Lucene search
K

326 matches found

RedhatCVE
RedhatCVE
added 2020/07/31 4:0 p.m.28 views

CVE-2020-14347

A flaw was found in the way the Xserver memory was not properly initialized. This issue leak parts of server memory to the X client. In cases where the Xorg server runs with elevated privileges, this flaw results in a possible ASLR bypass...

2.1CVSS3AI score0.00388EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2020/07/31 12:0 a.m.35 views

xorg-server -- Pixel Data Uninitialized Memory Information Disclosure

The X.org project reports: Allocation for pixmap data in AllocatePixmap does not initialize the memory in xserver, it leads to leak uninitialize heap memory to clients. When the X server runs with elevated privileges. This flaw can lead to ASLR bypass, which when combined with other flaws...

5.5CVSS3AI score0.00388EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/12/09 12:0 a.m.29 views

EulerOS 2.0 SP5 : libXfont (EulerOS-SA-2019-2539)

According to the versions of the libXfont package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection c...

7.1CVSS6.5AI score0.00442EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/09/26 12:0 a.m.13 views

openSUSE: Security Advisory for links (openSUSE-SU-2019:2185-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2018/02/04 12:0 a.m.31 views

Debian: Security Advisory (DLA-1026-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.03877EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2018/01/22 10:57 p.m.22 views

CVE-2017-13722

In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check for PCF files could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server...

7.1CVSS2.5AI score0.00396EPSS
Exploits0References1
OSV
OSV
added 2017/11/29 6:1 p.m.1 views

USN-3500-1 libxfont, libxfont1, libxfont2 vulnerability

It was discovered that libXfont incorrectly followed symlinks when opening font files. A local unprivileged user could use this issue to cause the X server to access arbitrary files, including special device files...

5.5CVSS6.8AI score0.0042EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/10/18 12:0 a.m.57 views

Debian DSA-4000-1 : xorg-server - security update

Several vulnerabilities have been discovered in the X.Org X server. An attacker who's able to connect to an X server could cause a denial of service or potentially the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

9.8CVSS7.3AI score0.0437EPSS
Exploits1References17
Cvelist
Cvelist
added 2017/10/11 5:0 p.m.24 views

CVE-2017-13722

In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check for PCF files could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server...

5.9AI score0.00396EPSS
Exploits0References6
OSV
OSV
added 2017/10/10 1:30 a.m.21 views

CVE-2017-13723

In X.Org Server aka xserver and xorg-server before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp...

7.8CVSS6.6AI score
Exploits0References7
CVE
CVE
added 2017/10/09 2:0 p.m.151 views

CVE-2017-13723

CVE-2017-13723 affects X.Org Server (xorg-server) prior to 1.19.4. A local attacker authenticated to the X server can overflow a global buffer via injecting large or malformed XKB atoms and accessing them through xkbcomp, leading to crashes and potential privilege elevation when run as root. Docu...

7.8CVSS7.5AI score0.00443EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCve
added 2017/10/05 12:0 a.m.23 views

CVE-2017-13722

In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check for PCF files could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server...

7.1CVSS6.7AI score0.00396EPSS
Exploits0References2
OSV
OSV
added 2016/12/13 4:59 p.m.8 views

CVE-2015-3418

The ProcPutImage function in dix/dispatch.c in X.Org Server aka xserver and xorg-server before 1.16.4 allows attackers to cause a denial of service divide-by-zero and crash via a zero-height PutImage request...

7.5CVSS7.2AI score
Exploits0References5
CVE
CVE
added 2016/12/13 4:0 p.m.98 views

CVE-2015-3418

CVE-2015-3418 affects the X.Org Server (xserver/xorg-server) ProcPutImage function in dix/dispatch.c and is exploitable via a zero-height PutImage request. Affected with versions prior to 1.16.4 may experience denial of service (divide-by-zero) or crash. Connected documents confirm this behavior ...

7.5CVSS7AI score0.02314EPSS
Exploits0References5Affected Software1
0day.today
0day.today
added 2016/07/13 12:0 a.m.24 views

Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 Shellcode (68 bytes)

/ Title : Linux , Reverse Shell using Xterm , ///usr/bin/xterm -display 127.1.1.1:10 Date : 12-07-2016 Author : RTV Tested On : Ubuntu x86 shellcode :...

0.2AI score
Exploits0
Debian
Debian
added 2015/05/04 4:6 a.m.27 views

[SECURITY] [DLA 120-2] xorg-server regression update

Package : xorg-server Version : 2:1.7.7-18+deb6u3 CVE ID : CVE-2015-3418 Debian Bug : 774308 Andreas Cord-Landwehr reported an issue where the X.Org Xserver would often crash with an arithmetic exception when maximizing application windows. This issue CVE-2015-3418 is a regression which got...

7.5CVSS7AI score0.04373EPSS
Exploits0
OSV
OSV
added 2015/05/01 12:0 a.m.15 views

DLA-218-1 xorg-server - security update

Bulletin has no description...

6.4CVSS7.4AI score0.04502EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The x11-xserver-utils package in the Debian GNU/Linux operating system has multiple vulnerabilities. Exploiting these vulnerabilities may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

9.3CVSS5.5AI score0.05781EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2015/04/13 5:26 p.m.4 views

USN-2568-1 libx11, libxrender vulnerability

Abhishek Arya discovered that libX11 incorrectly handled memory in the MakeBigReq macro. A remote attacker could use this issue to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code. In addition, following the macro fix in libx11, a number of other...

7.5CVSS7.4AI score0.04282EPSS
Exploits0References2
CVE
CVE
added 2015/02/13 3:0 p.m.134 views

CVE-2015-0255

X.Org X11-server (X.Org Server) is affected by CVE-2015-0255: in versions before 1.16.3 and 1.17.x before 1.17.1, a flaw in handling XkbSetGeometry requests can disclose memory or crash the server due to missing input validation. Root cause: improper validation of crafted XkbSetGeometry string le...

6.4CVSS4AI score0.04502EPSS
Exploits0References13Affected Software1
Rows per page
Query Builder