Filtered by vendor Xfree86 Project
Subscribe
Total
39 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3739 | 2 X.org, Xfree86 Project | 2 X.org, Xfree86 X | 2025-04-03 | 7.2 HIGH | N/A |
| Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow. | |||||
| CVE-2004-0419 | 3 Gentoo, X.org, Xfree86 Project | 3 Linux, X11r6, Xdm | 2025-04-03 | 7.5 HIGH | N/A |
| XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. | |||||
| CVE-1999-0126 | 1 Xfree86 Project | 1 Xfree86 | 2025-04-03 | 7.2 HIGH | N/A |
| SGI IRIX buffer overflow in xterm and Xaw allows root access. | |||||
| CVE-2001-1178 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable. | |||||
| CVE-2004-0084 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106. | |||||
| CVE-2005-0605 | 8 Altlinux, Lesstif, Mandrakesoft and 5 more | 11 Alt Linux, Lesstif, Mandrake Linux and 8 more | 2025-04-03 | 7.5 HIGH | N/A |
| scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. | |||||
| CVE-2003-0071 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 2.1 LOW | N/A |
| The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | |||||
| CVE-2004-0093 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.5 HIGH | N/A |
| XFree86 4.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an out-of-bounds array index when using the GLX extension and Direct Rendering Infrastructure (DRI). | |||||
| CVE-2004-0688 | 4 Openbsd, Suse, X.org and 1 more | 4 Openbsd, Suse Linux, X11r6 and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file. | |||||
| CVE-2001-0955 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title. | |||||
| CVE-2001-1179 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.2 HIGH | N/A |
| xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. | |||||
| CVE-1999-0433 | 5 Netbsd, Redhat, Slackware and 2 more | 5 Netbsd, Linux, Slackware Linux and 2 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||||
| CVE-2000-0476 | 4 Michael Jennings, Putty, Rxvt and 1 more | 4 Eterm, Putty, Rxvt and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized. | |||||
| CVE-2000-0285 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter. | |||||
| CVE-2004-0083 | 2 Openbsd, Xfree86 Project | 2 Openbsd, X11r6 | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106. | |||||
| CVE-2000-0620 | 2 Open Group, Xfree86 Project | 2 X, X11r6 | 2025-04-03 | 5.0 MEDIUM | N/A |
| libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop. | |||||
| CVE-2003-0730 | 2 Netbsd, Xfree86 Project | 2 Netbsd, X11r6 | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | |||||
| CVE-2000-0976 | 1 Xfree86 Project | 1 Xlib | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via a long DISPLAY environment variable or a -display command line parameter. | |||||
| CVE-2001-1409 | 1 Xfree86 Project | 1 Xfree86 X Server | 2025-04-03 | 3.6 LOW | N/A |
| dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system. | |||||