Vendor CVEs
Xorg
All CVEs
379 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-12749 | 0.00 | — | 0.01 | Jun 11, 2019 | dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of… | |||
| CVE-2019-9903 | 0.00 | — | 0.02 | Mar 21, 2019 | PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. | |||
| CVE-2019-6461 | 0.00 | — | 0.02 | Jan 16, 2019 | An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c. | |||
| CVE-2019-6133 | 0.00 | — | 0.00 | Jan 11, 2019 | In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. | |||
| CVE-2018-14599 | Cri | 0.00 | 9.8 | 0.05 | Aug 24, 2018 | An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. | ||
| CVE-2018-14598 | Hig | 0.00 | 7.5 | 0.04 | Aug 24, 2018 | An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault). | ||
| CVE-2015-9262 | Cri | 0.00 | 9.8 | 0.06 | Aug 1, 2018 | _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. | ||
| CVE-2017-2625 | Med | 0.00 | 6.5 | 0.01 | Jul 27, 2018 | It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users'… | ||
| CVE-2018-14036 | Med | 0.00 | 6.5 | 0.03 | Jul 13, 2018 | Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c. | ||
| CVE-2017-18266 | Hig | 0.00 | 8.8 | 0.02 | May 10, 2018 | The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by %s… | ||
| CVE-2017-18238 | Med | 0.00 | 5.5 | 0.01 | Mar 15, 2018 | An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file. | ||
| CVE-2017-18237 | Med | 0.00 | 5.5 | 0.01 | Mar 15, 2018 | An issue was discovered in Exempi before 2.4.3. The PostScript_Support::ConvertToDate function in XMPFiles/source/FormatSupport/PostScript_Support.cpp allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted .ps file. | ||
| CVE-2017-18236 | Med | 0.00 | 5.5 | 0.02 | Mar 15, 2018 | An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file. | ||
| CVE-2017-18235 | Med | 0.00 | 5.5 | 0.01 | Mar 15, 2018 | An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBP_Support.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted… | ||
| CVE-2017-18234 | Hig | 0.00 | 7.8 | 0.02 | Mar 15, 2018 | An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to… | ||
| CVE-2017-18233 | Med | 0.00 | 5.5 | 0.02 | Mar 15, 2018 | An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file. | ||
| CVE-2018-7731 | Med | 0.00 | 5.5 | 0.01 | Mar 6, 2018 | An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class. | ||
| CVE-2018-7730 | Med | 0.00 | 5.5 | 0.01 | Mar 6, 2018 | An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function. | ||
| CVE-2018-7729 | Med | 0.00 | 5.5 | 0.01 | Mar 6, 2018 | An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp. | ||
| CVE-2018-7728 | Med | 0.00 | 5.5 | 0.01 | Mar 6, 2018 | An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp. | ||
| CVE-2017-12187 | Cri | 0.00 | 9.8 | 0.03 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12186 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12185 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12184 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12183 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12182 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12181 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12180 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12179 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12178 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12177 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2017-12176 | Cri | 0.00 | 9.8 | 0.04 | Jan 24, 2018 | xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | ||
| CVE-2015-3255 | 0.00 | — | 0.00 | Oct 26, 2015 | The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions. | |||
| CVE-2015-5199 | 0.00 | — | 0.01 | Sep 8, 2015 | Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable. | |||
| CVE-2015-3164 | 0.00 | — | 0.00 | Jul 1, 2015 | The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket. | |||
| CVE-2013-7439 | 0.00 | — | 0.04 | Apr 16, 2015 | Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. | |||
| CVE-2015-1804 | 0.00 | — | 0.05 | Mar 20, 2015 | The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly… | |||
| CVE-2015-1803 | 0.00 | — | 0.05 | Mar 20, 2015 | The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and… | |||
| CVE-2015-1802 | 0.00 | — | 0.05 | Mar 20, 2015 | The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property… | |||
| CVE-2015-0255 | 0.00 | — | 0.04 | Feb 13, 2015 | X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request. | |||
| CVE-2015-0245 | 0.00 | — | 0.00 | Feb 13, 2015 | D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving… | |||
| CVE-2014-9622 | 0.00 | — | 0.03 | Jan 21, 2015 | Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open. | |||
| CVE-2014-8103 | 0.00 | — | 0.03 | Dec 10, 2014 | X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) sproc_dri3_query_version,… | |||
| CVE-2014-8102 | 0.00 | — | 0.04 | Dec 10, 2014 | The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or… | |||
| CVE-2014-8101 | 0.00 | — | 0.04 | Dec 10, 2014 | The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a… | |||
| CVE-2014-8100 | 0.00 | — | 0.04 | Dec 10, 2014 | The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a… | |||
| CVE-2014-8099 | 0.00 | — | 0.04 | Dec 10, 2014 | The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a… | |||
| CVE-2014-8098 | 0.00 | — | 0.05 | Dec 10, 2014 | The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a… | |||
| CVE-2014-8097 | 0.00 | — | 0.04 | Dec 10, 2014 | The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or… | |||
| CVE-2014-8096 | 0.00 | — | 0.05 | Dec 10, 2014 | The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly… |
- CVE-2019-12749Jun 11, 2019risk 0.00cvss —epss 0.01
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of…
- CVE-2019-9903Mar 21, 2019risk 0.00cvss —epss 0.02
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.
