Page 2 of 45 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en xorg-x11-server versiones anteriores a 1.20.9. Un subdesbordamiento de enteros en la decodificación del protocolo de extensión de entrada X en el servidor X puede conllevar a un acceso arbitrario al contenido de la memoria. • https://bugzilla.redhat.com/show_bug.cgi?id=1862246 https://lists.x.org/archives/xorg-announce/2020-August/003058.html https://security.gentoo.org/glsa/202012-01 https://usn.ubuntu.com/4488-2 https://www.zerodayinitiative.com/advisories/ZDI-20-1417 https://access.redhat.com/security/cve/CVE-2020-14346 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en X.Org Server versiones anteriores a xorg-x11-server 1.20.9. Un subdesbordamiento de enteros que conlleva a un desbordamiento del búfer de la pila puede conllevar a una vulnerabilidad de escalada de privilegios. • https://bugzilla.redhat.com/show_bug.cgi?id=1869142 https://lists.x.org/archives/xorg-announce/2020-August/003058.html https://security.gentoo.org/glsa/202012-01 https://usn.ubuntu.com/4488-2 https://www.zerodayinitiative.com/advisories/ZDI-20-1418 https://access.redhat.com/security/cve/CVE-2020-14361 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en X.Org Server versiones anteriores a xorg-x11-server 1.20.9. Un subdesbordamiento de enteros que conlleva a un desbordamiento del búfer de la pila puede conllevar a una vulnerabilidad de escalada de privilegios. • https://bugzilla.redhat.com/show_bug.cgi?id=1869144 https://lists.x.org/archives/xorg-announce/2020-August/003058.html https://security.gentoo.org/glsa/202012-01 https://usn.ubuntu.com/4488-2 https://www.zerodayinitiative.com/advisories/ZDI-20-1419 https://access.redhat.com/security/cve/CVE-2020-14362 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable. Se encontró un fallo en la manera en que la memoria de xserver no fue inicializada apropiadamente. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00066.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00075.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14347 https://lists.debian.org/debian-lts-announce/2020/08/msg00057.html https://lists.x.org/archives/xorg-announce/2020-July/003051.html https://security.gentoo.org/glsa/202012-01 https://usn.ubuntu.com/4488-1 https://usn.ubuntu.com/4488-2 https://www.debian.org/security&#x • CWE-665: Improper Initialization •

CVSS: 7.2EPSS: 4%CPEs: 11EXPL: 11

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges. Se ha descubierto un problema en versiones anteriores a la 1.20.3 de xorg-x11-server. Hay una comprobación incorrecta de permisos para las opciones -modulepath y -logfile al iniciar Xorg. • https://www.exploit-db.com/exploits/45938 https://www.exploit-db.com/exploits/45832 https://www.exploit-db.com/exploits/45922 https://www.exploit-db.com/exploits/45908 https://www.exploit-db.com/exploits/45697 https://www.exploit-db.com/exploits/45742 https://www.exploit-db.com/exploits/46142 https://www.exploit-db.com/exploits/47701 https://github.com/jas502n/CVE-2018-14665 https://github.com/bolonobolo/CVE-2018-14665 http://packetstormsecurity.com/files/154942/ • CWE-271: Privilege Dropping / Lowering Errors CWE-863: Incorrect Authorization •