805 matches found
xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling
A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...
xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption
A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...
TencentOS Server 3: xorg-x11-server-Xwayland (TSSA-2026:0351)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0351 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Astra Linux – Vulnerability in xorg-server
A flaw was discovered in the X.Org server. Both DeviceFocusEvent and XIQueryPointer responses contain a bit for each logical button that is currently active. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server only allocates space for the specific number of buttons on...
Astra Linux – Vulnerability in xorg-server, xwayland
A heap-based buffer overflow vulnerability was discovered in the X.org server’s ProcXIGetSelectedEvents function. This issue occurs when length values that are swapped in bytes are used in replies. This can potentially lead to memory leakage and segmentation faults, especially when triggered by a...
Astra Linux – Vulnerability in xorg-server
A heap buffer overflow flaw was discovered in the DisableDevice function of the X.Org server. This issue may cause an application to crash, or in some cases, lead to remote code execution in SSH X11 forwarding environments...
EUVD-2026-27341
A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...
Important: tigervnc security update
Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...
ALSA-2026:13414 Important: tigervnc security update
Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...
CVE-2026-34003 Xorg: xwayland: x.org x server: information exposure and denial of service via out-of-bounds memory access
A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...
PT-2026-46938
Name of the Vulnerable Software and Affected Versions X.Org X server affected versions not specified Xwayland affected versions not specified Description A stack-based buffer overflow exists in the X.Org X server and Xwayland. The issue occurs because the CheckKeyTypes function fails to verify or...
Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005920)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005920 advisory. A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap- buffer overflow may lead to a privilege escalation vulnerabilit...
MiracleLinux 7 : tigervnc-1.8.0-25.el7, xorg-x11-server-1.20.4-23.el7 (AXSA:2023-5250:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5250:02 advisory. xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability CVE-2023-1393 Tenable has extracted the preceding...
Moderate: Red Hat Security Advisory: xorg-x11-server-Xwayland security update
An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
xorg: xwayland: Use-after-free in Xkb client resource removal
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
xorg: xwayland: Use-after-free in Xkb client resource removal
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
xorg: xmayland: Value overflow in XkbSetCompatMap()
A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...
xorg: xwayland: Use-after-free in Xkb client resource removal
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
Alibaba Cloud Linux 3 : 0169: xorg-x11-server (ALINUX3-SA-2025:0169)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0169 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-62229: A flaw was found in the...
RLSA-2025:19434 Moderate: xorg-x11-server security update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland:...