65 matches found
Astra Linux – Vulnerability in xwayland, xorg-server
A flaw was discovered in the handling of animated cursors by the X Rendering extension. If a client does not provide any cursors, the server assumes that at least one is present. This can lead to an out-of-bounds read and potential crash...
Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.313 Vulnerability Details CVEID:CVE-2025-49177 DESCRIPTION: A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a clie...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xorg-x11-server (UTSA-2026-006181)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006181 advisory. A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to...
MiracleLinux 7 : xorg-x11-server-1.20.4-99.0.6.el7.AXS7 (AXSA:2025-10912:05)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10912:05 advisory. CVE-2025-49178: fix request handling flaw causing potential denial of service CVEs: CVE-2025-49178 A flaw was found in the X server's request...
TencentOS Server 4: xorg-x11-server-Xwayland (TSSA-2025:0757)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0757 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 4: xorg-x11-server (TSSA-2025:0760)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0760 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
AIX is vulnerable to a denial of service (CVE-2025-49175 CVE-2025-49178) and an integer overflow (CVE-2025-49176 CVE-2025-49179)
IBM SECURITY ADVISORY First Issued: Mon Oct 13 08:46:48 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/xorgadvisory4.asc Security Bulletin: AIX is vulnerable to a denial of service CVE-2025-49175, CVE-2025-49178 and an integer...
Unity Linux 20.1060a / 20.1070a Security Update: tigervnc (UTSA-2025-986126)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986126 advisory. A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to...
EUVD-2025-18502
Malicious code in bioql PyPI...
Azure Linux 3.0 Security Update: xorg-x11-server / xorg-x11-server-Xwayland (CVE-2025-49175)
The version of xorg-x11-server / xorg-x11-server-Xwayland installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49175 advisory. - A flaw was found in the X Rendering extension's handling of animated...
Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors
...
CLSA-2025-1752921642 tigervnc: Fix of CVE-2025-49175
CVE-2025-49175: fix out-of-bounds read in handling of animated cursors...
Medium: xorg-x11-server
Issue Overview: A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. CVE-2025-49175 A flaw was found in the Big Requests extension. The reque...
Medium: xorg-x11-server-Xwayland
Issue Overview: A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. CVE-2025-49175 A flaw was found in the Big Requests extension. The reque...
Amazon Linux 2 : tigervnc (ALAS-2025-2917)
The version of tigervnc installed on the remote host is prior to 1.8.0-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2917 advisory. A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the serve...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...