25 matches found
EUVD-2023-57696
Malicious code in bioql PyPI...
EUVD-2023-57870
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-5380
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration a multi-screen setup with multip...
EulerOS 2.0 SP12 : xorg-x11-server (EulerOS-SA-2024-2946)
According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a...
CentOS 8 : tigervnc (CESA-2024:3067)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3067 advisory. - A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration a multi-screen setup with...
EulerOS 2.0 SP10 : xorg-x11-server (EulerOS-SA-2024-1582)
According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroy...
xorg-x11-server: Use-after-free bug in DestroyWindow
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode if the pointer is warped from within a window on one screen to the root window of the othe...
xorg-x11-server: Use-after-free bug in DestroyWindow
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode if the pointer is warped from within a window on one screen to the root window of the othe...
EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1131)
According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when...
Amazon Linux 2 : xorg-x11-server (ALAS-2023-2352)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2352 advisory. A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod...
Use After Free
xorg-server is vulnerable to Use After Free. The vulnerability is caused when using X server in Zaphod mode a multi-screen setup with multiple protocol screens when the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is...
Fedora 37 : tigervnc (2023-4708733ccc)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4708733ccc advisory. Fixes CVEs reported against Xserver. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora 37 : xorg-x11-server (2023-f111d2f306)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-f111d2f306 advisory. Security fix for CVE-2023-5367, CVE-2023-5380 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Ubuntu 16.04 ESM / 18.04 ESM : X.Org X Server vulnerabilities (USN-6453-2)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6453-2 advisory. USN-6453-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and...
CVE-2023-5380
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode if the pointer is warped from within a window on one screen to the root window of the othe...
CVE-2023-5574
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be...
Design/Logic Flaw
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode if the pointer is warped from within a window on one screen to the root window of the othe...
CVE-2023-5574
CVE-2023-5574 is a use-after-free in xorg-x11-server-Xvfb caused by a flaw in DamageDestroy/DestroyWindow when using a multi-screen Zaphod configuration. Affected is Xvfb, vulnerable during shutdown/reset when the pointer moves between screen 1 and screen 0, with potential for privilege escalatio...
CVE-2023-5574
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be...
CVE-2023-5574
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be...