X.Org X Server vulnerabilities
89 known vulnerabilities affecting x.org/x_server.
Total CVEs
89
CISA KEV
0
Public exploits
3
Exploited in wild
2
Severity breakdown
CRITICAL14HIGH49MEDIUM23LOW3
Vulnerabilities
Page 4 of 5
CVE-2020-25712P3HIGHCVSS 7.8fixed in 1.20.102020-12-15
CVE-2020-25712 [HIGH] CWE-122 CVE-2020-25712: A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may l
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
nvd
CVE-2014-8095P3MEDIUMCVSS 6.5≤ 1.16.2.99.9012014-12-10
CVE-2014-8095 [MEDIUM] CWE-119 CVE-2014-8095: The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and
The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXChangeDeviceControl, (2) ProcXChangeDeviceCo
nvd
CVE-2014-8099P3MEDIUMCVSS 6.5≤ 1.16.2.99.9012014-12-10
CVE-2014-8099 [MEDIUM] CWE-119 CVE-2014-8099: The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Serve
The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXvQueryExtension, (2) SProc
nvd
CVE-2014-8092P3MEDIUMCVSS 6.5≤ 1.16.2.99.9012014-12-10
CVE-2014-8092 [MEDIUM] CVE-2014-8092: Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserv
Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which t
nvd
CVE-2014-8100P3MEDIUMCVSS 6.5≤ 1.16.2.99.9012014-12-10
CVE-2014-8100 [MEDIUM] CWE-119 CVE-2014-8100: The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Serve
The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcRenderQueryVersion, (2) SPro
nvd
CVE-2017-10972P3MEDIUMCVSS 6.5≤ 1.19.32017-07-06
CVE-2017-10972 [MEDIUM] CWE-665 CVE-2017-10972: Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017
Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server.
nvd
CVE-2014-8102P3MEDIUMCVSS 6.5≤ 1.16.2.99.9012014-12-10
CVE-2014-8102 [MEDIUM] CWE-119 CVE-2014-8102: The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X
The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length value.
nvd
CVE-2014-8101P3MEDIUMCVSS 6.5≤ 1.16.2.99.9012014-12-10
CVE-2014-8101 [MEDIUM] CWE-119 CVE-2014-8101: The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server
The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcRRQueryVersion, (2) SProcRRG
nvd
CVE-2014-8093P3MEDIUMCVSS 6.5≤ 1.16.22014-12-10
CVE-2014-8093 [MEDIUM] CVE-2014-8093: Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X)
Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) __glXDisp_ReadPixels, (2) __glXDispSwap_ReadPixels,
nvd
CVE-2017-13723P3HIGHCVSS 7.8≤ 1.19.32017-10-10
CVE-2017-13723 [HIGH] CWE-119 CVE-2017-13723: In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.
nvd
CVE-2014-8103P3MEDIUMCVSS 6.5v1.15.0v1.15.0.901+13 more2014-12-10
CVE-2014-8103 [MEDIUM] CWE-119 CVE-2014-8103: X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authent
X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) sproc_dri3_query_version, (2) sproc_dri3_open, (3) sproc_dri3_pixmap_from_buffer, (4) sproc_dri3_bu
nvd
CVE-2015-3418P4HIGHCVSS 7.5≤ 1.16.32016-12-13
CVE-2015-3418 [HIGH] CWE-369 CVE-2015-3418: The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.1
The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.
nvd
CVE-2014-8096P4MEDIUMCVSS 6.5≤ 1.16.2.99.9012014-12-10
CVE-2014-8096 [MEDIUM] CWE-119 CVE-2014-8096: The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X)
The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value.
nvd
CVE-2014-8097P4MEDIUMCVSS 6.5≤ 1.16.2.99.9012014-12-10
CVE-2014-8097 [MEDIUM] CWE-119 CVE-2014-8097: The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and
The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcDbeSwapBuffers or (2) SProcDbeSwapBuffers functi
nvd
CVE-2014-8094P4MEDIUMCVSS 6.5v1.7.0v1.7.0.901+153 more2014-12-10
CVE-2014-8094 [MEDIUM] CWE-190 CVE-2014-8094: Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserv
Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, which triggers an out-of-bounds read or write.
nvd
CVE-2011-4029P4LOWCVSS 1.9PoC≤ 1.11.1v1.11.02012-07-03
CVE-2011-4029 [LOW] CWE-362 CVE-2011-4029: The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change th
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
nvd
CVE-2023-5574P4HIGHCVSS 7.0≥ 1.13.02023-10-25
CVE-2023-5574 [HIGH] CWE-416 CVE-2023-5574: A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very speci
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, all
nvd
CVE-2022-3551P4MEDIUMCVSS 6.5fixed in 21.1.62022-10-17
CVE-2022-3551 [MEDIUM] CWE-404 CVE-2022-3551: A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by th
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.
nvd
CVE-2015-0255P4MEDIUMCVSS 6.4≤ 1.16.3v1.17.02015-02-13
CVE-2015-0255 [MEDIUM] CWE-200 CVE-2015-0255: X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote atta
X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.
nvd
CVE-2017-2624P4HIGHCVSS 7.0≤ 1.19.42018-07-27
CVE-2017-2624 [HIGH] CWE-385 CVE-2017-2624: It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT co
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which
nvd