- CVE-2019-6461Jan 16, 2019risk 0.00cvss —epss 0.02
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
- CVE-2019-6133Jan 11, 2019risk 0.00cvss —epss 0.00
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
- risk 0.00cvss 9.8epss 0.05
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
- risk 0.00cvss 7.5epss 0.04
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).
- risk 0.00cvss 9.8epss 0.06
_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow.
- risk 0.00cvss 6.5epss 0.01
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users'…
- risk 0.00cvss 6.5epss 0.03
Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.
- risk 0.00cvss 8.8epss 0.02
The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by %s…
- risk 0.00cvss 5.5epss 0.01
An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.
- risk 0.00cvss 5.5epss 0.01
An issue was discovered in Exempi before 2.4.3. The PostScript_Support::ConvertToDate function in XMPFiles/source/FormatSupport/PostScript_Support.cpp allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted .ps file.
- risk 0.00cvss 5.5epss 0.02
An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.
- risk 0.00cvss 5.5epss 0.01
An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBP_Support.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted…
- risk 0.00cvss 7.8epss 0.02
An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to…
- risk 0.00cvss 5.5epss 0.02
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.
- risk 0.00cvss 5.5epss 0.01
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class.
- risk 0.00cvss 5.5epss 0.01
An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.
- risk 0.00cvss 5.5epss 0.01
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp.
- risk 0.00cvss 5.5epss 0.01
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.
- risk 0.00cvss 9.8epss 0.03
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- risk 0.00cvss 9.8epss 0.04
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
- CVE-2015-3255Oct 26, 2015risk 0.00cvss —epss 0.00
The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.
- CVE-2015-5199Sep 8, 2015risk 0.00cvss —epss 0.01
Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable.
- CVE-2015-3164Jul 1, 2015risk 0.00cvss —epss 0.00
The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.
- CVE-2013-7439Apr 16, 2015risk 0.00cvss —epss 0.04
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.
- CVE-2015-1804Mar 20, 2015risk 0.00cvss —epss 0.05
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly…
- CVE-2015-1803Mar 20, 2015risk 0.00cvss —epss 0.05
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and…
- CVE-2015-1802Mar 20, 2015risk 0.00cvss —epss 0.05
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property…
- CVE-2015-0255Feb 13, 2015risk 0.00cvss —epss 0.04
X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.
- CVE-2015-0245Feb 13, 2015risk 0.00cvss —epss 0.00
D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving…
- CVE-2014-9622Jan 21, 2015risk 0.00cvss —epss 0.03
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
- CVE-2014-8103Dec 10, 2014risk 0.00cvss —epss 0.03
X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) sproc_dri3_query_version,…
- CVE-2014-8102Dec 10, 2014risk 0.00cvss —epss 0.04
The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or…
- CVE-2014-8101Dec 10, 2014risk 0.00cvss —epss 0.04
The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…
- CVE-2014-8100Dec 10, 2014risk 0.00cvss —epss 0.04
The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…
- CVE-2014-8099Dec 10, 2014risk 0.00cvss —epss 0.04
The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…
- CVE-2014-8098Dec 10, 2014risk 0.00cvss —epss 0.05
The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a…
- CVE-2014-8097Dec 10, 2014risk 0.00cvss —epss 0.04
The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or…
- CVE-2014-8096Dec 10, 2014risk 0.00cvss —epss 0.05
The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly…
Page 5 of 8