Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x11 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-14361
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...
X.org Xorg-server
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux 8.0
7.8
CVSSv3
CVE-2020-14362
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...
X.org Xorg-server
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux 8.0
7.8
CVSSv3
CVE-2020-14345
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
X.org X Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
7.8
CVSSv3
CVE-2020-2851
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris execu...
Oracle Solaris 11
Oracle Solaris 10
2 Github repositories
7.8
CVSSv3
CVE-2012-1093
The init script in the Debian x11-common package prior to 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian X11-common
7.8
CVSSv3
CVE-2019-1010316
pyxtrlock 0.3 and previous versions is affected by: Incorrect Access Control. The impact is: False locking impression when run in a non-X11 session. The fixed version is: 0.4.
Pyxtrlock Project Pyxtrlock
7.8
CVSSv3
CVE-2016-10122
Firejail does not properly clean environment variables, which allows local users to gain privileges.
Firejail Project Firejail -
7.5
CVSSv3
CVE-2023-6478
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.
X.org X Server
X.org Xwayland
Redhat Enterprise Linux Eus 9.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Tigervnc Tigervnc -
7.5
CVSSv3
CVE-2023-33411
A web server in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially...
Supermicro M11sdv-4c-ln4f Firmware
Supermicro M11sdv-4ct-ln4f Firmware
Supermicro M11sdv-8c-ln4f Firmware
Supermicro M11sdv-8ct-ln4f Firmware
Supermicro M11sdv-8c\\+-ln4f Firmware
Supermicro C9x299-pg Firmware
Supermicro C9x299-pg300 Firmware
Supermicro C9x299-pg300f Firmware
Supermicro C9x299-pgf Firmware
Supermicro C9x299-pgf-l Firmware
Supermicro C9x299-rpgf Firmware
Supermicro C9x299-rpgf-l Firmware
Supermicro B13dee Firmware
Supermicro B13det Firmware
Supermicro B13see-cpu-25g Firmware
Supermicro B13seg Firmware
Supermicro H13dsg-o-cpu Firmware
Supermicro H13dsg-o-cpu-d Firmware
Supermicro H13dsg-om Firmware
Supermicro H13dsh Firmware
Supermicro H13sae-mf Firmware
Supermicro H13sra-f Firmware
7.5
CVSSv3
CVE-2023-3138
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array in...
X.org Libx11
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »