Vulnerabilities > X ORG
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-24 | CVE-2018-14598 | Improper Input Validation vulnerability in multiple products An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. | 7.5 |
| 2018-07-27 | CVE-2017-2625 | Insufficient Entropy vulnerability in multiple products It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. | 5.5 |
| 2018-07-27 | CVE-2017-2624 | Information Exposure vulnerability in multiple products It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. | 7.0 |
| 2018-01-24 | CVE-2017-12187 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12186 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12185 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12184 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12183 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12182 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12181 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |