rpm package

suse/xorg-x11-server&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Vulnerabilities (24)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-14360	—	< 7.6_1.18.3-76.37.1	7.6_1.18.3-76.37.1	Jan 20, 2021	A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-25712	—	< 7.6_1.18.3-76.37.1	7.6_1.18.3-76.37.1	Dec 15, 2020	A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14345	—	< 7.6_1.18.3-76.26.1	7.6_1.18.3-76.26.1	Sep 15, 2020	A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14362	—	< 7.6_1.18.3-76.29.1	7.6_1.18.3-76.29.1	Sep 15, 2020	A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit
CVE-2020-14361	—	< 7.6_1.18.3-76.29.1	7.6_1.18.3-76.29.1	Sep 15, 2020	A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit
CVE-2020-14346	—	< 7.6_1.18.3-76.26.1	7.6_1.18.3-76.26.1	Sep 15, 2020	A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste
CVE-2020-14347	—	< 7.6_1.18.3-76.26.1	7.6_1.18.3-76.26.1	Aug 5, 2020	A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
CVE-2017-2624	—	< 7.6_1.18.3-71.1	7.6_1.18.3-71.1	Jul 27, 2018	It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is s
CVE-2017-12187	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12186	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12185	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12184	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12183	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12182	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12181	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12180	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12179	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12178	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12177	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12176	—	< 7.6_1.18.3-76.15.2	7.6_1.18.3-76.15.2	Jan 24, 2018	xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

CVE-2020-14360Jan 20, 2021
affected < 7.6_1.18.3-76.37.1fixed 7.6_1.18.3-76.37.1
A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-25712Dec 15, 2020
affected < 7.6_1.18.3-76.37.1fixed 7.6_1.18.3-76.37.1
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14345Sep 15, 2020
affected < 7.6_1.18.3-76.26.1fixed 7.6_1.18.3-76.26.1
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14362Sep 15, 2020
affected < 7.6_1.18.3-76.29.1fixed 7.6_1.18.3-76.29.1
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit
CVE-2020-14361Sep 15, 2020
affected < 7.6_1.18.3-76.29.1fixed 7.6_1.18.3-76.29.1
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit
CVE-2020-14346Sep 15, 2020
affected < 7.6_1.18.3-76.26.1fixed 7.6_1.18.3-76.26.1
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste
CVE-2020-14347Aug 5, 2020
affected < 7.6_1.18.3-76.26.1fixed 7.6_1.18.3-76.26.1
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
CVE-2017-2624Jul 27, 2018
affected < 7.6_1.18.3-71.1fixed 7.6_1.18.3-71.1
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is s
CVE-2017-12187Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12186Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12185Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12184Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12183Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12182Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12181Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12180Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12179Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12178Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12177Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12176Jan 24, 2018
affected < 7.6_1.18.3-76.15.2fixed 7.6_1.18.3-76.15.2
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Page 1 of 2