CVE-2026-50263
- EPSS 0.14%
- Veröffentlicht 05.06.2026 10:36:46
- Zuletzt bearbeitet 08.07.2026 20:16:51
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure.
CVE-2026-50262
- EPSS 0.13%
- Veröffentlicht 05.06.2026 10:36:43
- Zuletzt bearbeitet 08.07.2026 20:16:51
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosu...
CVE-2026-50264
- EPSS 0.15%
- Veröffentlicht 05.06.2026 10:36:37
- Zuletzt bearbeitet 09.07.2026 13:17:27
An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. Thi...
CVE-2026-50261
- EPSS 0.14%
- Veröffentlicht 05.06.2026 10:36:33
- Zuletzt bearbeitet 09.07.2026 13:17:27
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those cou...
CVE-2026-50260
- EPSS 0.15%
- Veröffentlicht 05.06.2026 10:36:30
- Zuletzt bearbeitet 09.07.2026 13:17:26
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. ...
CVE-2026-50258
- EPSS 0.16%
- Veröffentlicht 05.06.2026 10:31:39
- Zuletzt bearbeitet 09.07.2026 13:17:25
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types to XkbMaxShiftLevel...
CVE-2026-50259
- EPSS 0.17%
- Veröffentlicht 05.06.2026 10:31:39
- Zuletzt bearbeitet 09.07.2026 13:17:26
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this buffer at a client-con...
CVE-2026-50256
- EPSS 0.16%
- Veröffentlicht 05.06.2026 10:31:22
- Zuletzt bearbeitet 09.07.2026 13:17:25
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates...
CVE-2026-50257
- EPSS 0.14%
- Veröffentlicht 05.06.2026 10:31:22
- Zuletzt bearbeitet 09.07.2026 13:17:25
A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence ...
CVE-2026-4408
- EPSS 2.5%
- Veröffentlicht 28.05.2026 07:25:27
- Zuletzt bearbeitet 03.07.2026 13:17:25
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client...