VYPR

Vendor CVEs

Xorg

All CVEs

379 total · sorted by risk
  • CVE-2019-12749Jun 11, 2019
    risk 0.00cvss epss 0.01

    dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of…

  • CVE-2019-9903Mar 21, 2019
    risk 0.00cvss epss 0.02

    PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.

  • CVE-2019-6461Jan 16, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.

  • CVE-2019-6133Jan 11, 2019
    risk 0.00cvss epss 0.00

    In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.

  • CVE-2018-14599CriAug 24, 2018
    risk 0.00cvss 9.8epss 0.05

    An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.

  • CVE-2018-14598HigAug 24, 2018
    risk 0.00cvss 7.5epss 0.04

    An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).

  • CVE-2015-9262CriAug 1, 2018
    risk 0.00cvss 9.8epss 0.06

    _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow.

  • CVE-2017-2625MedJul 27, 2018
    risk 0.00cvss 6.5epss 0.01

    It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users'…

  • CVE-2018-14036MedJul 13, 2018
    risk 0.00cvss 6.5epss 0.03

    Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.

  • CVE-2017-18266HigMay 10, 2018
    risk 0.00cvss 8.8epss 0.02

    The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by %s…

  • CVE-2017-18238MedMar 15, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.

  • CVE-2017-18237MedMar 15, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in Exempi before 2.4.3. The PostScript_Support::ConvertToDate function in XMPFiles/source/FormatSupport/PostScript_Support.cpp allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted .ps file.

  • CVE-2017-18236MedMar 15, 2018
    risk 0.00cvss 5.5epss 0.02

    An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.

  • CVE-2017-18235MedMar 15, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBP_Support.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted…

  • CVE-2017-18234HigMar 15, 2018
    risk 0.00cvss 7.8epss 0.02

    An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to…

  • CVE-2017-18233MedMar 15, 2018
    risk 0.00cvss 5.5epss 0.02

    An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.

  • CVE-2018-7731MedMar 6, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class.

  • CVE-2018-7730MedMar 6, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.

  • CVE-2018-7729MedMar 6, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp.

  • CVE-2018-7728MedMar 6, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.

  • CVE-2017-12187CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.03

    xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12186CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12185CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12184CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12183CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12182CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12181CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12180CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12179CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12178CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12177CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2017-12176CriJan 24, 2018
    risk 0.00cvss 9.8epss 0.04

    xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

  • CVE-2015-3255Oct 26, 2015
    risk 0.00cvss epss 0.00

    The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.

  • CVE-2015-5199Sep 8, 2015
    risk 0.00cvss epss 0.01

    Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable.

  • CVE-2015-3164Jul 1, 2015
    risk 0.00cvss epss 0.00

    The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.

  • CVE-2013-7439Apr 16, 2015
    risk 0.00cvss epss 0.04

    Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.

  • CVE-2015-1804Mar 20, 2015
    risk 0.00cvss epss 0.05

    The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly…

  • CVE-2015-1803Mar 20, 2015
    risk 0.00cvss epss 0.05

    The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and…

  • CVE-2015-1802Mar 20, 2015
    risk 0.00cvss epss 0.05

    The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property…

  • CVE-2015-0255Feb 13, 2015
    risk 0.00cvss epss 0.04

    X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.

  • CVE-2015-0245Feb 13, 2015
    risk 0.00cvss epss 0.00

    D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving…

  • CVE-2014-9622Jan 21, 2015
    risk 0.00cvss epss 0.03

    Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.

  • CVE-2014-8103Dec 10, 2014
    risk 0.00cvss epss 0.03

    X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) sproc_dri3_query_version,…

  • CVE-2014-8102Dec 10, 2014
    risk 0.00cvss epss 0.04

    The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or…

  • CVE-2014-8101Dec 10, 2014
    risk 0.00cvss epss 0.04

    The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…

  • CVE-2014-8100Dec 10, 2014
    risk 0.00cvss epss 0.04

    The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…

  • CVE-2014-8099Dec 10, 2014
    risk 0.00cvss epss 0.04

    The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…

  • CVE-2014-8098Dec 10, 2014
    risk 0.00cvss epss 0.05

    The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…

  • CVE-2014-8097Dec 10, 2014
    risk 0.00cvss epss 0.04

    The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or…

  • CVE-2014-8096Dec 10, 2014
    risk 0.00cvss epss 0.05

    The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly…

Page 5 of 8