Filtered by vendor X
Subscribe
Total
52 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1981 | 2 Canonical, X | 2 Ubuntu Linux, Libx11 | 2026-04-29 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. | |||||
| CVE-2010-4819 | 1 X | 1 X.org-xserver | 2026-04-29 | 3.6 LOW | N/A |
| The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and earlier allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization flaw." | |||||
| CVE-2013-4396 | 1 X | 1 X.org X11 | 2026-04-29 | 6.5 MEDIUM | N/A |
| Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure. | |||||
| CVE-2013-2000 | 1 X | 1 Libxxf86dga | 2026-04-29 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions. | |||||
| CVE-2013-1992 | 1 X | 1 Libdmx | 2026-04-29 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) DMXGetScreenAttributes, (2) DMXGetWindowAttributes, and (3) DMXGetInputAttributes functions. | |||||
| CVE-2013-1985 | 1 X | 1 Libxinerama | 2026-04-29 | 6.8 MEDIUM | N/A |
| Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function. | |||||
| CVE-2013-1982 | 1 X | 1 Libxext | 2026-04-29 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions. | |||||
| CVE-2013-1991 | 1 X | 1 Libxxf86dga | 2026-04-29 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XDGAQueryModes and (2) XDGASetMode functions. | |||||
| CVE-2010-1166 | 1 X | 1 X.org | 2026-04-29 | 7.1 HIGH | N/A |
| The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request, related to an incorrect macro definition. | |||||
| CVE-2013-2064 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2026-04-29 | 6.8 MEDIUM | N/A |
| Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function. | |||||
| CVE-2013-1940 | 2 Canonical, X | 2 Ubuntu Linux, X.org-xserver | 2026-04-29 | 2.1 LOW | N/A |
| X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty. | |||||
| CVE-2013-1999 | 1 X | 1 Libxvmc | 2026-04-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function. | |||||
| CVE-2013-1988 | 1 X | 1 Libxres | 2026-04-29 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions. | |||||
| CVE-2011-0465 | 2 Matthias Hopf, X | 2 Xrdb, X11 | 2026-04-29 | 9.3 HIGH | N/A |
| xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message. | |||||
| CVE-2013-1993 | 2 Mesa3d, X | 2 Mesa, Libglx | 2026-04-29 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions. | |||||
| CVE-2013-2005 | 1 X | 1 Libxt | 2026-04-29 | 6.8 MEDIUM | N/A |
| X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions. | |||||
| CVE-2013-2003 | 1 X | 1 Libxcursor | 2026-04-29 | 6.8 MEDIUM | N/A |
| Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function. | |||||
| CVE-2013-2063 | 1 X | 1 Libxtst | 2026-04-29 | 6.8 MEDIUM | N/A |
| Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function. | |||||
| CVE-2013-1983 | 1 X | 1 Libxfixes | 2026-04-29 | 6.8 MEDIUM | N/A |
| Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function. | |||||
| CVE-2011-2895 | 5 Freebsd, Freetype, Netbsd and 2 more | 5 Freebsd, Freetype, Netbsd and 2 more | 2026-04-29 | 9.3 HIGH | N/A |
| The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896. | |||||