Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x x11 vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv3
CVE-2020-28049
An issue exists in SDDM prior to 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display ...
Sddm Project Sddm
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
NA
CVE-2015-3814
The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x prior to 1.10.14 and 1.12.x prior to 1.12.5 interpret a zero value as a length rather than an error condition, which allows re...
Oracle Solaris 11.2
Wireshark Wireshark 1.12.4
Wireshark Wireshark 1.10.8
Wireshark Wireshark 1.12.0
Wireshark Wireshark 1.10.6
Wireshark Wireshark 1.10.9
Wireshark Wireshark 1.10.13
Wireshark Wireshark 1.10.12
Wireshark Wireshark 1.10.10
Wireshark Wireshark 1.10.0
Wireshark Wireshark 1.12.2
Wireshark Wireshark 1.10.3
Wireshark Wireshark 1.10.2
Wireshark Wireshark 1.10.1
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.10.7
Wireshark Wireshark 1.10.4
Wireshark Wireshark 1.10.14
Wireshark Wireshark 1.12.3
Wireshark Wireshark 1.10.5
Wireshark Wireshark 1.10.11
7.1
CVSSv3
CVE-2017-13722
In the pcfGetProperties function in bitmap/pcfread.c in libXfont up to and including 1.5.2 and 2.x prior to 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash o...
X.org Libxfont 2.0.0
X.org Libxfont 2.0.1
X.org Libxfont
NA
CVE-2007-4730
Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server prior to 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.
X.org Xorg-server 1.01
X.org Xorg-server 1.02
X.org Xorg-server 1.1
X.org Xorg-server 1.2
X.org Xorg-server 1.3
7.5
CVSSv3
CVE-2023-6478
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.
X.org X Server
X.org Xwayland
Redhat Enterprise Linux Eus 9.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Tigervnc Tigervnc -
NA
CVE-2015-3809
The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x prior to 1.12.5 does not properly track the current offset, which allows remote malicious users to cause a denial of service (infinite loop) via a crafted packet.
Wireshark Wireshark 1.12.4
Wireshark Wireshark 1.12.0
Wireshark Wireshark 1.12.2
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.12.3
NA
CVE-2015-3810
epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x prior to 1.12.5 uses a recursive algorithm, which allows remote malicious users to cause a denial of service (CPU consumption) via a crafted packet.
Wireshark Wireshark 1.12.4
Wireshark Wireshark 1.12.0
Wireshark Wireshark 1.12.2
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.12.3
NA
CVE-2015-3808
The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x prior to 1.12.5 does not reject a zero length, which allows remote malicious users to cause a denial of service (infinite loop) via a crafted packet.
Wireshark Wireshark 1.12.4
Wireshark Wireshark 1.12.0
Wireshark Wireshark 1.12.2
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.12.3
7.1
CVSSv3
CVE-2017-13720
In the PatternMatch function in fontfile/fontdir.c in libXfont up to and including 1.5.2 and 2.x prior to 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of servi...
X.org Libxfont 2.0.0
X.org Libxfont 2.0.1
X.org Libxfont
NA
CVE-2007-4752
ssh in OpenSSH prior to 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows malicious users to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Openbsd Openssh 4.3p2
Openbsd Openssh 4.3p1
Openbsd Openssh 4.0
Openbsd Openssh 4.3
Openbsd Openssh 4.2p1
Openbsd Openssh 4.4p1
Openbsd Openssh 4.4
Openbsd Openssh 4.1
Openbsd Openssh 4.0p1
Openbsd Openssh
Openbsd Openssh 4.5
Openbsd Openssh 4.2
Openbsd Openssh 4.1p1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »