22 matches found
MiracleLinux 8 : xorg-x11-server-Xwayland-21.1.3-20.el8_10 (AXSA:2026-541:01)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-541:01 advisory. xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X...
Oracle Linux 8 : xorg-x11-server-Xwayland (ELSA-2026-11656)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-11656 advisory. 21.1.3-20 - CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001 CVE-2026-34002, CVE-2026-34003 Resolves:...
SUSE: Security Advisory (SUSE-SU-2025:21149-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:02191-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 9 : xorg-x11-server-Xwayland (RHSA-2025:10258)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10258 advisory. Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server-Xwayland: xorg-x11-server: tigervnc:...
Ubuntu: Security Advisory (USN-7573-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-49176
A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check...
CVE-2025-49178
A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...
CVE-2025-49179
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks...
CVE-2025-26599 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1
CVE-2025-26599 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-26601 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1
CVE-2025-26601 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-26598 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1
CVE-2025-26598 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-26600 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1
CVE-2025-26600 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1. An upgraded version of the package is available that resolves this issue...
Fedora 40 : xorg-x11-server-Xwayland (2025-4a832bf2b1)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4a832bf2b1 advisory. xwayland 24.1.6 CVE fix for: CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600,...
AZL-57414 CVE-2025-26596 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms differs from what is written in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...
CVE-2025-26597
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...
CVE-2025-26594
A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free...
CVE-2025-26599
An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...
CVE-2025-26596
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms differs from what is written in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...
CVE-2024-9632 affecting package xorg-x11-server-Xwayland for versions less than 24.1.1-3
CVE-2024-9632 affecting package xorg-x11-server-Xwayland for versions less than 24.1.1-3. A patched version of the package is available...