Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x.org xwayland vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2024-9632
A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions wh...
7.8
CVSSv3
CVE-2024-31083
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted g...
7.3
CVSSv3
CVE-2024-31080
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered b...
7.3
CVSSv3
CVE-2024-31081
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered b...
7.3
CVSSv3
CVE-2024-31082
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered ...
7.8
CVSSv3
CVE-2024-21885
A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an applicat...
7.8
CVSSv3
CVE-2024-21886
A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.
7.8
CVSSv3
CVE-2024-0229
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended...
X.org X Server
X.org Xwayland
Fedoraproject Fedora 39
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Aus 8.2
Redhat Enterprise Linux Aus 8.4
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Eus 9.0
Redhat Enterprise Linux Eus 9.2
5.5
CVSSv3
CVE-2024-0408
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access t...
Tigervnc Tigervnc
X.org Xorg-server
X.org Xwayland
Fedoraproject Fedora 39
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
7.8
CVSSv3
CVE-2024-0409
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
Tigervnc Tigervnc
X.org Xorg-server
X.org Xwayland
Fedoraproject Fedora 39
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
log injection
CVE-2024-42327
CVE-2024-53691
camera
CVE-2024-53810
CVE-2024-41649
logic flaw
CVE-2024-38921
CVE-2024-41713
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »