X.org : Security Vulnerabilities, CVEs, (Gain Privilege) CVSS score >= 1
A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.
Max CVSS
7.8
EPSS Score
21.00%
Published
2023-12-13
Updated
2024-01-31
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-03-30
Updated
2023-08-02
A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-04-26
Updated
2021-05-19
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.06%
Published
2020-12-15
Updated
2020-12-16
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
Max CVSS
7.0
EPSS Score
0.05%
Published
2021-05-26
Updated
2023-02-12
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.05%
Published
2020-09-15
Updated
2022-11-03
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.05%
Published
2020-09-15
Updated
2022-11-03
A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.05%
Published
2021-01-20
Updated
2021-01-26
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Max CVSS
7.8
EPSS Score
0.05%
Published
2020-09-15
Updated
2022-10-07
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
Max CVSS
7.5
EPSS Score
0.98%
Published
2016-12-13
Updated
2016-12-15
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
Max CVSS
7.5
EPSS Score
1.02%
Published
2016-12-13
Updated
2017-07-01
11 vulnerabilities found