cbcvebase.

X.Org X Server vulnerabilities

89 known vulnerabilities affecting x.org/x_server.

Total CVEs
89
CISA KEV
0
Public exploits
3
Exploited in wild
2
Severity breakdown
CRITICAL14HIGH49MEDIUM23LOW3

Vulnerabilities

Page 1 of 5
CVE-2018-14665P1MEDIUMCVSS 6.6ExploitedPoCRansomwarefixed in 1.20.32018-10-25
CVE-2018-14665 [MEDIUM] CWE-863 CVE-2018-14665: A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
nvd
CVE-2023-1393P3HIGHCVSS 7.8Exploitedfixed in 21.1.82023-03-30
CVE-2023-1393 [HIGH] CWE-416 CVE-2023-1393: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escala A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
nvd
CVE-2019-17624P3HIGHCVSS 7.8PoC≤ 1.20.42019-10-16
CVE-2019-17624 [HIGH] CWE-787 CVE-2019-17624: "" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. Fo "" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly have unspecified other impact. Note: It is disputed if the X.Org X Server is involved or if there is a stack overflow.
nvd
CVE-2022-46341P3HIGHCVSS 8.8v1.20.42022-12-14
CVE-2022-46341 [HIGH] CWE-787 CVE-2022-46341: A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveU A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
nvd
CVE-2022-46340P3HIGHCVSS 8.8v1.20.42022-12-14
CVE-2022-46340 [HIGH] CWE-787 CVE-2022-46340: A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTest A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running p
nvd
CVE-2022-46343P3HIGHCVSS 8.8v1.20.42022-12-14
CVE-2022-46343 [HIGH] CWE-416 CVE-2022-46343: A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSave A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
nvd
CVE-2017-12186P3CRITICALCVSS 9.8fixed in 1.19.52018-01-24
CVE-2017-12186 [CRITICAL] CWE-391 CVE-2017-12186: xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicio xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
nvd
CVE-2017-12185P3CRITICALCVSS 9.8fixed in 1.19.52018-01-24
CVE-2017-12185 [CRITICAL] CWE-391 CVE-2017-12185: xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing m xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
nvd
CVE-2017-12180P3CRITICALCVSS 9.8fixed in 1.19.52018-01-24
CVE-2017-12180 [CRITICAL] CWE-391 CVE-2017-12180: xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing mal xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
nvd
CVE-2017-12182P3CRITICALCVSS 9.8fixed in 1.19.52018-01-24
CVE-2017-12182 [CRITICAL] CWE-391 CVE-2017-12182: xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malici xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
nvd
CVE-2017-12181P3CRITICALCVSS 9.8fixed in 1.19.52018-01-24
CVE-2017-12181 [CRITICAL] CWE-391 CVE-2017-12181: xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malici xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
nvd
CVE-2017-12183P3CRITICALCVSS 9.8fixed in 1.19.52018-01-24
CVE-2017-12183 [CRITICAL] CWE-391 CVE-2017-12183: xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
nvd
CVE-2017-12184P3CRITICALCVSS 9.8fixed in 1.19.52018-01-24
CVE-2017-12184 [CRITICAL] CWE-391 CVE-2017-12184: xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
nvd
CVE-2017-12176P3CRITICALCVSS 9.8fixed in 1.19.52018-01-24
CVE-2017-12176 [CRITICAL] CWE-391 CVE-2017-12176: xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection functio xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
nvd
CVE-2022-46344P3HIGHCVSS 8.8v1.20.42022-12-14
CVE-2022-46344 [HIGH] CWE-125 CVE-2022-46344: A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangePr A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution
nvd
CVE-2017-12187P3CRITICALCVSS 9.8fixed in 1.19.52018-01-24
CVE-2017-12187 [CRITICAL] CWE-391 CVE-2017-12187: xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
nvd
CVE-2017-12178P3CRITICALCVSS 9.8fixed in 1.19.52018-01-24
CVE-2017-12178 [CRITICAL] CWE-391 CVE-2017-12178: xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowin xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
nvd
CVE-2023-6816P3CRITICALCVSS 9.8fixed in 21.1.112024-01-18
CVE-2023-6816 [CRITICAL] CWE-787 CVE-2023-6816: A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit f A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
nvd
CVE-2017-10971P3HIGHCVSS 8.8≤ 1.19.32017-07-06
CVE-2017-10971 [HIGH] CWE-119 CVE-2017-10971: In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.
nvd
CVE-2022-3550P3HIGHCVSS 8.8fixed in 21.1.62022-10-17
CVE-2022-3550 [HIGH] CWE-119 CVE-2022-3550: A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051.
nvd
X.Org X Server vulnerabilities | cvebase