Lucene search
+L

1040 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in GIMP

GIMP XWD File Parsing: Out-of-Bounds Write Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The...

7.8CVSS7.5AI score0.00622EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server. This integer underflow vulnerability, specifically related to the handling of the XKB compatibility map, allows an attacker with local or remote X11 server access to trigger a buffer read overflow. This can lead to memory safety violations and...

7.8CVSS7.1AI score0.0038EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 4:17 a.m.19 views

CVE-2026-55655

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

6.1CVSS0.0009EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 3:36 a.m.13 views

EUVD-2026-38413

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

5CVSS5.7AI score0.0009EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 3:36 a.m.13 views

CVE-2026-55655

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

6.1CVSS5.7AI score0.0009EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/23 3:36 a.m.17 views

CVE-2026-55655

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

6.1CVSS5.7AI score0.0009EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/22 2:43 a.m.5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/22 2:43 a.m.6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS5.7AI score0.0014EPSS
Exploits0References7
Rockylinux
Rockylinux
added 2026/06/19 12:3 a.m.10 views

xorg-x11-server-Xwayland security, bug fix, and enhancement update

An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Xwayland is an X server for running X clients under Wayland...

7.8CVSS5.8AI score0.00165EPSS
Exploits0
OSV
OSV
added 2026/06/19 12:1 a.m.9 views

RLSA-2026:26709 Important: xorg-x11-server security, bug fix, and enhancement update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution du...

7.8CVSS5.7AI score0.00165EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/06/17 12:19 p.m.10 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.4AI score0.00148EPSS
Exploits0References7
AlmaLinux
AlmaLinux
added 2026/06/17 12:0 a.m.16 views

Important: xorg-x11-server security, bug fix, and enhancement update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution du...

7.8CVSS5.7AI score0.00165EPSS
Exploits0References20
BDU FSTEC
BDU FSTEC
added 2026/06/15 12:0 a.m.4 views

The vulnerability of the _XkbSetMapChecks() function in the Wayland protocol implementation for X.Org XWaylan, as well as in the X.Org Server implementation of the X Window System, allows a malicious actor to gain elevated privileges and cause service failures.

The vulnerability of the XkbSetMapChecks function in the Wayland protocol implementation for X.Org XWaylan, as well as in the X.Org Server implementation of the X Window System, is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow...

7.8CVSS6.1AI score0.00165EPSS
Exploits0References7Affected Software3
Fedora
Fedora
added 2026/06/10 1:9 a.m.25 views

[SECURITY] Fedora 43 Update: xorg-x11-server-21.1.23-1.fc43

X.Org X11 X server...

5.4AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 8:2 a.m.10 views

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb key types due to unchecked shift levels

...

7.8CVSS5.4AI score0.00161EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 8:1 a.m.13 views

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in syncchangecounter()

...

7.8CVSS5.4AI score0.0014EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

Amazon Linux 2023 : xorg-x11-server-common, xorg-x11-server-devel, xorg-x11-server-source (ALAS2023-2026-1790)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1790 advisory. A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer...

7.8CVSS7.4AI score0.00485EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/06/06 2:45 a.m.10 views

SUSE CVE-2026-50263

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...

5.5CVSS5.4AI score0.00141EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/05 10:36 a.m.14 views

EUVD-2026-34817

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS5.4AI score0.0014EPSS
Exploits0References5
OSV
OSV
added 2026/06/05 10:36 a.m.1 views

CVE-2026-50261 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in syncchangecounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS6.9AI score0.0014EPSS
Exploits0References29
Rows per page
Query Builder