CVSS: 9.0EPSS: 26%CPEs: 8EXPL: 0CVE-2022-46344 – X.Org Server ProcXIChangeProperty Numeric Truncation Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-46344
14 Dec 2022 — A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. Se encontró una vulnerabilidad en X.Org. Esta falla de seguridad se produce porque el controlador de la solicitud XIChangeProper... • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3551 – X.org Server xkb.c ProcXkbGetKbdByName memory leak
https://notcve.org/view.php?id=CVE-2022-3551
17 Oct 2022 — A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052. • https://cgit.freedesktop.org/xorg/xserver/commit/?id=18f91b950e22c2a342a4fbc55e9ddf7534a707d2 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-404: Improper Resource Shutdown or Release •
CVSS: 9.0EPSS: 1%CPEs: 6EXPL: 0CVE-2022-3550 – X.org Server xkb.c _GetCountedString buffer overflow
https://notcve.org/view.php?id=CVE-2022-3550
17 Oct 2022 — A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051. • https://cgit.freedesktop.org/xorg/xserver/commit/?id=11beef0b7f1ed290348e45618e5fa0d2bffcb72e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-4009 – X.Org Server SProcXFixesCreatePointerBarrier Out-Of-Bounds Access Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-4009
17 Dec 2021 — A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se ha encontrado un fallo en xorg-x11-server en versiones anteriores a 21.1.2 y anteriores a 1.20.14. Puede producirse un acceso fuera de límites en la función SProcXFixesCreatePointerBarrier. • https://lists.debian.org/debian-lts-announce/2021/12/msg00035.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-4010 – X.Org Server SProcScreenSaverSuspend Out-Of-Bounds Access Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-4010
17 Dec 2021 — A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se ha encontrado un fallo en xorg-x11-server en versiones anteriores a 21.1.2 y anteriores a 1.20.14. Puede producirse un acceso fuera de límites en la función SProcScreenSaverSuspend. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKLSZCY47QK4RCJFXITYFALCGPJAFXOK • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-4011 – X.Org Server SwapCreateRegister Out-Of-Bounds Access Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-4011
17 Dec 2021 — A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se ha encontrado un fallo en xorg-x11-server en versiones anteriores a 21.1.2 y anteriores a 1.20.14. Puede producirse un acceso fuera de límites en la función SwapCreateRegister. • https://lists.debian.org/debian-lts-announce/2021/12/msg00035.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-4008 – X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-4008
15 Dec 2021 — A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se ha encontrado un fallo en xorg-x11-server en versiones anteriores a 21.1.2 y anteriores a 1.20.14. Puede producirse un acceso fuera de límites en la función SProcRenderCompositeGlyphs. • https://lists.debian.org/debian-lts-announce/2021/12/msg00035.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-3472 – X.Org Server XChangeFeedbackControl Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-3472
14 Apr 2021 — A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en xorg-x11-server en versiones anteriores a 1.20.11. Se puede producir un subdesbordamiento de enteros en xserver que puede conllevar a una escalada de privilegios local. • http://www.openwall.com/lists/oss-security/2021/04/13/1 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-25712 – X.Org Server XkbSetDeviceInfo Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-25712
07 Dec 2020 — A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en xorg-x11-server versiones anteriores a 1.20.10. Un desbordamiento del búfer de la pila en la función XkbSetDeviceInfo puede causar una vulnerabilidad de escalada de privilegios. • https://bugzilla.redhat.com/show_bug.cgi?id=1887276 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14360 – X.Org Server XkbSetMap Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-14360
01 Dec 2020 — A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en el servidor X.Org anterior a la versión 1.20.10. Un acceso fuera de límites en la función XkbSetMap puede conllevar a una vulnerabilidad de escalada de privilegios. • https://bugzilla.redhat.com/show_bug.cgi?id=1869139 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •