Vendor CVEs
Xorg
All CVEs
379 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-18651 | 0.00 | — | 0.01 | Aug 22, 2023 | Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame. | |||
| CVE-2020-36023 | 0.00 | — | 0.01 | Aug 11, 2023 | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function. | |||
| CVE-2020-36024 | 0.00 | — | 0.01 | Aug 11, 2023 | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. | |||
| CVE-2023-3138 | 0.00 | — | 0.02 | Jun 28, 2023 | A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array… | |||
| CVE-2023-1393 | 0.00 | — | 0.00 | Mar 30, 2023 | A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will… | |||
| CVE-2023-0494 | 0.00 | — | 0.01 | Mar 27, 2023 | A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where… | |||
| CVE-2022-46285 | 0.00 | — | 0.01 | Feb 7, 2023 | A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library. | |||
| CVE-2022-44617 | 0.00 | — | 0.01 | Feb 6, 2023 | A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library. | |||
| CVE-2022-46341 | 0.00 | — | 0.03 | Dec 14, 2022 | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is… | |||
| CVE-2022-46344 | 0.00 | — | 0.03 | Dec 14, 2022 | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on… | |||
| CVE-2022-46340 | 0.00 | — | 0.02 | Dec 14, 2022 | A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can… | |||
| CVE-2022-4283 | 0.00 | — | 0.01 | Dec 14, 2022 | A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems… | |||
| CVE-2022-46342 | 0.00 | — | 0.01 | Dec 14, 2022 | A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se | |||
| CVE-2022-46343 | 0.00 | — | 0.02 | Dec 14, 2022 | A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and… | |||
| CVE-2022-3553 | 0.00 | — | 0.01 | Oct 17, 2022 | A vulnerability, which was classified as problematic, was found in X.org Server. This affects an unknown part of the file hw/xquartz/X11Controller.m of the component xquartz. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The… | |||
| CVE-2022-3551 | 0.00 | — | 0.02 | Oct 17, 2022 | A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of… | |||
| CVE-2022-3550 | 0.00 | — | 0.01 | Oct 17, 2022 | A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of… | |||
| CVE-2022-2320 | 0.00 | — | 0.01 | Sep 1, 2022 | A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw… | |||
| CVE-2022-2319 | 0.00 | — | 0.00 | Sep 1, 2022 | A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length. | |||
| CVE-2022-0175 | 0.00 | — | 0.00 | Aug 26, 2022 | A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the… | |||
| CVE-2021-42523 | 0.00 | — | 0.01 | Aug 25, 2022 | There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use, while libxml2 emphasizes that the caller needs to… | |||
| CVE-2022-1215 | 0.00 | — | 0.00 | May 31, 2022 | A format string vulnerability was found in libinput | |||
| CVE-2021-4011 | 0.00 | — | 0.01 | Dec 17, 2021 | A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||
| CVE-2021-4009 | 0.00 | — | 0.01 | Dec 17, 2021 | A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||
| CVE-2021-4010 | 0.00 | — | 0.01 | Dec 17, 2021 | A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||
| CVE-2021-4008 | 0.00 | — | 0.01 | Dec 17, 2021 | A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||
| CVE-2021-3594 | 0.00 | — | 0.00 | Jun 15, 2021 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to… | |||
| CVE-2021-3593 | 0.00 | — | 0.00 | Jun 15, 2021 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to… | |||
| CVE-2021-3592 | 0.00 | — | 0.00 | Jun 15, 2021 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use… | |||
| CVE-2020-27748 | 0.00 | — | 0.01 | Jun 1, 2021 | A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could potentially send a victim a URI that automatically… | |||
| CVE-2020-25697 | 0.00 | — | 0.00 | May 26, 2021 | A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to. | |||
| CVE-2020-35512 | 0.00 | — | 0.00 | Feb 15, 2021 | A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may… | |||
| CVE-2020-14360 | 0.00 | — | 0.00 | Jan 20, 2021 | A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||
| CVE-2020-25712 | 0.00 | — | 0.00 | Dec 15, 2020 | A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||
| CVE-2020-29130 | 0.00 | — | 0.02 | Nov 26, 2020 | slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | |||
| CVE-2020-14355 | 0.00 | — | 0.03 | Oct 7, 2020 | Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send… | |||
| CVE-2020-14345 | 0.00 | — | 0.01 | Sep 15, 2020 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||
| CVE-2020-14361 | 0.00 | — | 0.01 | Sep 15, 2020 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system… | |||
| CVE-2020-14346 | 0.00 | — | 0.01 | Sep 15, 2020 | A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as… | |||
| CVE-2020-14362 | 0.00 | — | 0.01 | Sep 15, 2020 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system… | |||
| CVE-2020-14363 | 0.00 | — | 0.01 | Sep 11, 2020 | An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to… | |||
| CVE-2020-14344 | 0.00 | — | 0.00 | Aug 5, 2020 | An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No… | |||
| CVE-2020-10756 | 0.00 | — | 0.01 | Jul 9, 2020 | An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents… | |||
| CVE-2020-12049 | 0.00 | — | 0.01 | Jun 8, 2020 | An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's… | |||
| CVE-2020-1983 | 0.00 | — | 0.02 | Apr 22, 2020 | A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. | |||
| CVE-2020-8608 | 0.00 | — | 0.02 | Feb 6, 2020 | In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. | |||
| CVE-2020-7039 | 0.00 | — | 0.04 | Jan 16, 2020 | tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. | |||
| CVE-2012-2142 | 0.00 | — | 0.03 | Jan 9, 2020 | The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. | |||
| CVE-2019-20367 | 0.00 | — | 0.03 | Jan 8, 2020 | nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). | |||
| CVE-2019-15890 | 0.00 | — | 0.04 | Sep 6, 2019 | libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. |
- CVE-2020-18651Aug 22, 2023risk 0.00cvss —epss 0.01
Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame.
