Lucene search
K

123 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:29 p.m.6 views

CVE-2021-26955

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because xcb::xproto::GetAtomNameReply::name calls std::str::fromutf8unchecked on unvalidated bytes from an X server...

9.8CVSS6.8AI score0.01728EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:27 p.m.7 views

CVE-2021-26958

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because transmutation to the wrong type can happen after xcb::base::castevent uses std::mem::transmute to return a reference to an arbitrary type...

8.8CVSS6.9AI score0.016EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:38 p.m.6 views

CVE-2020-36205

An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur...

5.5CVSS6.9AI score0.00401EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:26 p.m.7 views

CVE-2020-28044

An attacker with physical access to a PAX Point Of Sale device with ProlinOS through 2.4.161.8859R can boot it in management mode, enable the XCB service, and then list, read, create, and overwrite files with MAINAPP permissions...

7.2CVSS6.6AI score0.00337EPSS
Exploits0
Rockylinux
Rockylinux
added 2025/05/07 7:13 p.m.14 views

xcb-util-cursor bug fix and enhancement update

An update is available for xcb-util-cursor. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

6.8AI score
Exploits0
OSV
OSV
added 2024/09/15 9:39 p.m.15 views

RHBA-2014:1376 Red Hat Bug Fix Advisory: xcb-util, xorg-x11-drivers, and mesa bug fix and enhancement update

Bulletin has no description...

6.8CVSS6AI score0.01683EPSS
Exploits0References73
OSV
OSV
added 2024/05/10 11:7 a.m.3 views

OESA-2024-1537 qt5-qtbase security update

This package provides base tools, such as string, xml, and network handling. Security Fixes: Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms. NOTE: this is disputed because it is not expected that an X application should...

4.2CVSS7.4AI score0.0024EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/03/29 3:31 a.m.2 views

SUSE CVE-2023-45935

Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms. NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server...

4.2CVSS7.4AI score0.0024EPSS
Exploits0References8
OSV
OSV
added 2022/10/28 11:4 a.m.4 views

OESA-2022-2022 libX11 security update

The libX11-devel package contains libraries and header files for libX11. Security Fixes: A vulnerability was found in X.org libX11 and classified as problematic. This issue affects the function XFreeX11XCBStructure of the file xcbdisp.c. The manipulation of the argument dpy leads to memory leak. ...

6.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/10/17 12:0 a.m.2 views

PT-2022-22899 · X.Org +1 · Libx11 +1

Name of the Vulnerable Software and Affected Versions: X.org libX11 affected versions not specified Description: A memory leak issue was found in the function XFreeX11XCBStructure of the file xcb disp.c. The manipulation of the argument dpy leads to this issue. Recommendations: Apply a patch to f...

7.5CVSS4.4AI score
Exploits0References36
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.9 views

Fedora: Security Advisory for golang-github-burntsushi-xgb (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
Fedora
Fedora
added 2022/07/17 1:15 a.m.30 views

[SECURITY] Fedora 35 Update: golang-github-burntsushi-xgb-0-0.15.20210108git5f9e7b3.fc35

XGB is the X Go Binding, which is a low-level API to communicate with the core X protocol and many of the X extensions. It is closely modeled after XCB and xpyb...

9.3CVSS1.7AI score0.05994EPSS
Exploits4
Fedora
Fedora
added 2022/07/04 1:35 a.m.30 views

[SECURITY] Fedora 36 Update: golang-github-burntsushi-xgb-0-0.15.20210108git5f9e7b3.fc36

XGB is the X Go Binding, which is a low-level API to communicate with the core X protocol and many of the X extensions. It is closely modeled after XCB and xpyb...

9.3CVSS8.1AI score0.05994EPSS
Exploits4
Rockylinux
Rockylinux
added 2022/05/17 7:40 a.m.14 views

new packages: xcb-util-renderutil

An update is available for xcb-util-renderutil. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

2.2AI score
Exploits0
Rockylinux
Rockylinux
added 2022/05/17 7:40 a.m.16 views

new packages: xcb-util-image

An update is available for xcb-util-image. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

2.2AI score
Exploits0
Rockylinux
Rockylinux
added 2022/05/17 7:40 a.m.20 views

new packages: xcb-util

An update is available for xcb-util. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpris...

2.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 8:53 p.m.5 views

AsgoreCore (>=0.1.0 <=0.1.2), RustyBox (=0.1.0) +425 more potentially affected by CVE-2021-26955 +3 more via xcb (>=0.10.1 <=0.9.0)

xcb CARGO version =0.10.1, =0.1.0, =0.1.0, =0.4.0, =0.1.0, =1.0.9, =0.6.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.3.0 and more Source cves: CVE-2021-26955, CVE-2021-26956, CVE-2021-26957, CVE-2021-26958 Source advisory: OSV:GHSA-MP6R-FGW2-RXFX...

9.8CVSS7.7AI score0.01754EPSS
Exploits4
OSV
OSV
added 2021/08/25 8:53 p.m.20 views

GHSA-MP6R-FGW2-RXFX Arbitrary return types in xcb

The function xcb::xproto::GetPropertyReply::value returns a slice of type T where T is an unconstrained type parameter. The raw bytes received from the X11 server are interpreted as the requested type. The users of the xcb crate are advised to only call this function with the intended types. Thes...

9.8CVSS8.9AI score0.01754EPSS
Exploits4References5
Github Security Blog
Github Security Blog
added 2021/08/25 8:53 p.m.23 views

Arbitrary return types in xcb

The function xcb::xproto::GetPropertyReply::value returns a slice of type T where T is an unconstrained type parameter. The raw bytes received from the X11 server are interpreted as the requested type. The users of the xcb crate are advised to only call this function with the intended types. Thes...

9.8CVSS8.7AI score0.01728EPSS
Exploits1References5Affected Software1
vulnersOsv
vulnersOsv
added 2021/08/25 8:53 p.m.3 views

AsgoreCore (>=0.1.0 <=0.1.2), RustyBox (=0.1.0) +425 more potentially affected by CVE-2021-26955 +3 more via xcb (>=0.10.1 <=0.9.0)

xcb CARGO version =0.10.1, =0.1.0, =0.1.0, =0.4.0, =0.1.0, =1.0.9, =0.6.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.3.0 and more Source cves: CVE-2021-26955, CVE-2021-26956, CVE-2021-26957, CVE-2021-26958 Source advisory: OSV:GHSA-3288-CWGW-CH86...

9.8CVSS7.7AI score0.01754EPSS
Exploits4
Rows per page
Query Builder