Filtered by vendor X
Subscribe
Total
52 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1940 | 2 Canonical, X | 2 Ubuntu Linux, X.org-xserver | 2025-04-11 | 2.1 LOW | N/A |
| X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty. | |||||
| CVE-2013-2003 | 1 X | 1 Libxcursor | 2025-04-11 | 6.8 MEDIUM | N/A |
| Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function. | |||||
| CVE-2013-1996 | 1 X | 1 Libfs | 2025-04-11 | 6.8 MEDIUM | N/A |
| X.org libFS 1.0.4 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function. | |||||
| CVE-2013-1988 | 1 X | 1 Libxres | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions. | |||||
| CVE-2012-1699 | 2 X, Xfree86 | 2 X.org X11, Xfree86 | 2025-04-11 | 3.6 LOW | N/A |
| The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a pointer, which allows local users to cause a denial of service (memory corruption and crash) or obtain potentially sensitive information from memory via a SetEventMask request that triggers an invalid pointer dereference. | |||||
| CVE-2013-1986 | 1 X | 1 Libxrandr | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions. | |||||
| CVE-2013-6462 | 1 X | 1 Libxfont | 2025-04-11 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file. | |||||
| CVE-2008-1379 | 1 X | 1 X11 | 2025-04-09 | 6.8 MEDIUM | N/A |
| Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height. | |||||
| CVE-2008-1377 | 1 X | 1 X11 | 2025-04-09 | 9.0 HIGH | N/A |
| The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. | |||||
| CVE-2008-2362 | 1 X | 1 X11 | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption. | |||||
| CVE-2008-2360 | 1 X | 1 X11 | 2025-04-09 | 9.0 HIGH | N/A |
| Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow. | |||||
| CVE-2015-9262 | 4 Canonical, Debian, Redhat and 1 more | 7 Ubuntu Linux, Debian Linux, Ansible Tower and 4 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. | |||||