Lucene search
+L

1396 matches found

EUVD
EUVD
added 2026/07/08 7:36 a.m.7 views

EUVD-2026-42202

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00192EPSS
Exploits0References2
CVE
CVE
added 2026/07/08 7:36 a.m.15 views

CVE-2026-56000

CVE-2026-56000 affects the X.org X server stack: specifically xorg-x11-server and xwayland. A Use-After-Free in CommonMakeCurrent() exposes heap corruption when GLX commit data is processed over an X connection, due to a pointer into memory that may be reallocated. Impact is described as local/pr...

9CVSS6AI score0.00192EPSS
Exploits0References2Affected Software2
AlpineLinux
AlpineLinux
added 2026/07/08 7:36 a.m.9 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00192EPSS
Exploits0
OSV
OSV
added 2026/07/08 7:22 a.m.3 views

SUSE-SU-2026:2788-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues - CVE-2026-55999: missing bounds check in glamorfontget can lead to a heap buffer overflow when a font loaded from a malicious PCF file is processed bsc1268893. - CVE-2026-56000: improper memory management in CommonMakeCurrent can lead to...

9CVSS6.2AI score0.00212EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.9 views

PT-2026-56335

Name of the Vulnerable Software and Affected Versions xorg-server versions prior to 21.2.24 xwayland versions prior to 24.1.13 Description Local attackers with an X connection can cause a Heap Use After Free, a condition where the system continues to use a memory address after it has been freed,...

9CVSS6.2AI score0.00192EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-55999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Local attackers with a X connection able to provide PCX fonts to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a heap buffer...

8.5CVSS6.2AI score0.00212EPSS
Exploits0References4
OSV
OSV
added 2026/07/07 10:9 a.m.8 views

RHSA-2026:36086 Red Hat Security Advisory: xorg-x11-server security update

Bulletin has no description...

7.8CVSS5.9AI score0.00165EPSS
Exploits0References49
RedHat Linux
RedHat Linux
added 2026/07/07 6:51 a.m.19 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow()

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...

5.5CVSS6.1AI score0.00141EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:28 a.m.5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS6.9AI score0.0014EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:28 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS7.5AI score0.00165EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:17 a.m.8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:9 a.m.3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.4 views

MiracleLinux 9 : xorg-x11-server-1.20.11-34.el9_8 (AXSA:2026-1212:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-1212:08 advisory. xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X...

7.8CVSS6AI score0.0038EPSS
Exploits0References4
Debian
Debian
added 2026/06/27 9:29 a.m.13 views

[SECURITY] [DSA 6370-1] xorg-server security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6370-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 27, 2026 https://www.debian.org/security/faq -...

7.8CVSS5.8AI score0.00165EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/25 1:15 p.m.9 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...

5.5CVSS5.8AI score0.00132EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/25 1:15 p.m.6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS5.7AI score0.00154EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

AlmaLinux 8 : tigervnc (ALSA-2026:28923)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:28923 advisory. xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch...

7.8CVSS6.2AI score0.00165EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 12:0 a.m.5 views

ALSA-2026:29844 Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS6.1AI score0.00165EPSS
Exploits0References20
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server. This out-of-bounds read vulnerability arises from the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions. It allows an attacker to read uninitialized or out-of-bounds memory. An attacker with access to the X1...

9.1CVSS6.7AI score0.00489EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server’s validation of XKB key type requests. A local attacker could send a specially crafted request to the X server, leading to a vulnerability where out-of-bounds memory access could occur. This could result in the disclosure of sensitive information or cau...

7.8CVSS5.8AI score0.0025EPSS
Exploits0References3
Rows per page
Query Builder