EUVD-2025-5424

Malicious code in bioql PyPI...

xorg: xwayland: Use of uninitialized pointer in compRedirectWindow()

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

xorg: xwayland: Use of uninitialized pointer in compRedirectWindow()

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

CBL Mariner 2.0 Security Update: xorg-x11-server / xorg-x11-server-Xwayland (CVE-2025-26599)

The version of xorg-x11-server / xorg-x11-server-Xwayland installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-26599 advisory. - An access to an uninitialized pointer flaw was found in X.Org and...

CVE-2025-26599

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

CVE-2025-26599

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

AZL-57318 CVE-2025-26599 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

CVE-2025-26599 Xorg: xwayland: use of uninitialized pointer in compredirectwindow()

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

CVE-2025-26599

CVE-2025-26599 (X.Org / Xwayland) : An access to an uninitialized pointer flaw exists in compRedirectWindow() when compCheckRedirect() cannot allocate backing pixmap, causing BadAlloc and partly initialized validated data. This affects X.Org/Xwayland components and is listed in multiple advisorie...

CVE-2025-26599

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

X.Org和Xwayland 缓冲区错误漏洞

X.Org is an open source free software from the X.Org Foundation.Xwayland is an open source communication protocol from Xwayland that specifies how a display server communicates with its clients. A buffer error vulnerability exists in X.Org and Xwayland that stems from the compRedirectWindow...

PT-2025-7897 · Xwayland +12 · Xwayland +12

Name of the Vulnerable Software and Affected Versions: X.Org and Xwayland affected versions not specified Description: An issue was found where the function compCheckRedirect may fail to allocate the backing pixmap, leading to a BadAlloc error. This error occurs without validating the window tree...

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw related to accessing an uninitialized pointer was discovered in X.Org and Xwayland. The compCheckRedirect function may fail if it cannot allocate the backing pixmap. In such cases, compRedirectWindow will return a BadAlloc error without validating the window tree just before processing; as...

Siemens SCALANCE Switch Families

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Critical Flaw Discovered in Cisco APIC for Switches — Patch Released

Cisco Systems on Wednesday issued patches to address a critical security vulnerability affecting the Application Policy Infrastructure Controller APIC interface used in its Nexus 9000 Series Switches that could be potentially abused to read or write arbitrary files on a vulnerable system. Tracked...

Cisco Issues Critical Fixes for High-End Nexus Gear

Cisco Systems released six security patches tied to its high-end 9000 series networking gear ranging in importance from critical, high and medium severity. The most serious of the bugs patched by Cisco rated 9.1 out of 10 could allow a remote and unauthenticated adversary to read or write arbitra...

BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

Summary On August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System RTOS is affected by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a collection of vulnerabilities affecting multiple RTOSs and supporting libraries.1 A remote attacker could exploit...

Cars and hospital equipment running Blackberry QNX may be affected by BadAlloc vulnerability

Following an announcement by Blackberry the U.S. Food & Drug Administration FDA and the Cybersecurity & Infrastructure Security Agency CISA have put out alerts that vulnerabilities found in the Blackberry QNX real-time operating system RTOS may introduce risks for certain medical devices...

BadAlloc Flaw Affects BlackBerry QNX Used in Millions of Cars and Medical Devices

A major vulnerability affecting older versions of BlackBerry's QNX Real-Time Operating System RTOS could allow malicious actors to cripple and gain control of a variety of products, including cars, medical, and industrial equipment. The shortcoming CVE-2021-22156, CVSS score: 9.0 is part of a...

Memory Bugs in BlackBerry’s QNX Embedded OS Open Devices to Attacks

The potential danger from a raft of memory-allocation bugs discovered by Microsoft in April has now spread to older versions of multiple BlackBerry QNX products. The Cybersecurity Infrastructure and Security Agency CISA and BlackBerry warned in separate alerts Tuesday that threat actors can take...