Max CVSS 2.1 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-2625 2.1
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing
12-02-2023 - 23:29 27-07-2018 - 18:29
CVE-2017-2626 2.1
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
12-02-2023 - 23:29 27-07-2018 - 19:29
CVE-2017-2624 1.9
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations ret
09-10-2019 - 23:26 27-07-2018 - 18:29
Back to Top Mark selected
Back to Top