Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x x11 vulnerabilities and exploits
(subscribe to this query)
454
VMScore
CVE-2005-2495
Multiple integer overflows in XFree86 prior to 4.3.0 allow user-assisted malicious users to execute arbitrary code via a crafted pixmap image.
Xfree86 Project Xfree86 3.3.6
Xfree86 Project Xfree86 4.0.0
Xfree86 Project Xfree86 4.0.1
Xfree86 Project Xfree86 4.0.2
Xfree86 Project Xfree86 4.2.0
Xfree86 Project Xfree86 4.2.1
Xfree86 Project Xfree86 4.0.3
Xfree86 Project Xfree86 4.1.0
625
VMScore
CVE-2007-3103
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
Fedoraproject Fedora Core 6.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 4.0
Redhat Linux
1 EDB exploit
NA
CVE-2023-5367
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrprope...
X.org Xwayland
X.org X Server
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux For Power Little Endian 7.0 Ppc64le
Redhat Enterprise Linux For Power Big Endian 7.0 Ppc64
Redhat Enterprise Linux For Ibm Z Systems 7.0 S390x
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 11.0
Debian Debian Linux 12.0
668
VMScore
CVE-2005-0605
scan.c for LibXPM may allow malicious users to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
X.org X11r6 6.8
X.org X11r6 6.8.1
Xfree86 Project X11r6 3.3
Xfree86 Project X11r6 4.0.1
Xfree86 Project X11r6 4.0.2.11
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.3.0
Sgi Propack 3.0
X.org X11r6 6.7.0
Xfree86 Project X11r6 3.3.6
Xfree86 Project X11r6 4.0
Xfree86 Project X11r6 4.2.0
Lesstif Lesstif 0.93.94
Xfree86 Project X11r6 3.3.4
Xfree86 Project X11r6 3.3.5
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 3.3.2
Xfree86 Project X11r6 3.3.3
Xfree86 Project X11r6 4.0.3
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.3.0.1
470
VMScore
CVE-2002-0838
Buffer overflow in (1) gv 3.5.8 and previous versions, (2) gvv 1.0.2 and previous versions, (3) ggv 1.99.90 and previous versions, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and previous versions, allows malicious users to execute arbitrary code via a malformed (a) PDF...
Gv Gv 2.7.6
Gv Gv 2.7b1
Gv Gv 3.0.4
Gv Gv 3.1.4
Gv Gv 3.5.8
Ggv Ggv 1.0.2
Gv Gv 2.7b2
Gv Gv 2.7b3
Gv Gv 3.1.6
Gv Gv 3.2.4
Ghostview Ghostview 1.4.1
Ghostview Ghostview 1.5
Gv Gv 2.9.4
Gv Gv 3.0.0
Gv Gv 3.4.3
Gv Gv 3.5.2
Gv Gv 3.5.3
Ghostview Ghostview 1.3
Ghostview Ghostview 1.4
Gv Gv 2.7b4
Gv Gv 2.7b5
Gv Gv 3.4.12
2 EDB exploits
187
VMScore
CVE-2020-14347
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
X.org Xorg-server
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
320
VMScore
CVE-2013-0254
The QSharedMemory class in Qt 5.0.0, 4.8.x prior to 4.8.5, 4.7.x prior to 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical prog...
Qt Qt 1.41
Qt Qt 1.44
Qt Qt 1.45
Qt Qt 1.42
Qt Qt 1.43
Qt Qt 2.0.0
Qt Qt 2.0.1
Qt Qt 2.0.2
Qt Qt 3.3.4
Qt Qt 3.3.5
Qt Qt 3.3.6
Qt Qt 3.3.2
Qt Qt 3.3.3
Qt Qt 3.3.0
Qt Qt 3.3.1
Qt Qt 4.1.2
Qt Qt 4.1.3
Qt Qt 4.1.4
Qt Qt 4.1.5
Qt Qt 4.1.0
Qt Qt 4.1.1
Qt Qt 4.0.0
NA
CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will tri...
X.org Xorg-server
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
320
VMScore
CVE-2015-3164
The authentication setup in XWayland 1.16.x and 1.17.x prior to 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.
Opensuse Opensuse 13.2
X.org Xorg-server 1.16.3
X.org Xorg-server 1.16.4
X.org Xorg-server 1.16.0
X.org Xorg-server 1.16.1
X.org Xorg-server 1.17.0
X.org Xorg-server 1.17.1
X.org Xorg-server 1.16.99.901
X.org Xorg-server 1.16.99.902
X.org Xorg-server 1.16.2
X.org Xorg-server 1.16.1.901
X.org Xorg-server 1.16.2.901
668
VMScore
CVE-2017-12180
xorg-x11-server prior to 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
X.org Xorg-server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »