Filtered by vendor X.org
Subscriptions
Total
144 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-1393 | 3 Fedoraproject, Redhat, X.org | 7 Fedora, Enterprise Linux, Rhel Aus and 4 more | 2024-08-02 | 7.8 High |
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later. | ||||
CVE-2023-0494 | 3 Fedoraproject, Redhat, X.org | 22 Fedora, Enterprise Linux, Enterprise Linux Aus and 19 more | 2024-08-02 | 7.8 High |
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions. | ||||
CVE-1999-0965 | 1 X.org | 1 Xterm | 2024-08-01 | N/A |
Race condition in xterm allows local users to modify arbitrary files via the logging option. | ||||
CVE-1999-0526 | 1 X.org | 1 X11 | 2024-08-01 | N/A |
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server. |