xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

RHEL 7 : xorg-x11-server (RHSA-2026:20590)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20590 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical us...

CVE-2026-34000

The CVE-2026-34000 issue affects the X.Org X server (Xwayland context) with an out-of-bounds read in XKB geometry processing, specifically in CheckSetGeom() and XkbAddGeomKeyAlias. An attacker with an X11 connection, locally or remotely, can read uninitialized/out-of-bounds memory and may crash t...

MiracleLinux 3 : xorg-x11-server-1.1.1-48.90.0.1.AXS3 (AXSA:2012-271:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-271:01 advisory. X.Org X11 X server Security issues fixed with this release: CVE-2011-4028 No information available at the time of writing, please refer to the CVE links below...

EUVD-2017-2609

Malware in sbrugna...

EUVD-2008-1384

Malware in sbrugna...

EUVD-2017-3754

Malware in sbrugna...

EUVD-2005-0135

Malware in sbrugna...

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

PT-2025-25689

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a...

libX11: out-of-bounds memory access in _XkbReadKeySyms()

A vulnerability was found in libX11 due to a boundary condition within the XkbReadKeySyms function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system...

CVE-2020-28049

An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display contents an...

CVE-2011-4613

The X.Org X wrapper xserver-wrapper.c in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY...

CVE-2008-2360

Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow...

X.org MIT-SHM extension arbitrary memory read

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height...

Xorg / XFree86 file existence disclosure vulnerability

X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists...

Multiple X servers fail to properly allocate memory for large pixmaps

Overview Multiple X Window System servers contain a pixmap memory allocation flaw that may allow local users to execute code with elevated privileges. Description Multiple X Window System server applications share code that may contain a flaw in the memory allocation for large pixmaps. The affect...

CVE-2002-0987

X server Xsco in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges...

Caldera X Server 7.1/8.0 - External Program Privileged Invocation

source: https://www.securityfocus.com/bid/5575/info Caldera's X Server implementation invokes external commands without dropping existing privilege levels. Xserver calls xkbcomp, and other related utilities, in an unsecure manner using the popen or system calls. While this would not typically be ...

Apple Mac OSX Server 10.0 - Overload

Apple Mac OSX Server 10.0 - Overload source: https://www.securityfocus.com/bid/306/info A vulnerability in the MacOS X Server may crash it while under heavy load. The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP...