CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2014-8096 – xorg-x11-server: out of bounds access due to not validating length or offset values in XC-MISC extension
https://notcve.org/view.php?id=CVE-2014-8096
09 Dec 2014 — The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value. La función SProcXCMiscGetXIDList en la extensión XC-MISC en X.Org X Window System (también conocido como X11 o X) X11R6.0 y X.Org Server (también conocido como xserver y xorg-ser... • http://advisories.mageia.org/MGASA-2014-0532.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0CVE-2014-8103 – xorg-x11-server: out of bounds access due to not validating length or offset values in DRI3 & Present extensions
https://notcve.org/view.php?id=CVE-2014-8103
09 Dec 2014 — X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) sproc_dri3_query_version, (2) sproc_dri3_open, (3) sproc_dri3_pixmap_from_buffer, (4) sproc_dri3_buffer_from_pixmap, (5) sproc_dri3_fence_from_fd, (6) sproc_dri3_fd_from_fence, (7) proc_present_query_capabilities, (8) sproc_present_query_version, (9) sproc_p... • http://secunia.com/advisories/61947 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2014-8097 – xorg-x11-server: out of bounds access due to not validating length or offset values in DBE extension
https://notcve.org/view.php?id=CVE-2014-8097
09 Dec 2014 — The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcDbeSwapBuffers or (2) SProcDbeSwapBuffers function. La extensión DBE en X.Org X Window System (también conocido como X11 o X) X11R6.1 y X.Org Server (también conocido como xserver y xorg-server) anterior a ... • http://advisories.mageia.org/MGASA-2014-0532.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2014-8095 – xorg-x11-server: out of bounds access due to not validating length or offset values in XInput extension
https://notcve.org/view.php?id=CVE-2014-8095
09 Dec 2014 — The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXChangeDeviceControl, (2) ProcXChangeDeviceControl, (3) ProcXChangeFeedbackControl, (4) ProcXSendExtensionEvent, (5) SProcXIAllowEvents, (6) SProcXIChangeCursor, (7) ProcXIChangeHierarchy, (8) SProcXIGetC... • http://advisories.mageia.org/MGASA-2014-0532.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2014-8098 – xorg-x11-server: out of bounds access due to not validating length or offset values in GLX extension
https://notcve.org/view.php?id=CVE-2014-8098
09 Dec 2014 — The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) __glXDisp_Render, (2) __glXDisp_RenderLarge, (3) __glXDispSwap_VendorPrivate, (4) __glXDispSwap_VendorPrivateWithReply, (5) set_client_info, (6) __glXDispSwap_SetClientInfoARB, (7) DoSwapInterval,... • http://advisories.mageia.org/MGASA-2014-0532.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2011-4613 – X.Org xorg 1.4 < 1.11.2 - File Permission Change
https://notcve.org/view.php?id=CVE-2011-4613
05 Feb 2014 — The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY. El wrapper de las X de X.org (xserver-wrapper.c) en Debian GNU/Linux and Ubuntu Linux no verifica debidamente la TTY de un usuario que está arrancando las X, lo cual permite a usuarios locales evadir restricciones de acceso mediante ... • https://www.exploit-db.com/exploits/18040 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.1EPSS: 0%CPEs: 9EXPL: 0CVE-2013-1984 – libXi: Multiple integer overflows leading to heap-based buffer-overflows
https://notcve.org/view.php?id=CVE-2013-1984
23 May 2013 — Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions. Multiples desbordamientos de enteros en X.org libXi v1.7.1 y anteriores permiten que los servidores X provoquen una asignación... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 8.1EPSS: 1%CPEs: 9EXPL: 0CVE-2013-1998 – libXi: Multiple Array Index error leading to heap-based OOB write
https://notcve.org/view.php?id=CVE-2013-1998
23 May 2013 — Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions. Multiples desbordamientos de búfer en X.org libXi v1.7.1 y anteriores permite a los servidores X causar una denegación de servicio (por caída del servidor) y posiblemente ejecutar código de su elección a través de valores de índice... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2013-1995 – libXi: Sign extension issues resulting in heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2013-1995
23 May 2013 — X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function. X.org LibXi v1.7.1 y anteriores permite a los servidores X activar la asignación de memoria insuficiente y provocar un desbordamiento de búfer a través de vectores relacionados con una extensión de signo inesperada en la función XListInputDevices. A buffer overflow flaw was found in the way the XListInputDevic... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 1%CPEs: 12EXPL: 0CVE-2013-2066 – libXv: Array Index error leading to heap-based OOB write
https://notcve.org/view.php?id=CVE-2013-2066
23 May 2013 — Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function. Un desbordamiento de búfer en libXv X.org v1.0.7 y anteriores permite causar una denegación de servicio a los servidores X (por caída de los mismos) y posiblemente ejecutar código de su elección a través de valores de longitud o de índice de la función XvQueryPortAttributes debidamente modificados.... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106889.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •