Filtered by vendor X.org Subscriptions
Filtered by product Xorg-server Subscriptions
Total 47 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-14362 3 Canonical, Redhat, X.org 3 Ubuntu Linux, Enterprise Linux, Xorg-server 2024-08-04 7.8 High
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14347 4 Canonical, Debian, Redhat and 1 more 4 Ubuntu Linux, Debian Linux, Enterprise Linux and 1 more 2024-08-04 5.5 Medium
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
CVE-2020-14346 3 Canonical, Redhat, X.org 3 Ubuntu Linux, Enterprise Linux, Xorg-server 2024-08-04 7.8 High
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2022-4283 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2024-08-03 7.8 High
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
CVE-2022-2319 2 Redhat, X.org 2 Enterprise Linux, Xorg-server 2024-08-03 7.8 High
A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
CVE-2022-2320 2 Redhat, X.org 2 Enterprise Linux, Xorg-server 2024-08-03 7.8 High
A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root.
CVE-2023-1393 3 Fedoraproject, Redhat, X.org 7 Fedora, Enterprise Linux, Rhel Aus and 4 more 2024-08-02 7.8 High
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.