Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x11 vulnerabilities and exploits
(subscribe to this query)
6.2
CVSSv2
CVE-2007-3103
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
Fedoraproject Fedora Core 6.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 4.0
Redhat Linux
1 EDB exploit
7.5
CVSSv2
CVE-2000-1169
OpenSSH SSH client prior to 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.
Openbsd Openssh 2.2
7.5
CVSSv2
CVE-2005-0605
scan.c for LibXPM may allow malicious users to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
X.org X11r6 6.8
X.org X11r6 6.8.1
Xfree86 Project X11r6 3.3
Xfree86 Project X11r6 4.0.1
Xfree86 Project X11r6 4.0.2.11
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.3.0
Sgi Propack 3.0
X.org X11r6 6.7.0
Xfree86 Project X11r6 3.3.6
Xfree86 Project X11r6 4.0
Xfree86 Project X11r6 4.2.0
Lesstif Lesstif 0.93.94
Xfree86 Project X11r6 3.3.4
Xfree86 Project X11r6 3.3.5
Xfree86 Project X11r6 4.1.11
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 3.3.2
Xfree86 Project X11r6 3.3.3
Xfree86 Project X11r6 4.0.3
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.3.0.1
5
CVSSv2
CVE-2013-4549
QXmlSimpleReader in Qt prior to 5.2 allows context-dependent malicious users to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.
Digia Qt
Qt Qt 5.0.2
NA
CVE-2023-0494
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where th...
X.org X Server
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 8.1
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Workstation 7.0
Redhat Enterprise Linux Aus 8.4
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux For Power Little Endian Eus 8.4
2.1
CVSSv2
CVE-2020-14347
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
X.org Xorg-server
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
7.1
CVSSv2
CVE-2009-1713
The XSLT functionality in WebKit in Apple Safari prior to 4.0 does not properly implement the document function, which allows remote malicious users to read (1) arbitrary local files and (2) files from different security zones via unspecified vectors.
Apple Safari 3.1.2
Apple Safari 0.8
Apple Safari 2.0.2
Apple Safari 2.0.4
Apple Safari 3.0
Apple Safari 3.0.4
Apple Safari 3.1.1
Apple Safari 3.1
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 2.0
Apple Safari 0.9
Apple Safari 3.0.3
Apple Safari 1.0
Apple Safari 1.1
Apple Safari 3.2.1
Apple Safari 3.2.3
Apple Safari 1.0.3
Apple Safari 1.2
Apple Safari 1.3
Apple Safari
Apple Safari 3.0.2
NA
CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will tri...
X.org Xorg-server
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
3.6
CVSSv2
CVE-2013-0254
The QSharedMemory class in Qt 5.0.0, 4.8.x prior to 4.8.5, 4.7.x prior to 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical prog...
Qt Qt 1.41
Qt Qt 1.44
Qt Qt 1.45
Qt Qt 1.42
Qt Qt 1.43
Qt Qt 2.0.0
Qt Qt 2.0.1
Qt Qt 2.0.2
Qt Qt 3.3.4
Qt Qt 3.3.5
Qt Qt 3.3.6
Qt Qt 3.3.2
Qt Qt 3.3.3
Qt Qt 3.3.0
Qt Qt 3.3.1
Qt Qt 4.1.2
Qt Qt 4.1.3
Qt Qt 4.1.4
Qt Qt 4.1.5
Qt Qt 4.1.0
Qt Qt 4.1.1
Qt Qt 4.0.0
6.5
CVSSv2
CVE-2014-8094
Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 up to and including 1.16.x prior to 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a...
X.org Xorg-server 1.14.2
X.org Xorg-server 1.10.1
X.org Xorg-server 1.8.99.905
X.org Xorg-server 1.13.1.901
X.org Xorg-server 1.7.5.902
X.org Xorg-server 1.7.4.901
X.org Xorg-server 1.11.0
X.org Xorg-server 1.7.2
X.org Xorg-server 1.8.2.901
X.org Xorg-server 1.12.1.902
X.org Xorg-server 1.13.3
X.org Xorg-server 1.10.6
X.org Xorg-server 1.14.1.902
X.org Xorg-server 1.11.3
X.org Xorg-server 1.14.4.901
X.org Xorg-server 1.10.4
X.org Xorg-server 1.9.99.903
X.org Xorg-server 1.16.0
X.org Xorg-server 1.14.4
X.org Xorg-server 1.10.99.901
X.org Xorg-server 1.14.5.901
X.org Xorg-server 1.12.3.901
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »