Search CVE reports
131 – 140 of 149 results
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics...
2 affected packages
libxfont, xorg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libxfont | — | — | — | — |
| xorg | — | — | — | — |
Some fixes available 17 of 18
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial...
4 affected packages
xorg, freetype, libxfont, ia32-libs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | — | — |
| freetype | — | — | — | — |
| libxfont | — | — | — | — |
| ia32-libs | — | — | — | — |
Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests...
2 affected packages
xorg, xorg-server
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | — | — |
| xorg-server | — | — | — | — |
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended...
1 affected package
xorg-server
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg-server | — | — | — | — |
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
1 affected package
xorg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | — | — |
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
5 affected packages
lesstif1-1, lesstif2, openmotif, xorg, xterm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| lesstif1-1 | — | — | — | — |
| lesstif2 | — | — | — | — |
| openmotif | — | — | — | — |
| xorg | — | — | — | — |
| xterm | — | — | — | — |
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5)...
4 affected packages
xorg, lesstif1-1, lesstif2, openmotif
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | — | — |
| lesstif1-1 | — | — | — | — |
| lesstif2 | — | — | — | — |
| openmotif | — | — | — | — |
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute...
4 affected packages
lesstif1-1, lesstif2, openmotif, xorg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| lesstif1-1 | — | — | — | — |
| lesstif2 | — | — | — | — |
| openmotif | — | — | — | — |
| xorg | — | — | — | — |
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM...
2 affected packages
openmotif, xorg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openmotif | — | — | — | — |
| xorg | — | — | — | — |
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
1 affected package
xorg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | — | — |