Vulnerabilities > X ORG > High

DATE CVE VULNERABILITY TITLE RISK
2020-09-15 CVE-2020-14362 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
A flaw was found in X.Org Server before xorg-x11-server 1.20.9.
local
low complexity
x-org redhat canonical CWE-191
7.8
7.8
2020-09-15 CVE-2020-14361 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
A flaw was found in X.Org Server before xorg-x11-server 1.20.9.
local
low complexity
x-org redhat canonical CWE-191
7.8
7.8
2020-09-15 CVE-2020-14346 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
A flaw was found in xorg-x11-server before 1.20.9.
local
low complexity
x-org redhat canonical CWE-191
7.8
7.8
2020-09-15 CVE-2020-14345 A flaw was found in X.Org Server before xorg-x11-server 1.20.9.
local
low complexity
x-org canonical
7.8
7.8
2020-09-11 CVE-2020-14363 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow vulnerability leading to a double-free was found in libX11.
local
low complexity
x-org fedoraproject CWE-190
7.8
7.8
2019-10-16 CVE-2019-17624 Out-of-bounds Write vulnerability in X.Org X Server
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap.
local
low complexity
x-org CWE-787
7.8
7.8
2018-08-24 CVE-2018-14598 Improper Input Validation vulnerability in multiple products
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5.
network
low complexity
x-org debian canonical fedoraproject CWE-20
7.5
7.5
2018-07-27 CVE-2017-2624 Information Exposure vulnerability in multiple products
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies.
local
high complexity
x-org debian CWE-200
7.0
7.0
2017-10-11 CVE-2017-13722 Out-of-bounds Read vulnerability in X.Org Libxfont 2.0.0/2.0.1
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.
local
low complexity
x-org CWE-125
7.1
7.1
2017-10-11 CVE-2017-13720 Out-of-bounds Read vulnerability in X.Org Libxfont 2.0.0/2.0.1
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service).
local
low complexity
x-org CWE-125
7.1
7.1