22 matches found
Important: Red Hat Security Advisory: tigervnc security update
An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RLSA-2026:11388 Important: xorg-x11-server security update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling...
ALSA-2026:11388 Important: xorg-x11-server security update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling...
RHEL 8 : tigervnc (RHSA-2025:22167)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22167 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...
Moderate: Red Hat Security Advisory: xorg-x11-server security update
An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
Alibaba Cloud Linux 3 : 0169: xorg-x11-server (ALINUX3-SA-2025:0169)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0169 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-62229: A flaw was found in the...
Alibaba Cloud Linux 3 : 0173: tigervnc (ALINUX3-SA-2025:0173)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0173 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-62229: A flaw was found in the...
Important: xorg-x11-server-Xwayland
Issue Overview: A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potential...
RHEL 10 : xorg-x11-server-Xwayland (RHSA-2025:19435)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19435 advisory. Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure...
EUVD-2025-5382
Malicious code in bioql PyPI...
Xorg: xwayland: buffer overflow in xkbchangetypesofkey()
...
AZL-57482 CVE-2025-26601 affecting package xorg-x11-server for versions less than 1.20.10-15
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...
CVE-2025-26601
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...
CVE-2025-26600
CVE-2025-26600 is a use-after-free in X.Org/Xwayland. The issue occurs when a device is removed while still frozen, leaving queued events that, when replayed after the device is freed, trigger use-after-free. Connected advisories confirm Xwayland/xorg involvement and list related fixes across Xwa...
CVE-2025-26597
CVE-2025-26597 affects X.Org/Xwayland. A buffer overflow can occur when XkbChangeTypesOfKey() is called first with a 0 group (resizing the key symbols table) and then with a non‑zero group (actions remain the wrong size). This is tied to the heap/buffer handling in XkbChangeTypesOfKey() and is re...
CVE-2025-26597 Xorg: xwayland: buffer overflow in xkbchangetypesofkey()
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...
CVE-2025-26597 Xorg: xwayland: buffer overflow in xkbchangetypesofkey()
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...
CVE-2025-26597
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...
CVE-2025-26594
CVE-2025-26594 is a use-after-free in X.Org/Xwayland where the root cursor is kept as a global in the X server; freeing the root cursor can reference freed memory, causing a crash or compromise. Affected package: xorg-x11-server-Xwayland (and related Xorg/Xwayland components in advisories). Impac...
UBUNTU-CVE-2025-26596
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms differs from what is written in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...