233 matches found
SUSE CVE-2026-50263
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...
CVE-2026-50263
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...
EUVD-2026-34820
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...
CVE-2026-50263
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...
CVE-2026-50263 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free information disclosure in createsaverwindow()
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...
CVE-2026-50263 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free information disclosure in createsaverwindow()
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...
CVE-2026-50263
CVE-2026-50263 affects the X.Org X server and Xwayland. The flaw is a use-after-free in CreateSaverWindow() that can cause a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure. Impact is confidentiality (information disclosure) wit...
CVE-2026-50263
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...
PT-2026-46943
Name of the Vulnerable Software and Affected Versions X.Org X server affected versions not specified Xwayland affected versions not specified Description A use-after-free flaw exists in the CreateSaverWindow function. A client can trigger a use-after-free read by changing window attributes and...
OPENSUSE-SU-2026:20896-1 Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: - CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 - DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 - Font Alias Stack-based Buffer Overflow. bsc1266294 - GLX ChangeDrawableAttributes...
SUSE-SU-2026:2226-1 Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues - CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 - DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 - Font Alias Stack-based Buffer Overflow. bsc1266294 - GLX ChangeDrawableAttributes...
SUSE-SU-2026:2223-1 Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues - CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 - DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 - Font Alias Stack-based Buffer Overflow. bsc1266294 - GLX ChangeDrawableAttributes...
Astra Linux - уязвимость в xorg-server
A vulnerability was discovered in X.Org. This security flaw arises because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges escalation on systems where the X server is running with privileged access, and may...
Astra Linux - уязвимость в xorg-server
A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...
Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005925)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005925 advisory. A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The...
Exploit for CVE-2025-67644
CVE-2025-67644 PoC – LangGraph SQLite Checkpoint SQL Injection...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview @langchain/langgraph-checkpoint-redis is a Redis checkpoint and store implementation for LangGraph Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the list method in the RedisSaver an...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview @langchain/langgraph-checkpoint-mongodb is a LangGraph Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the list method in the RedisSaver and ShallowRedisSaver classes when...
RediSearch Query Injection in @langchain/langgraph-checkpoint-redis
Summary A query injection vulnerability exists in the @langchain/langgraph-checkpoint-redis package's filter handling. The RedisSaver and ShallowRedisSaver classes construct RediSearch queries by directly interpolating user-provided filter keys and values without proper escaping. RediSearch has...
@alithya-oss/backstage-plugin-aws-apps-backend (=0.4.7), @alithya-oss/backstage-plugin-changelog-backend (=1.0.3) +168 more potentially affected by CVE-2026-24048 via @backstage/backend-defaults (>=0.0.0-nightly-20240929023448 <=0.12.1-next.1)
@backstage/backend-defaults NPM version =0.0.0-nightly-20240929023448, =1.0.7, =0.1.8, =0.3.10, =0.3.6, =0.1.0, =0.4.0, =4.6.0, =0.10.0, =0.12.0 and more Source cves: CVE-2026-24048 Source advisory: OSV:GHSA-Q2X5-4XJX-C6P9...