34 matches found
EUVD-2024-16204
Malicious code in bioql PyPI...
EUVD-2024-16203
Malicious code in bioql PyPI...
EulerOS 2.0 SP8 : tigervnc (EulerOS-SA-2024-2062)
According to the versions of the tigervnc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some...
CentOS 8 : xorg-x11-server-Xwayland (CESA-2024:2996)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:2996 advisory. - A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data...
EulerOS 2.0 SP10 : xorg-x11-server (EulerOS-SA-2024-1352)
According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in...
GLSA-202401-30 : X.Org X Server, XWayland: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202401-30 X.Org X Server, XWayland: Multiple Vulnerabilities - A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap ...
SUSE SLED15 / SLES15 Security Update : xorg-x11-server (SUSE-SU-2024:0251-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0251-1 advisory. - A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xorg-x11-server (SUSE-SU-2024:0249-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0249-1 advisory. - A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when...
SUSE SLED15 / SLES15 Security Update : xorg-x11-server (SUSE-SU-2024:0252-1)
The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0252-1 advisory. - A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving...
SUSE SLES12 Security Update : xorg-x11-server (SUSE-SU-2024:0236-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0236-1 advisory. - A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it...
Debian dla-3721 : xdmx - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3721 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3721-1 [email protected]...
Oracle Linux 7 : xorg-x11-server (ELSA-2024-0320)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0320 advisory. - Fix use after free related to CVE-2024-21886 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
Ubuntu 16.04 ESM / 18.04 ESM : X.Org X Server vulnerabilities (USN-6587-2)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6587-2 advisory. USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...
Out-of-bounds Write
X.Org server is vulnerable to Out-of-bounds Write. The vulnerability is caused due to the cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX conte...
SUSE SLED15 Security Update : xwayland (SUSE-SU-2024:0165-1)
The remote SUSE Linux SLED15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0165-1 advisory. - A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down...
CVE-2024-0408
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource as with a GetGeometry or when it creates another resource that needs to access that buffer, such as...
CVE-2024-0409
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context...
CVE-2024-0408
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource as with a GetGeometry or when it creates another resource that needs to access that buffer, such as...
DEBIAN-CVE-2024-0408
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource as with a GetGeometry or when it creates another resource that needs to access that buffer, such as...
CVE-2024-0409
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context...