Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x x11 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-0037
X11 in Apple Mac OS X 10.5 up to and including 10.5.1 does not properly handle when the "Allow connections from network client" preference is disabled, which allows remote malicious users to bypass intended access restrictions and connect to the X server.
Apple Mac Os X 10.5.1
Apple Mac Os X 10.5
4.3
CVSSv2
CVE-2007-4730
Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server prior to 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.
X.org Xorg-server 1.01
X.org Xorg-server 1.02
X.org Xorg-server 1.1
X.org Xorg-server 1.2
X.org Xorg-server 1.3
3.8
CVSSv2
CVE-2007-1352
Integer overflow in the FontFileInitTable function in X.Org libXfont prior to 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
Mandrakesoft Mandrake Multi Network Firewall 2.0
X.org Libxfont 1.2.2
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux 4.0
Redhat Fedora Core Core 1.0
Redhat Linux 9.0
Redhat Enterprise Linux Desktop 5.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Slackware Slackware Linux Current
Slackware Slackware Linux 9.0
Slackware Slackware Linux 9.1
Turbolinux Turbolinux Desktop 10.0
Ubuntu Ubuntu Linux 5.10
Ubuntu Ubuntu Linux 6.06 Lts
Ubuntu Ubuntu Linux 6.10
Ubuntu Ubuntu Linux 4.1
Rpath Linux 1
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
3.6
CVSSv2
CVE-2017-13720
In the PatternMatch function in fontfile/fontdir.c in libXfont up to and including 1.5.2 and 2.x prior to 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of servi...
X.org Libxfont 2.0.0
X.org Libxfont 2.0.1
X.org Libxfont
3.6
CVSSv2
CVE-2017-13722
In the pcfGetProperties function in bitmap/pcfread.c in libXfont up to and including 1.5.2 and 2.x prior to 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash o...
X.org Libxfont 2.0.0
X.org Libxfont 2.0.1
X.org Libxfont
3.6
CVSSv2
CVE-2015-3164
The authentication setup in XWayland 1.16.x and 1.17.x prior to 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.
Opensuse Opensuse 13.2
X.org Xorg-server 1.16.3
X.org Xorg-server 1.16.4
X.org Xorg-server 1.16.0
X.org Xorg-server 1.16.1
X.org Xorg-server 1.17.0
X.org Xorg-server 1.17.1
X.org Xorg-server 1.16.99.901
X.org Xorg-server 1.16.99.902
X.org Xorg-server 1.16.2
X.org Xorg-server 1.16.1.901
X.org Xorg-server 1.16.2.901
3.6
CVSSv2
CVE-2013-0254
The QSharedMemory class in Qt 5.0.0, 4.8.x prior to 4.8.5, 4.7.x prior to 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical prog...
Qt Qt 1.41
Qt Qt 1.44
Qt Qt 1.45
Qt Qt 1.42
Qt Qt 1.43
Qt Qt 2.0.0
Qt Qt 2.0.1
Qt Qt 2.0.2
Qt Qt 3.3.4
Qt Qt 3.3.5
Qt Qt 3.3.6
Qt Qt 3.3.2
Qt Qt 3.3.3
Qt Qt 3.3.0
Qt Qt 3.3.1
Qt Qt 4.1.2
Qt Qt 4.1.3
Qt Qt 4.1.4
Qt Qt 4.1.5
Qt Qt 4.1.0
Qt Qt 4.1.1
Qt Qt 4.0.0
3.6
CVSSv2
CVE-2012-1699
The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 prior to 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and...
X X.org X11 6.0
X X.org X11 6.4
X X.org X11 6.5.1
X X.org X11 6.1
X X.org X11 6.3
X X.org X11 6.6
Xfree86 Xfree86
3.3
CVSSv2
CVE-2020-28049
An issue exists in SDDM prior to 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display ...
Sddm Project Sddm
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
2.1
CVSSv2
CVE-2020-14347
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
X.org Xorg-server
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »