPhone OS 1.0 up to and including 2.2.1, and iPhone OS for iPod touch 1.1 up to and including 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allow...
Apple Safari 3.0.4b
Apple Safari 2.0.3
Apple Safari 3.0.4
Apple Safari 3.0.1
Apple Safari 2.0.1
Apple Safari 2.0.2
Apple Safari 3.0.0
Apple Safari 3.1.0b
Apple Safari 3.1.0
Apple Safari 3.0.1b
Apple Safari 3.1.2
Apple Safari 3.1.1
Apple Safari 3.0.2b
Apple Safari 3.0.2
Apple Safari 2.0.4
Apple Safari 2.0
Apple Safari
Apple Safari 3.0.0b
Apple Safari 3.2.0
Apple Safari 3.0.3b
Apple Safari 3.0.3
Apple Safari 2.0.0
9.3
CVSSv2
CVE-2009-1711
WebKit in Apple Safari prior to 4.0 does not properly initialize memory for Attr DOM objects, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.
Apple Safari 3.1.1
Apple Safari 3.1
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 3.0.2
Apple Safari 0.9
Apple Safari 1.2
Apple Safari 1.3
Apple Safari 3.2.3
Apple Safari
Apple Safari 3.1.2
Apple Safari 0.8
Apple Safari 2.0
Apple Safari 2.0.2
Apple Safari 3.0.3
Apple Safari 3.0
Apple Safari 3.0.4
Apple Safari 1.0
Apple Safari 1.1
Apple Safari 2.0.4
Apple Safari 3.2.1
Apple Safari 1.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »