Max CVSS 7.5 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-2624 1.9
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations ret
09-10-2019 - 23:26 27-07-2018 - 18:29
CVE-2017-2625 2.1
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing
09-10-2019 - 23:26 27-07-2018 - 18:29
CVE-2017-2626 2.1
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
14-07-2019 - 21:15 27-07-2018 - 19:29
CVE-2016-7942 7.5
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
13-09-2018 - 10:29 13-12-2016 - 20:59
CVE-2016-7943 7.5
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.
13-09-2018 - 10:29 13-12-2016 - 20:59
CVE-2016-7949 7.5
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7945 5.0
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7953 7.5
Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7944 7.5
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7948 7.5
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7950 7.5
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7947 7.5
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7946 5.0
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-5407 7.5
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.
01-07-2017 - 01:29 13-12-2016 - 20:59
Back to Top Mark selected
Back to Top