Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x.org xwayland vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31083
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted g...
NA
CVE-2024-31080
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered b...
NA
CVE-2024-31081
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered b...
NA
CVE-2024-31082
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered ...
5.5
CVSSv3
CVE-2024-0408
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access t...
X.org Xwayland
X.org Xorg-server
Tigervnc Tigervnc
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
7.8
CVSSv3
CVE-2024-0409
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
X.org Xwayland
X.org Xorg-server
Tigervnc Tigervnc
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
9.8
CVSSv3
CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular num...
X.org Xwayland
X.org Xorg-server
Fedoraproject Fedora 39
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2023-6478
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.
X.org X Server
X.org Xwayland
Redhat Enterprise Linux Eus 9.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Tigervnc Tigervnc -
7.8
CVSSv3
CVE-2023-6377
A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is inv...
Redhat Enterprise Linux Eus 9.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
X.org X Server
X.org Xwayland
Tigervnc Tigervnc -
7.8
CVSSv3
CVE-2023-5367
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrprope...
X.org Xwayland
X.org X Server
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux For Power Little Endian 7.0 Ppc64le
Redhat Enterprise Linux For Power Big Endian 7.0 Ppc64
Redhat Enterprise Linux For Ibm Z Systems 7.0 S390x
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 11.0
Debian Debian Linux 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »