Lucene search
K

130 matches found

OSV
OSV
added 2023/03/30 9:15 p.m.6 views

AZL-25859 CVE-2023-1393 affecting package xorg-x11-server for versions less than 1.20.10-4

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...

7.8CVSS7.1AI score0.0044EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/03/30 9:15 p.m.3 views

CVE-2023-1393

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...

7.8CVSS7.2AI score0.0044EPSS
Exploits0References20
OSV
OSV
added 2023/03/30 9:15 p.m.1 views

DEBIAN-CVE-2023-1393

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...

7.8CVSS7.4AI score0.0044EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/30 12:0 a.m.3 views

CVE-2023-1393

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...

7.6AI score0.0044EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2023/03/29 12:0 p.m.36 views

CVE-2023-1393

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...

7.8CVSS7AI score0.0044EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2023/03/29 12:0 a.m.53 views

xorg-server -- Overlay Window Use-After-Free

The X.Org project reports: ZDI-CAN-19866/CVE-2023-1393: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure,...

7.8CVSS7.5AI score0.0044EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.4 views

SUSE CVE-2016-3190

The fillxrgb32lerpopaquespans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a negative span length...

7.5CVSS6.8AI score0.01805EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:32 a.m.3 views

SUSE CVE-2018-5148

A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.7.3 and Firefox 59.0.2...

7.5CVSS8.9AI score0.03013EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.4 views

SUSE CVE-2020-35492

A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untruste...

7.8CVSS6.6AI score0.01112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.5 views

SUSE CVE-2022-26530

swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor...

9.1CVSS9AI score0.01495EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/05/21 12:10 a.m.40 views

CVE-2022-26530

swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor...

9.1CVSS5.8AI score0.01495EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/05/10 2:11 p.m.93 views

cairo: libreoffice slideshow aborts with stack smashing in cairo's composite_boxes

A flaw was found in cairo's image-compositor.c. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input to cause a stack buffer...

7.8CVSS7.3AI score0.01112EPSS
Exploits0References4
Veracode
Veracode
added 2022/04/09 4:9 p.m.22 views

Denial Of Service (DoS)

swaylock is vulnerable to denial of service. The vulnerability exist because it allows attackers to achieve unlocked access to a Wayland compositor which causes an application crash...

9.1CVSS5.6AI score0.01495EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/04/03 11:15 p.m.26 views

CVE-2022-26530

swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor...

9.1CVSS0.01495EPSS
Exploits0References3
OSV
OSV
added 2022/04/03 11:15 p.m.2 views

DEBIAN-CVE-2022-26530

swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor...

9.1CVSS8.4AI score0.01495EPSS
Exploits0References1
Prion
Prion
added 2022/04/03 11:15 p.m.14 views

Design/Logic Flaw

swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor...

6.4CVSS9.1AI score0.01495EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2022/04/03 11:15 p.m.23 views

CVE-2022-26530

swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor...

9.1CVSS7.2AI score0.01495EPSS
Exploits0References5
OSV
OSV
added 2022/04/03 11:15 p.m.9 views

UBUNTU-CVE-2022-26530

swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor...

9.1CVSS7.3AI score0.01495EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/04/03 10:11 p.m.28 views

CVE-2022-26530

swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor...

9.4AI score0.01495EPSS
Exploits0References3
CVE
CVE
added 2022/04/03 10:11 p.m.116 views

CVE-2022-26530

Swaylock prior to 1.6 is vulnerable to CVE-2022-26530: an attacker can trigger a crash and gain unlocked access to the Wayland compositor. The connected documents specify the affected target as swaylock before 1.6 and do not provide further exploit details, impact elaboration beyond this descript...

9.1CVSS9AI score0.01495EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder