OESA-2026-1591 libX11 security update

Core X11 protocol client library. Security Fixes: A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of...

EUVD-2025-5426

Malicious code in bioql PyPI...

EulerOS 2.0 SP10 : libxkbfile (EulerOS-SA-2025-1805)

According to the versions of the libxkbfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed- sized buffer on the stack and copies the...

CVE-2005-4691

imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page...

RHEL 7 : xorg-x11-server (RHSA-2025:2879)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2879 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical use...

Linux Distros Unpatched Vulnerability : CVE-2013-1986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors...

CVE-2025-26600

A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free...

CVE-2025-26600

A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free...

CVE-2025-26597

CVE-2025-26597 affects X.Org/Xwayland. A buffer overflow can occur when XkbChangeTypesOfKey() is called first with a 0 group (resizing the key symbols table) and then with a non‑zero group (actions remain the wrong size). This is tied to the heap/buffer handling in XkbChangeTypesOfKey() and is re...

libXfont -- X Font Service Protocol and Font metadata file handling issues

Alan Coopersmith reports: Ilja van Sprundel, a security researcher with IOActive, has discovered several issues in the way the libXfont library handles the responses it receives from xfs servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. Most of these...

Oracle Linux 6 : xorg-x11-server (ELSA-2012-0939)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0939 advisory. 1.10.6-1 - xserver 1.10.6 - Use git-style patch names - compsize.h, glxcmds.h: Copy from upstream git since they fell out of the upstream tarball...

CVE-2013-1993

Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XF86DRIOpenConnection and 2 XF86DRIGetClientDriverName functions...

DSA-2678-1 mesa - several

Bulletin has no description...

CVE-2011-0465

xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a 1 DHCP or 2 XDMCP message...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

X.Org X server and Xfont library: Multiple vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description regenrecht reported multiple vulnerabilities in various X server extension via iDefense: The XFree86-Misc extension does not properly sanitize a parameter within a PassMessage request,...