Vulnerabilities > X ORG
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-06 | CVE-2017-10971 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in X.Org Xorg-Server In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events. | 8.8 |
| 2017-02-01 | CVE-2016-10164 | Integer Overflow or Wraparound vulnerability in X.Org Libxpm Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow. | 9.8 |
| 2016-12-13 | CVE-2016-7953 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string. | 9.8 |
| 2016-12-13 | CVE-2016-7952 | Improper Access Control vulnerability in multiple products X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data. | 7.5 |
| 2016-12-13 | CVE-2016-7950 | Out-of-bounds Write vulnerability in multiple products The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths. | 9.8 |
| 2016-12-13 | CVE-2016-7949 | Out-of-bounds Write vulnerability in multiple products Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields. | 9.8 |
| 2016-12-13 | CVE-2016-7948 | Out-of-bounds Write vulnerability in multiple products X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data. | 9.8 |
| 2016-12-13 | CVE-2016-7947 | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response. | 9.8 |
| 2016-12-13 | CVE-2016-7946 | Improper Access Control vulnerability in multiple products X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields. | 7.5 |
| 2016-12-13 | CVE-2016-7945 | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields. | 7.5 |