Lucene search
K

16 matches found

UbuntuCve
UbuntuCve
added 2025/10/28 12:0 a.m.1 views

CVE-2025-62231

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

7.3CVSS7.2AI score0.00281EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/10/28 12:0 a.m.1 views

CVE-2025-62230

A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...

7.3CVSS7.1AI score0.00267EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/07/04 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2025:02207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS6.9AI score0.00299EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/06/17 12:0 a.m.4 views

CVE-2025-49178

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

5.5CVSS6.7AI score0.00199EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/06/17 12:0 a.m.5 views

CVE-2025-49176

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check...

7.3CVSS6.8AI score0.00299EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/03/13 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2025-4a832bf2b1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00485EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/02/25 3:0 p.m.12 views

CVE-2025-26597

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

7.8CVSS7.2AI score0.00485EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/02/25 3:0 p.m.9 views

CVE-2025-26599

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

7.8CVSS7AI score0.00369EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/02/25 3:0 p.m.5 views

CVE-2025-26596

A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms differs from what is written in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...

7.8CVSS7.3AI score0.00399EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/10/29 3:0 p.m.8 views

CVE-2024-9632

A flaw was found in the X.org server. Due to improperly tracked allocation size in XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org serv...

7.8CVSS6.8AI score0.00894EPSS
Exploits0References3
OSV
OSV
added 2024/06/15 12:0 a.m.5 views

OPENSUSE-SU-2024:10431-1 xorg-x11-7.6_1-16.2 on GA media

These are all security issues fixed in the xorg-x11-7.61-16.2 package on the GA media of openSUSE Tumbleweed...

9.3CVSS6.8AI score0.05781EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/04/17 12:0 a.m.13 views

openSUSE Security Advisory (SUSE-SU-2024:1262-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.01843EPSS
Exploits0References8
Prion
Prion
added 2021/06/12 4:15 a.m.20 views

Open redirect

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users...

2.1CVSS5.8AI score0.00289EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

The vulnerability of the Gentoo Linux operating system, which allows a malicious individual to compromise the accessibility of protected information

The vulnerability of the xorg-x11 package up to version 6.8.2-r7 in the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited locally...

2.1CVSS5.4AI score0.00514EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.9 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the xorg package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious individuals...

4.6CVSS5.4AI score0.00862EPSS
Exploits3References3Affected Software1
OpenVAS
OpenVAS
added 2012/02/11 12:0 a.m.25 views

Debian: Security Advisory (DSA-2364-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS6.5AI score0.00862EPSS
Exploits3References3
Rows per page
Query Builder