VYPR

Xserver

by Xorg

Source repositories

CVEs (71)

  • CVE-2023-6377Dec 13, 2023
    risk 0.00cvss epss 0.02

    A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is…

  • CVE-2023-5367Oct 25, 2023
    risk 0.00cvss epss 0.01

    A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in…

  • CVE-2023-1393Mar 30, 2023
    risk 0.00cvss epss 0.00

    A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will…

  • CVE-2015-3164Jul 1, 2015
    risk 0.00cvss epss 0.00

    The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.

  • CVE-2015-0255Feb 13, 2015
    risk 0.00cvss epss 0.04

    X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.

  • CVE-2014-8103Dec 10, 2014
    risk 0.00cvss epss 0.03

    X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) sproc_dri3_query_version,…

  • CVE-2014-8102Dec 10, 2014
    risk 0.00cvss epss 0.04

    The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or…

  • CVE-2014-8101Dec 10, 2014
    risk 0.00cvss epss 0.04

    The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…

  • CVE-2014-8100Dec 10, 2014
    risk 0.00cvss epss 0.04

    The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…

  • CVE-2014-8099Dec 10, 2014
    risk 0.00cvss epss 0.04

    The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…

  • CVE-2014-8098Dec 10, 2014
    risk 0.00cvss epss 0.05

    The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…

  • CVE-2014-8097Dec 10, 2014
    risk 0.00cvss epss 0.04

    The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or…

  • CVE-2014-8096Dec 10, 2014
    risk 0.00cvss epss 0.05

    The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly…

  • CVE-2014-8095Dec 10, 2014
    risk 0.00cvss epss 0.04

    The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or…

  • CVE-2014-8094Dec 10, 2014
    risk 0.00cvss epss 0.04

    Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted…

  • CVE-2014-8093Dec 10, 2014
    risk 0.00cvss epss 0.04

    Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via…

  • CVE-2014-8092Dec 10, 2014
    risk 0.00cvss epss 0.04

    Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1)…

  • CVE-2014-8091Dec 10, 2014
    risk 0.00cvss epss 0.04

    X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service…

  • CVE-2013-6425Jan 18, 2014
    risk 0.00cvss epss 0.03

    Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.

  • CVE-2013-4396Oct 10, 2013
    risk 0.00cvss epss 0.04

    Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that…