Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x.org x server vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2020-14362
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...
X.org Xorg-server
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux 8.0
4.6
CVSSv2
CVE-2020-14345
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
X.org X Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
4.6
CVSSv2
CVE-2019-17624
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly have unspecified other impact. Note: It is disputed ...
X.org X Server
1 EDB exploit
4.6
CVSSv2
CVE-2017-13723
In X.Org Server (aka xserver and xorg-server) prior to 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkb...
X.org Xorg-server
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.6
CVSSv2
CVE-2012-0064
xkeyboard-config prior to 2.5 in X.Org prior to 7.6 enables certain XKB debugging functions by default, which allows physically proximate malicious users to bypass an X screen lock via keyboard combinations that break the input grab.
X X.org X11 7.1
Xkeyboard Config Project Xkeyboard-config 2.0
X X.org X11 1.0
Xkeyboard Config Project Xkeyboard-config 2.2
X X.org X11 4.0
Xkeyboard Config Project Xkeyboard-config 2.1
X X.org X11 7.2
X X.org X11 7.3
X X.org X11 6.4
X X.org X11 6.6
X X.org X11 7.5
X X.org X11 5.0
X X.org X11 6.3
X X.org X11 7.0
Xkeyboard Config Project Xkeyboard-config 2.3
X X.org X11 6.0
X X.org X11 6.5.1
X X.org X11 6.7
X X.org X11 6.8.2
X X.org X11 7.4
X X.org X11 6.1
X X.org X11 6.8
4.6
CVSSv2
CVE-2011-4613
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Debian Debian Linux
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 10.04
Ubuntu Linux
X.org X Server -
1 EDB exploit
4.4
CVSSv2
CVE-2020-25697
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an malicious user to take control of an X application by impersonating the server it is expecting to connect to.
X.org X Server -
4.3
CVSSv2
CVE-2014-8091
X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) prior to 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote malicious users to cause a denial of ser...
X.org Xorg-server
X.org X11 5.0
4.3
CVSSv2
CVE-2007-4730
Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server prior to 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.
X.org Xorg-server 1.02
X.org Xorg-server 1.3
X.org Xorg-server 1.2
X.org Xorg-server 1.01
X.org Xorg-server 1.1
4
CVSSv2
CVE-2017-10972
Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server prior to 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server.
X.org Xorg-server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »