Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x.org x server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5574
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-f...
X.org X Server
Redhat Enterprise Linux 7.0
3.6
CVSSv2
CVE-2015-3164
The authentication setup in XWayland 1.16.x and 1.17.x prior to 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.
Opensuse Opensuse 13.2
X.org Xorg-server 1.16.3
X.org Xorg-server 1.16.4
X.org Xorg-server 1.16.0
X.org Xorg-server 1.16.1
X.org Xorg-server 1.17.0
X.org Xorg-server 1.17.1
X.org Xorg-server 1.16.99.901
X.org Xorg-server 1.16.99.902
X.org Xorg-server 1.16.2
X.org Xorg-server 1.16.1.901
X.org Xorg-server 1.16.2.901
4.3
CVSSv2
CVE-2007-4730
Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server prior to 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.
X.org Xorg-server 1.01
X.org Xorg-server 1.02
X.org Xorg-server 1.1
X.org Xorg-server 1.2
X.org Xorg-server 1.3
7.2
CVSSv2
CVE-2006-3739
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
X.org X.org 6.8.2
Xfree86 Project Xfree86 X
7.2
CVSSv2
CVE-2006-3740
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
X.org X.org 6.8.2
Xfree86 Project Xfree86 X
6.5
CVSSv2
CVE-2014-8093
Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) prior to 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code vi...
X.org X11 6.7
X.org Xorg-server
X.org Xfree86 4.0
6.5
CVSSv2
CVE-2014-8099
The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) prior to 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via ...
X.org X11 6.7
X.org Xorg-server
X.org Xfree86 4.0
6.5
CVSSv2
CVE-2014-8100
The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) prior to 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via ...
X.org Xfree86 4.0.1
X.org Xorg-server
X.org X11 6.7
6.5
CVSSv2
CVE-2014-8101
The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) prior to 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a...
X.org Xfree86 4.2.0
X.org Xorg-server
X.org X11 6.7
7.5
CVSSv2
CVE-2021-31535
LookupCol.c in X.Org X through X11R7.7 and libX11 prior to 1.7.1 might allow remote malicious users to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer ...
X.org X Window System
X.org Libx11
Fedoraproject Fedora 33
6 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »