Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x.org x.org vulnerabilities and exploits
(subscribe to this query)
107
VMScore
CVE-2011-4028
The LockServer function in os/utils.c in X.Org xserver prior to 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.
X.org X Server
X.org X Server 1.11.0
195
VMScore
CVE-2011-4029
The LockServer function in os/utils.c in X.Org xserver prior to 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
X.org X Server
X.org X Server 1.11.0
1 EDB exploit
1 Github repository
670
VMScore
CVE-2021-31535
LookupCol.c in X.Org X through X11R7.7 and libX11 prior to 1.7.1 might allow remote malicious users to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer ...
X.org X Window System
X.org Libx11
Fedoraproject Fedora 33
6 Github repositories
578
VMScore
CVE-2014-8102
The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) prior to 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or po...
X.org Xorg-server
X.org X11 6.8
Debian Debian Linux 7.0
725
VMScore
CVE-2006-0745
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepa...
X.org X11r7 1.0
X.org X11r7 1.0.1
X.org X11r6 6.9
Mandrakesoft Mandrake Linux 2006
Redhat Fedora Core Core 5.0
Sun Solaris 10.0
Suse Suse Linux 10.0
1 EDB exploit
570
VMScore
CVE-2015-0255
X.Org Server (aka xserver and xorg-server) prior to 1.16.3 and 1.17.x prior to 1.17.1 allows remote malicious users to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.
X.org Xorg-server 1.17.0
X.org Xorg-server
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
641
VMScore
CVE-2021-4010
A flaw was found in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
X.org X Server
X.org X Server 21.1.1
X.org X Server 21.1.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-4883
A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by mani...
X.org Libxpm
552
VMScore
CVE-1999-0965
Race condition in xterm allows local users to modify arbitrary files via the logging option.
X.org Xterm
505
VMScore
CVE-2007-5958
X.Org Xserver prior to 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
X.org Xserver
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »