Lucene search
K

1035 matches found

RedHat Linux
RedHat Linux
added 2 days ago9 views

xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow

A flaw was found in the glamorfontget function of the xorg-x11-server. This vulnerability, a heap buffer overflow, occurs when the server processes a specially crafted PCF font file where individual glyph metrics exceed the declared maximum bounds. An authenticated X client can exploit this by...

8.5CVSS6.5AI score0.00212EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2 days ago3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel XkbNumKbdGroups but CheckKeyTypes does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift...

7.8CVSS7.1AI score0.00161EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2 days ago2 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS7.3AI score0.00165EPSS
Exploits0References7
Fedora
Fedora
added 3 days ago9 views

[SECURITY] Fedora 44 Update: xorg-x11-server-21.1.24-1.fc44

X.Org X11 X server...

8.5CVSS6.1AI score0.00212EPSS
Exploits0
OSV
OSV
added 6 days ago3 views

RHSA-2026:36798 Red Hat Security Advisory: xorg-x11-server-Xwayland security update

Bulletin has no description...

7.8CVSS6.7AI score0.00165EPSS
Exploits0References49
RedHat Linux
RedHat Linux
added last week4 views

Important: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

7.8CVSS7AI score0.00165EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added last week4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added last week7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS6.9AI score0.00154EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00192EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-56001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow in BitmapScaleBitmaps in libXfont2 before 2.0.8 due to an overflowing 32bit size could be used by attackers able to access the X Server t...

8.8CVSS6.4AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/07 6:51 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:28 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...

5.5CVSS6.1AI score0.00132EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:9 a.m.3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS6.9AI score0.0014EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/25 1:15 p.m.5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/25 1:15 p.m.7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS5.7AI score0.0014EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in GIMP

GIMP XWD File Parsing: Out-of-Bounds Write Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The...

7.8CVSS7.5AI score0.00622EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server. This integer underflow vulnerability, specifically related to the handling of the XKB compatibility map, allows an attacker with local or remote X11 server access to trigger a buffer read overflow. This can lead to memory safety violations and...

7.8CVSS7.1AI score0.0038EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 4:17 a.m.17 views

CVE-2026-55655

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

6.1CVSS0.0009EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 3:36 a.m.12 views

CVE-2026-55655

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

6.1CVSS5.7AI score0.0009EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/23 3:36 a.m.12 views

EUVD-2026-38413

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

5CVSS5.7AI score0.0009EPSS
Exploits0References2
Rows per page
Query Builder