Vulnerabilities > X ORG > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-24 | CVE-2017-12181 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12180 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12179 | Integer Overflow or Wraparound vulnerability in multiple products xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12178 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12177 | Integer Overflow or Wraparound vulnerability in multiple products xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2018-01-24 | CVE-2017-12176 | Improper Input Validation vulnerability in multiple products xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code. | 9.8 |
| 2017-02-01 | CVE-2016-10164 | Integer Overflow or Wraparound vulnerability in X.Org Libxpm Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow. | 9.8 |
| 2016-12-13 | CVE-2016-7953 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string. | 9.8 |
| 2016-12-13 | CVE-2016-7950 | Out-of-bounds Write vulnerability in multiple products The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths. | 9.8 |
| 2016-12-13 | CVE-2016-7949 | Out-of-bounds Write vulnerability in multiple products Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields. | 9.8 |