Product:

Xorg\-Server

(X\.org)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 47
Date Id Summary Products Score Patch Annotated
2020-08-05 CVE-2020-14347 A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable. Ubuntu_linux, Debian_linux, Xorg\-Server 5.5
2020-09-15 CVE-2020-14346 A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Ubuntu_linux, Enterprise_linux, Xorg\-Server 7.8
2020-09-15 CVE-2020-14361 A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Ubuntu_linux, Enterprise_linux, Xorg\-Server 7.8
2020-09-15 CVE-2020-14362 A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Ubuntu_linux, Enterprise_linux, Xorg\-Server 7.8
2022-09-01 CVE-2022-2319 A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length. Xorg\-Server 7.8
2022-09-01 CVE-2022-2320 A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root. Xorg\-Server 7.8
2022-12-14 CVE-2022-4283 A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. Debian_linux, Fedora, Enterprise_linux, Xorg\-Server 7.8