Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x.org x server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4283
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems ...
X.org Xorg-server 1.20.4
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 11.0
9
CVSSv2
CVE-2008-2360
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent malicious users to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based...
X X11 R7.3
10
CVSSv2
CVE-2008-2362
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent malicious users to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient reques...
X X11 R7.3
9
CVSSv2
CVE-2008-1377
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent malicious users to execute arbitrar...
X X11 R7.3
6.8
CVSSv2
CVE-2008-1379
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent malicious users to read arbitrary process memory via crafted values for a Pixmap width and height.
X X11 R7.3
NA
CVE-2024-31082
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered ...
7.5
CVSSv2
CVE-2018-14599
An issue exists in libX11 up to and including 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
X.org Libx11
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 28
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
9.3
CVSSv2
CVE-2011-0465
xrdb.c in xrdb prior to 1.0.9 in X.Org X11R7.6 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
X X11
X X11 R7.5
Matthias Hopf Xrdb 1.0.6
Matthias Hopf Xrdb 1.0.5
Matthias Hopf Xrdb 1.0.4
X X11 R6.8.0
X X11 R6.7.0
X X11 R6
X X11 R5
Matthias Hopf Xrdb
Matthias Hopf Xrdb 1.0.7
X X11 R6.8.2
X X11 R6.8.1
X X11 R6.3
X X11 R6.1
X X11 R7.2
X X11 R7.1
X X11 R7.0
X X11 R6.9.0
X X11 R6.5.1
X X11 R6.4
X X11 R2
7.5
CVSSv2
CVE-2018-14600
An issue exists in libX11 up to and including 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
X.org Libx11
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
5
CVSSv2
CVE-2018-14598
An issue exists in XListExtensions in ListExt.c in libX11 up to and including 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).
X.org Libx11
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 28
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »