Vulnerabilities > X ORG > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-18 CVE-2023-6816 Out-of-bounds Write vulnerability in multiple products
A flaw was found in X.Org server.
network
low complexity
x-org fedoraproject redhat debian CWE-787
critical
 9.8
9.8
2021-05-27 CVE-2021-31535 Classic Buffer Overflow vulnerability in multiple products
LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code.
network
low complexity
x-org fedoraproject CWE-120
critical
 9.8
9.8
2018-08-24 CVE-2018-14600 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in libX11 through 1.6.5.
network
low complexity
x-org debian canonical CWE-787
critical
 9.8
9.8
2018-08-24 CVE-2018-14599 Off-by-one Error vulnerability in multiple products
An issue was discovered in libX11 through 1.6.5.
network
low complexity
x-org debian canonical fedoraproject redhat CWE-193
critical
 9.8
9.8
2018-01-24 CVE-2017-12187 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
 9.8
9.8
2018-01-24 CVE-2017-12186 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
 9.8
9.8
2018-01-24 CVE-2017-12185 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
 9.8
9.8
2018-01-24 CVE-2017-12184 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
 9.8
9.8
2018-01-24 CVE-2017-12183 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
 9.8
9.8
2018-01-24 CVE-2017-12182 Improper Input Validation vulnerability in multiple products
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
network
low complexity
debian x-org CWE-20
critical
 9.8
9.8