Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x.org vulnerabilities and exploits
(subscribe to this query)
107
VMScore
CVE-2011-4028
The LockServer function in os/utils.c in X.Org xserver prior to 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.
X.org X Server
X.org X Server 1.11.0
195
VMScore
CVE-2011-4029
The LockServer function in os/utils.c in X.Org xserver prior to 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
X.org X Server
X.org X Server 1.11.0
1 EDB exploit
1 Github repository
670
VMScore
CVE-2021-31535
LookupCol.c in X.Org X through X11R7.7 and libX11 prior to 1.7.1 might allow remote malicious users to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer ...
X.org X Window System
X.org Libx11
Fedoraproject Fedora 33
6 Github repositories
578
VMScore
CVE-2014-8102
The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) prior to 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or po...
X.org Xorg-server
X.org X11 6.8
Debian Debian Linux 7.0
725
VMScore
CVE-2006-0745
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepa...
X.org X11r7 1.0
X.org X11r7 1.0.1
X.org X11r6 6.9
Mandrakesoft Mandrake Linux 2006
Redhat Fedora Core Core 5.0
Sun Solaris 10.0
Suse Suse Linux 10.0
1 EDB exploit
570
VMScore
CVE-2015-0255
X.Org Server (aka xserver and xorg-server) prior to 1.16.3 and 1.17.x prior to 1.17.1 allows remote malicious users to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.
X.org Xorg-server 1.17.0
X.org Xorg-server
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
641
VMScore
CVE-2021-4010
A flaw was found in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
X.org X Server
X.org X Server 21.1.1
X.org X Server 21.1.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-46285
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.
X.org Libxpm
552
VMScore
CVE-1999-0965
Race condition in xterm allows local users to modify arbitrary files via the logging option.
X.org Xterm
NA
CVE-2022-44617
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.
X.org Libxpm
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »