Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-01-24 CVE-2017-12186 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
9.8
2018-01-24 CVE-2017-12185 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
9.8
2018-01-24 CVE-2017-12184 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
9.8
2018-01-24 CVE-2017-12183 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
9.8
2018-01-24 CVE-2017-12182 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
9.8
2018-01-24 CVE-2017-12181 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
9.8
2018-01-24 CVE-2017-12180 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
9.8
2018-01-24 CVE-2017-12179 Integer Overflow or Wraparound vulnerability in multiple products
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-190
critical
9.8
2018-01-24 CVE-2017-12178 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
9.8
2018-01-24 CVE-2017-12177 Integer Overflow or Wraparound vulnerability in multiple products
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-190
critical
9.8