22 matches found
CentOS 9 : xorg-x11-server-Xwayland-21.1.3-5.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the xorg-x11-server-Xwayland-21.1.3-5.el9 build changelog. - A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in...
CentOS 9 : tigervnc-1.12.0-9.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the tigervnc-1.12.0-9.el9 build changelog. - A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory...
Slackware Linux 15.0 / current tigervnc Multiple Vulnerabilities (SSA:2023-317-01)
The version of tigervnc installed on the remote host is prior to 1.12.0 / 1.13.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-317-01 advisory. - A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the functio...
Huawei EulerOS: Security Advisory for tigervnc (EulerOS-SA-2023-2176)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 9 : xorg-x11-server-Xwayland (ELSA-2023-2249)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-2249 advisory. - Fix CVE-2023-0494 2166974 - Follow-up fix for CVE-2022-46340 2151778 - CVE fix for: CVE-2022-4283 2151803, CVE-2022-46340 2151778, CVE-2022-46341...
Amazon Linux AMI : xorg-x11-server (ALAS-2023-1689)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1689 advisory. A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data,...
Ubuntu 16.04 ESM : X.Org X Server vulnerabilities (USN-5778-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5778-2 advisory. USN-5778-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...
EulerOS 2.0 SP8 : tigervnc (EulerOS-SA-2023-1340)
According to the versions of the tigervnc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory,...
EulerOS 2.0 SP8 : xorg-x11-server (EulerOS-SA-2023-1344)
According to the versions of the xorg-x11-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function GetCountedString of th...
SUSE SLES12 Security Update : xorg-x11-server (SUSE-SU-2023:0282-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0282-1 advisory. - CVE-2023-0494: Fixed a use-after-free in DeepCopyPointerClasses bsc1207783. Tenable has extracted the preceding description block directly...
RHEL 8 : tigervnc (RHSA-2023:0662)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0662 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it ...
CentOS 7 : xorg-x11-server (RHSA-2023:0046)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0046 advisory. - A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in...
Debian dla-3256 : xdmx - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3256 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3256-1 [email protected]...
Fedora 36 : xorg-x11-server (2022-dd3eb7e0a8)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-dd3eb7e0a8 advisory. Fix buggy patch to CVE-2022-46340 ---- CVE fix for: CVE-2022-4283, CVE-2022-46340, CVE-2022-46341, CVE-2022-46342, CVE-2022-46343, CVE-2022-46344...
Debian DSA-5304-1 : xorg-server - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5304 advisory. - A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in...
SUSE SLES15 Security Update : xorg-x11-server (SUSE-SU-2022:4481-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4481-1 advisory. - CVE-2022-46340: Server XTestSwapFakeInput stack overflow bsc1205874 - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds...
SUSE SLES15 Security Update : xorg-x11-server (SUSE-SU-2022:4482-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4482-1 advisory. - CVE-2022-46340: Server XTestSwapFakeInput stack overflow bsc1205874 - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds...
Out-of-bounds
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X serve...
CVE-2022-4283
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X serve...
CVE-2022-46344
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X...