Lucene search
K

10 matches found

OSV
OSV
added 2025/06/17 3:15 p.m.6 views

AZL-64227 CVE-2025-49180 affecting package xorg-x11-server for versions less than 1.20.10-16

A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate...

7.8CVSS6.5AI score0.00279EPSS
Exploits0References1
OSV
OSV
added 2025/06/17 3:15 p.m.4 views

AZL-64235 CVE-2025-49175 affecting package xorg-x11-server for versions less than 1.20.10-16

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...

6.1CVSS7.1AI score0.00285EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2025/03/10 3:8 p.m.10 views

CVE-2025-26596 affecting package xorg-x11-server for versions less than 1.20.10-15

CVE-2025-26596 affecting package xorg-x11-server for versions less than 1.20.10-15. A patched version of the package is available...

7.8CVSS6.9AI score0.00399EPSS
Exploits0
OSV
OSV
added 2025/02/25 4:15 p.m.10 views

AZL-57404 CVE-2025-26596 affecting package xorg-x11-server for versions less than 1.20.10-15

A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms differs from what is written in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...

7.8CVSS7.5AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2025/02/25 4:15 p.m.11 views

AZL-57479 CVE-2025-26597 affecting package xorg-x11-server for versions less than 1.20.10-15

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

7.8CVSS7.4AI score0.00485EPSS
Exploits0References1
OSV
OSV
added 2024/04/04 2:15 p.m.7 views

AZL-39349 CVE-2024-31080 affecting package xorg-x11-server for versions less than 1.20.10-11

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

7.3CVSS7AI score0.00513EPSS
Exploits0References1
OSV
OSV
added 2024/01/18 4:15 p.m.8 views

AZL-33351 CVE-2024-0409 affecting package xorg-x11-server for versions less than 1.20.10-12

A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context...

7.8CVSS7.2AI score0.00356EPSS
Exploits0References1
OSV
OSV
added 2023/09/08 5:15 p.m.8 views

AZL-28695 CVE-2023-39319 affecting package golang for versions less than 1.20.10-1

The html/template package does not apply the proper rules for handling occurrences of " contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack...

6.1CVSS6.6AI score0.00798EPSS
Exploits0References1
OSV
OSV
added 2023/09/08 5:15 p.m.5 views

AZL-52735 CVE-2023-39318 affecting package golang for versions less than 1.20.10-1

The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...

6.1CVSS6.6AI score0.00815EPSS
Exploits0References1
OSV
OSV
added 2023/03/30 9:15 p.m.5 views

AZL-44478 CVE-2023-1393 affecting package xorg-x11-server for versions less than 1.20.10-6

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...

7.8CVSS7.1AI score0.0044EPSS
Exploits0References1
Rows per page
Query Builder