XInput and TOG-CUP extensions memory corruption, EVI and MIT-SHM extensions integer overflows, multiple extensions array index overflows. libxfont PCF fonts parsing buffer overflow.
vulners.com/securityvulns/securityvulns:doc:18895
vulners.com/securityvulns/securityvulns:doc:18896
vulners.com/securityvulns/securityvulns:doc:18897
vulners.com/securityvulns/securityvulns:doc:18898
vulners.com/securityvulns/securityvulns:doc:18899
vulners.com/securityvulns/securityvulns:doc:19584