Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xorg-server vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-1379
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent malicious users to read arbitrary process memory via crafted values for a Pixmap width and height.
X X11 R7.3
9
CVSSv2
CVE-2008-1377
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent malicious users to execute arbitrar...
X X11 R7.3
9.3
CVSSv2
CVE-2007-6429
Multiple integer overflows in X.Org Xserver prior to 1.4.1 allow context-dependent malicious users to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or ...
X.org Xserver
X.org Evi
X.org Mit-shm
7.5
CVSSv2
CVE-2008-0006
Buffer overflow in (1) X.Org Xserver prior to 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent malicious users to execute arbitrary code via a PCF font with a large difference between the last col and first col va...
Sun Solaris Libfont
Sun Solaris Libxfont
X.org Xserver
6.6
CVSSv2
CVE-2006-6103
Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data...
X.org X.org 7.1
Xfree86 Project Xfree86
X.org X.org 6.8.2
X.org X.org 6.9.0
X.org X.org 7.0
6.6
CVSSv2
CVE-2006-6101
Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph manage...
X.org X.org 7.0
X.org X.org 7.1
Xfree86 Project Xfree86
X.org X.org 6.8.2
X.org X.org 6.9.0
10
CVSSv2
CVE-2006-6102
Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified da...
X.org X.org 6.9.0
X.org X.org 7.0
X.org X.org 6.8.2
X.org X.org 7.1
Xfree86 Project Xfree86 X Server
NA
CVE-2024-0408
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access t...
X.org Xwayland
X.org Xorg-server
Tigervnc Tigervnc
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
NA
CVE-2024-0409
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
X.org Xwayland
X.org Xorg-server
Tigervnc Tigervnc
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
1.2
CVSSv2
CVE-2011-4028
The LockServer function in os/utils.c in X.Org xserver prior to 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.
X.org X Server
X.org X Server 1.11.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »