UBUNTU-CVE-2026-50262

GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write...

xrdp 安全漏洞

XRDPT is an open-source remote desktop protocol server developed by Neutrinolabs. Versions of XRDPT prior to 0.10.5 contain security vulnerabilities. These vulnerabilities stem from insufficient validation of the size parameter in the EGX implementation, leading to a heap-based buffer overflow th...

CVE-2026-32753

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, bypasses of the attachment view logic and SVG sanitizer make it possible to upload and render an SVG that runs malicious JavaScript. An extension of .png with content type of...

SUSE CVE-2007-1582

The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD ext/gd extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify...

SUSE CVE-2014-8098

The GLX extension in XFree86 4.0, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index valu...

PHP GD Extension Input Validation Error Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems.EXIF extension is one of the...

php: missing null byte checks for paths in DOM and GD extensions

It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions...

DEBIAN-CVE-2014-8098

The GLX extension in XFree86 4.0, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index valu...

PT-2014-1848 · X.Org +5 · X.Org Server +5

Name of the Vulnerable Software and Affected Versions: xorg-x11-server-Xdmx version 1.15.0 xorg-x11-server-debuginfo version 1.15.0 xorg-x11-server-Xnest version 1.15.0 xorg-x11-server-Xephyr version 1.15.0 xorg-x11-server-source version 1.15.0 xorg-x11-server-Xvfb version 1.15.0...

gd: NULL pointer dereference in gdImageCreateFromXpm()

A NULL pointer dereference flaw was found in the gdImageCreateFromXpm function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application using gd via a specially crafted X PixMap XPM file...

X.org: multiple GLX input sanitization flaws

The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service server crash and possibly execute arbitrary code via 1 a crafted request that triggers a client swap in glx/glxcmdsswap.c; or 2 a crafted length or 3 a negative value in the screen field in a...

php: buffer overflow in the imageloadfont function in gd extension

Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...