Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2016-12-13 CVE-2016-7950 Out-of-bounds Write vulnerability in multiple products
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
network
low complexity
x-org fedoraproject CWE-787
critical
 9.8
9.8
2016-12-13 CVE-2016-7949 Out-of-bounds Write vulnerability in multiple products
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
network
low complexity
x-org fedoraproject CWE-787
critical
 9.8
9.8
2016-12-13 CVE-2016-7948 Out-of-bounds Write vulnerability in multiple products
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
network
low complexity
x-org fedoraproject CWE-787
critical
 9.8
9.8
2016-12-13 CVE-2016-7947 Integer Overflow or Wraparound vulnerability in multiple products
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
network
low complexity
fedoraproject x-org CWE-190
critical
 9.8
9.8
2016-12-13 CVE-2016-7946 Improper Access Control vulnerability in multiple products
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
network
low complexity
x-org fedoraproject CWE-284
7.5
7.5
2016-12-13 CVE-2016-7945 Integer Overflow or Wraparound vulnerability in multiple products
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
network
low complexity
fedoraproject x-org CWE-190
7.5
7.5
2016-12-13 CVE-2016-7944 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
network
low complexity
x-org fedoraproject CWE-190
critical
 9.8
9.8
2016-12-13 CVE-2016-7943 Out-of-bounds Write vulnerability in multiple products
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.
network
low complexity
fedoraproject x-org CWE-787
critical
 9.8
9.8
2016-12-13 CVE-2016-7942 Out-of-bounds Write vulnerability in multiple products
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
network
low complexity
fedoraproject x-org CWE-787
critical
 9.8
9.8
2016-12-13 CVE-2016-5407 Out-of-bounds Read vulnerability in multiple products
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.
network
low complexity
x-org fedoraproject CWE-125
critical
 9.8
9.8