Medium: tigervnc

Issue Overview: A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. CVE-2025-49175 A flaw was found in the Big Requests extension. The reque...

xorg-server -- Multiple security issues in X server extensions

The X.org project reports: CVE-2022-46340/ZDI-CAN-19265: X.Org Server XTestSwapFakeInput stack overflow The swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. Th...

FreeBSD : xorg-server -- Multiple input validation failures in X server extensions (ffa15b3b-e6f6-11ea-8cbf-54e1ad3d6335)

The X.org project reports : All theses issuses can lead to local privileges elevation on systems where the X server is running privileged. The handler for the XkbSetNames request does not validate the request length before accessing its contents. An integer underflow exists in the handler for the...

xorg-server -- Multiple input validation failures in X server extensions

The X.org project reports: All theses issuses can lead to local privileges elevation on systems where the X server is running privileged. The handler for the XkbSetNames request does not validate the request length before accessing its contents. An integer underflow exists in the handler for the...