Vulnerabilities > X ORG > Xorg Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-18 | CVE-2024-0408 | A flaw was found in the X.Org server. | 5.5 |
| 2020-08-05 | CVE-2020-14347 | Improper Initialization vulnerability in multiple products A flaw was found in the way xserver memory was not properly initialized. | 5.5 |
| 2017-10-10 | CVE-2017-13723 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp. | 4.6 |
| 2017-07-06 | CVE-2017-10972 | Improper Initialization vulnerability in X.Org Xorg-Server Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server. | 4.0 |
| 2017-07-06 | CVE-2017-10971 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in X.Org Xorg-Server In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events. | 6.5 |
| 2015-02-13 | CVE-2015-0255 | Information Exposure vulnerability in multiple products X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request. | 6.4 |
| 2007-09-11 | CVE-2007-4730 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in X.Org Xorg-Server Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. | 4.3 |