Lucene search
+L

5134 matches found

redhat
redhat
added 2026/07/08 9:30 a.m.6 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

7.8CVSS7AI score0.00165EPSS
Exploits0References10
redhat
redhat
added 2026/07/08 9:30 a.m.6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS6.9AI score0.00154EPSS
Exploits0References7
redhat
redhat
added 2026/07/08 9:30 a.m.7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS6AI score0.00148EPSS
Exploits0References7
redhat
redhat
added 2026/07/08 9:19 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS6.9AI score0.0014EPSS
Exploits0References7
redhat
redhat
added 2026/07/08 9:19 a.m.6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS7.5AI score0.00165EPSS
Exploits0References7
redhat
redhat
added 2026/07/08 9:19 a.m.6 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

7.8CVSS7AI score0.00165EPSS
Exploits0References10
redhat
redhat
added 2026/07/08 9:19 a.m.6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...

5.5CVSS6.1AI score0.00132EPSS
Exploits0References7
redhat
redhat
added 2026/07/08 9:19 a.m.7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS6.9AI score0.00154EPSS
Exploits0References7
redhat
redhat
added 2026/07/08 9:19 a.m.6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel XkbNumKbdGroups but CheckKeyTypes does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift...

7.8CVSS7.3AI score0.00161EPSS
Exploits0References7
redhat
redhat
added 2026/07/08 9:19 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
nvd
nvd
added 2026/07/08 9:16 a.m.8 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS0.00192EPSS
Exploits0References2
osv
osv
added 2026/07/08 8:7 a.m.4 views

CVE-2026-55999 xorg-server / xwayland glamor font atlas Heap Buffer Overflow

Local attackers with a X connection able to provide PCX fonts to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a heap buffer overflow via SetFont due to missing glyph boundary checks...

8.5CVSS6.2AI score0.00212EPSS
Exploits0References5
cvelist
cvelist
added 2026/07/08 8:7 a.m.35 views

CVE-2026-55999 xorg-server / xwayland glamor font atlas Heap Buffer Overflow

Local attackers with a X connection able to provide PCX fonts to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a heap buffer overflow via SetFont due to missing glyph boundary checks...

8.5CVSS0.00212EPSS
Exploits0References2
cve
cve
added 2026/07/08 8:7 a.m.21 views

CVE-2026-55999

CVE-2026-55999 affects xorg-server (before 21.2.24) and xwayland (before 24.1.13). A local attacker with a X connection can trigger a heap buffer overflow in glamor font atlas via SetFont due to missing glyph boundary checks. Impact is a potential heap corruption, with high likelihood of exploita...

8.5CVSS6.2AI score0.00212EPSS
Exploits0References2Affected Software2
euvd
euvd
added 2026/07/08 8:7 a.m.9 views

EUVD-2026-42188

Local attackers with a X connection able to provide PCX fonts to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a heap buffer overflow via SetFont due to missing glyph boundary checks...

8.5CVSS6.2AI score0.00212EPSS
Exploits0References2
osv
osv
added 2026/07/08 7:55 a.m.2 views

SUSE-SU-2026:2792-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issue - CVE-2026-55999: missing bounds check in glamorfontget can lead to a heap buffer overflow when a font loaded from a malicious PCF file is processed bsc1268893...

8.5CVSS6.2AI score0.00212EPSS
Exploits0References3
cvelist
cvelist
added 2026/07/08 7:36 a.m.40 views

CVE-2026-56000 xorg-x11-server / xwayland GLX contextTags Use-After-Free in CommonMakeCurrent()

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS0.00192EPSS
Exploits0References2
osv
osv
added 2026/07/08 7:36 a.m.2 views

CVE-2026-56000 xorg-x11-server / xwayland GLX contextTags Use-After-Free in CommonMakeCurrent()

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6.1AI score0.00192EPSS
Exploits0References5
cve
cve
added 2026/07/08 7:36 a.m.15 views

CVE-2026-56000

CVE-2026-56000 affects the X.org X server stack: specifically xorg-x11-server and xwayland. A Use-After-Free in CommonMakeCurrent() exposes heap corruption when GLX commit data is processed over an X connection, due to a pointer into memory that may be reallocated. Impact is described as local/pr...

9CVSS6AI score0.00192EPSS
Exploits0References2Affected Software2
euvd
euvd
added 2026/07/08 7:36 a.m.7 views

EUVD-2026-42202

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00192EPSS
Exploits0References2
Rows per page
Query Builder