- CVE-2020-36023Aug 11, 2023risk 0.00cvss —epss 0.01
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
- CVE-2020-36024Aug 11, 2023risk 0.00cvss —epss 0.01
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
- CVE-2023-3138Jun 28, 2023risk 0.00cvss —epss 0.02
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array…
- CVE-2023-1393Mar 30, 2023risk 0.00cvss —epss 0.00
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will…
- CVE-2023-0494Mar 27, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where…
- CVE-2022-46285Feb 7, 2023risk 0.00cvss —epss 0.01
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.
- CVE-2022-44617Feb 6, 2023risk 0.00cvss —epss 0.01
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.
- CVE-2022-46341Dec 14, 2022risk 0.00cvss —epss 0.03
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is…
- CVE-2022-46344Dec 14, 2022risk 0.00cvss —epss 0.03
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on…
- CVE-2022-46340Dec 14, 2022risk 0.00cvss —epss 0.02
A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can…
- CVE-2022-4283Dec 14, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems…
- CVE-2022-46342Dec 14, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se
- CVE-2022-46343Dec 14, 2022risk 0.00cvss —epss 0.02
A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and…
- CVE-2022-3553Oct 17, 2022risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, was found in X.org Server. This affects an unknown part of the file hw/xquartz/X11Controller.m of the component xquartz. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The…
- CVE-2022-3551Oct 17, 2022risk 0.00cvss —epss 0.02
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of…
- CVE-2022-3550Oct 17, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of…
- CVE-2022-2320Sep 1, 2022risk 0.00cvss —epss 0.01
A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw…
- CVE-2022-2319Sep 1, 2022risk 0.00cvss —epss 0.00
A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
- CVE-2022-0175Aug 26, 2022risk 0.00cvss —epss 0.00
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the…
- CVE-2021-42523Aug 25, 2022risk 0.00cvss —epss 0.01
There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use, while libxml2 emphasizes that the caller needs to…
- CVE-2022-1215May 31, 2022risk 0.00cvss —epss 0.00
A format string vulnerability was found in libinput
- CVE-2021-4011Dec 17, 2021risk 0.00cvss —epss 0.01
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- CVE-2021-4009Dec 17, 2021risk 0.00cvss —epss 0.01
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- CVE-2021-4010Dec 17, 2021risk 0.00cvss —epss 0.01
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- CVE-2021-4008Dec 17, 2021risk 0.00cvss —epss 0.01
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- CVE-2021-3594Jun 15, 2021risk 0.00cvss —epss 0.00
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to…
- CVE-2021-3593Jun 15, 2021risk 0.00cvss —epss 0.00
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to…
- CVE-2021-3592Jun 15, 2021risk 0.00cvss —epss 0.00
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use…
- CVE-2020-27748Jun 1, 2021risk 0.00cvss —epss 0.01
A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could potentially send a victim a URI that automatically…
- CVE-2020-25697May 26, 2021risk 0.00cvss —epss 0.00
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
- CVE-2020-35512Feb 15, 2021risk 0.00cvss —epss 0.00
A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may…
- CVE-2020-14360Jan 20, 2021risk 0.00cvss —epss 0.00
A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- CVE-2020-25712Dec 15, 2020risk 0.00cvss —epss 0.00
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- CVE-2020-29130Nov 26, 2020risk 0.00cvss —epss 0.02
slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
- CVE-2020-14355Oct 7, 2020risk 0.00cvss —epss 0.03
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send…
- CVE-2020-14345Sep 15, 2020risk 0.00cvss —epss 0.01
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- CVE-2020-14361Sep 15, 2020risk 0.00cvss —epss 0.01
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system…
- CVE-2020-14346Sep 15, 2020risk 0.00cvss —epss 0.01
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as…
- CVE-2020-14362Sep 15, 2020risk 0.00cvss —epss 0.01
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system…
- CVE-2020-14363Sep 11, 2020risk 0.00cvss —epss 0.01
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to…
- CVE-2020-14344Aug 5, 2020risk 0.00cvss —epss 0.00
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No…
- CVE-2020-10756Jul 9, 2020risk 0.00cvss —epss 0.01
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents…
- CVE-2020-12049Jun 8, 2020risk 0.00cvss —epss 0.01
An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's…
- CVE-2020-1983Apr 22, 2020risk 0.00cvss —epss 0.02
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
- CVE-2020-8608Feb 6, 2020risk 0.00cvss —epss 0.02
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
- CVE-2020-7039Jan 16, 2020risk 0.00cvss —epss 0.04
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
- CVE-2012-2142Jan 9, 2020risk 0.00cvss —epss 0.03
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
- CVE-2019-20367Jan 8, 2020risk 0.00cvss —epss 0.03
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).
- CVE-2019-15890Sep 6, 2019risk 0.00cvss —epss 0.04
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
Page 4 of 8