cbcvebase.

X.Org Xorg-Server vulnerabilities

124 known vulnerabilities affecting x.org/xorg-server.

Total CVEs
124
CISA KEV
0
Public exploits
5
Exploited in wild
2
Severity breakdown
CRITICAL21HIGH58MEDIUM38LOW7

Vulnerabilities

Page 7 of 7
CVE-2011-4028P4LOWCVSS 1.2≥ 0, < 2:1.11.1.901-22012-07-03
CVE-2011-4028 [LOW] CVE-2011-4028: The LockServer function in os/utils The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.
osv
CVE-2006-1526P4LOWCVSS 2.1≥ 0, < 1:1.0.2-82006-05-02
CVE-2006-1526 [LOW] CVE-2006-1526: Buffer overflow in the X render (Xrender) extension in X Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory allocation due to a typo in an expression that uses a "&" instead of a "*" operator. NOTE: the subject
osv
CVE-2013-1056P4LOWCVSS 1.9≥ 0, < 2:1.14.4-1ubuntu22013-10-16
CVE-2013-1056 [LOW] CVE-2013-1056: X X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files.
osv
CVE-2013-1940P4LOWCVSS 2.1≥ 0, < 2:1.12.4-62013-05-13
CVE-2013-1940 [LOW] CVE-2013-1940: X X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty.
osv
X.Org Xorg-Server vulnerabilities | cvebase