A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.
Max CVSS
7.8
EPSS Score
21.00%
Published
2023-12-13
Updated
2024-01-31
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-03-30
Updated
2023-08-02
A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-04-26
Updated
2021-05-19
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.06%
Published
2020-12-15
Updated
2020-12-16
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
Max CVSS
7.0
EPSS Score
0.05%
Published
2021-05-26
Updated
2023-02-12
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.05%
Published
2020-09-15
Updated
2022-11-03
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.05%
Published
2020-09-15
Updated
2022-11-03
A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.05%
Published
2021-01-20
Updated
2021-01-26
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.05%
Published
2020-09-15
Updated
2022-10-07
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
Max CVSS
7.5
EPSS Score
0.98%
Published
2016-12-13
Updated
2016-12-15
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
Max CVSS
7.5
EPSS Score
1.02%
Published
2016-12-13
Updated
2017-07-01
11 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!