CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability was found in X.Org. This issue occurs because the XkbCopyNames function leaves a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This flaw can lead to local privilege elevation on systems where the X server runs...

7.8CVSS6.4AI score0.002EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:20 a.m.•1 views

SUSE CVE-2004-0419

XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions...

7.5CVSS6.9AI score0.02796EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 6:8 a.m.•1 views

SUSE CVE-2008-1483

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 IPv4 and sniffing a cookie sent by Emacs...

8.2CVSS6.6AI score0.00201EPSS

Exploits1References14

SUSE CVE•added 2023/02/15 5:12 a.m.•2 views

SUSE CVE-2015-8316

Array index error in LightDM aka Light Display Manager 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service process crash via an XDMCP request packet with no address...

5.9CVSS5.6AI score0.00588EPSS

Exploits0References3

CNVD•added 2020/11/05 12:0 a.m.•3 views

SDDM Competitive Conditions Issue Vulnerability

SDDM is a Qt-based display manager for the desktop environments KDE and LXQt from the SSDM team. A contention condition issue vulnerability exists in versions of SDDM prior to 0.19.0. The vulnerability stems from incorrectly starting the X server in a way that would allow a local, unprivileged us...

6.3CVSS6.5AI score0.00037EPSS

Exploits1References1

OSV•added 2017/09/14 12:0 a.m.•1 views

UBUNTU-CVE-2017-14482

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe...

8.8CVSS7.8AI score0.03601EPSS

Exploits1References9

OSV•added 2017/09/06 9:29 p.m.•1 views

UBUNTU-CVE-2015-8316

5.9CVSS6.3AI score0.00588EPSS

Exploits0References3

OSV•added 2017/08/24 8:29 p.m.•0 views

DEBIAN-CVE-2015-8308

LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections...

7.8CVSS6.8AI score0.00148EPSS

Exploits0References1

0day.today•added 2017/04/25 12:0 a.m.•83 views

Ubuntu 16.10 / 16.04 LTS - LightDM Guest Account Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits Source: https://blogs.securiteam.com/index.php/archives/3134 Vulnerability Summary The following advisory describes a local privilege escalation via LightDM found in Ubuntu versions 16.10 / 16.04 LTS. Ubuntu is an open source software platform...

6.9CVSS7AI score0.01737EPSS

Exploits5

Exploit DB•added 2017/04/25 12:0 a.m.•94 views

LightDM (Ubuntu 16.04/16.10) - 'Guest Account' Local Privilege Escalation

Source: https://blogs.securiteam.com/index.php/archives/3134 Vulnerability Summary The following advisory describes a local privilege escalation via LightDM found in Ubuntu versions 16.10 / 16.04 LTS. Ubuntu is an open source software platform that runs everywhere from IoT devices, the smartphone...

7.3CVSS7.1AI score0.01737EPSS

Exploits5