cbcvebase.

X.Org X Server vulnerabilities

89 known vulnerabilities affecting x.org/x_server.

Total CVEs
89
CISA KEV
0
Public exploits
3
Exploited in wild
2
Severity breakdown
CRITICAL14HIGH49MEDIUM23LOW3

Vulnerabilities

Page 3 of 5
CVE-2021-3472P3HIGHCVSS 7.8fixed in 1.20.112021-04-26
CVE-2021-3472 [HIGH] CWE-191 CVE-2021-3472: A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xs A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2020-14346P3HIGHCVSS 7.8fixed in 1.20.92020-09-15
CVE-2020-14346 [HIGH] CWE-191 CVE-2020-14346: A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension pro A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2023-5367P3HIGHCVSS 7.8fixed in 21.1.92023-10-25
CVE-2023-5367 [HIGH] CWE-787 CVE-2023-5367: A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect c A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.
nvd
CVE-2020-14345P3HIGHCVSS 7.8fixed in 1.20.92020-09-15
CVE-2020-14345 [HIGH] CWE-119 CVE-2020-14345: A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNam A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2021-4009P3HIGHCVSS 7.8fixed in 1.20.14v21.1.0+1 more2021-12-17
CVE-2021-4009 [HIGH] CWE-119 CVE-2021-4009: A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds a A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2021-4010P3HIGHCVSS 7.8fixed in 1.20.14v21.1.0+1 more2021-12-17
CVE-2021-4010 [HIGH] CWE-119 CVE-2021-4010: A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds a A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2021-4011P3HIGHCVSS 7.8fixed in 1.20.14v21.1.0+1 more2021-12-17
CVE-2021-4011 [HIGH] CWE-119 CVE-2021-4011: A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds a A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2021-4008P3HIGHCVSS 7.8fixed in 1.20.14v21.1.0+1 more2021-12-17
CVE-2021-4008 [HIGH] CWE-119 CVE-2021-4008: A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds a A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2025-26596P3HIGHCVSS 7.8fixed in 21.1.162025-02-25
CVE-2025-26596 [HIGH] CWE-787 CVE-2025-26596: A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySym A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.
nvd
CVE-2022-49737P3HIGHCVSS 7.7≥ 20.11, ≤ 21.1.162025-03-16
CVE-2022-49737 [HIGH] CWE-413 CVE-2022-49737: In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gesture In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by the input thread without acquiring a lock, aka a race condition. In particular, AttachDevice in dix/devices.c does not acquire an input lock.
nvd
CVE-2020-14361P3HIGHCVSS 7.8fixed in 1.20.92020-09-15
CVE-2020-14361 [HIGH] CWE-191 CVE-2020-14361: A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2022-2319P3HIGHCVSS 7.8v21.1.02022-09-01
CVE-2022-2319 [HIGH] CWE-1320 CVE-2022-2319: A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGe A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
nvd
CVE-2020-14360P3HIGHCVSS 7.8fixed in 1.20.102021-01-20
CVE-2020-14360 [HIGH] CWE-119 CVE-2020-14360: A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMa A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2025-26600P3HIGHCVSS 7.8fixed in 21.1.162025-02-25
CVE-2025-26600 [HIGH] CWE-416 CVE-2025-26600: A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.
nvd
CVE-2025-26594P3HIGHCVSS 7.8fixed in 21.1.162025-02-25
CVE-2025-26594 [HIGH] CWE-416 CVE-2025-26594: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.
nvd
CVE-2020-14362P3HIGHCVSS 7.8fixed in 1.20.92020-09-15
CVE-2020-14362 [HIGH] CWE-191 CVE-2020-14362: A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2025-26601P3HIGHCVSS 7.8fixed in 21.1.162025-02-25
CVE-2025-26601 [HIGH] CWE-416 CVE-2025-26601: A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the cha A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing
nvd
CVE-2014-8098P3MEDIUMCVSS 6.5≤ 1.16.2.99.9012014-12-10
CVE-2014-8098 [MEDIUM] CWE-119 CVE-2014-8098: The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (ak The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) __glXDisp_Render, (2) __glXDisp_Rende
nvd
CVE-2025-26599P3HIGHCVSS 7.8fixed in 21.1.162025-02-25
CVE-2025-26599 [HIGH] CWE-824 CVE-2025-26599: An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRe An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an unini
nvd
CVE-2024-0409P3HIGHCVSS 7.8fixed in 21.1.112024-01-18
CVE-2024-0409 [HIGH] CWE-787 CVE-2024-0409: A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong typ A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
nvd
X.Org X Server vulnerabilities | cvebase