X.Org

X Server

96 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.14%
  • Veröffentlicht 05.06.2026 10:36:46
  • Zuletzt bearbeitet 08.07.2026 20:16:51

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure.

  • EPSS 0.13%
  • Veröffentlicht 05.06.2026 10:36:43
  • Zuletzt bearbeitet 08.07.2026 20:16:51

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosu...

  • EPSS 0.15%
  • Veröffentlicht 05.06.2026 10:36:37
  • Zuletzt bearbeitet 09.07.2026 13:17:27

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. Thi...

  • EPSS 0.14%
  • Veröffentlicht 05.06.2026 10:36:33
  • Zuletzt bearbeitet 09.07.2026 13:17:27

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those cou...

  • EPSS 0.15%
  • Veröffentlicht 05.06.2026 10:36:30
  • Zuletzt bearbeitet 09.07.2026 13:17:26

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. ...

  • EPSS 0.17%
  • Veröffentlicht 05.06.2026 10:31:39
  • Zuletzt bearbeitet 09.07.2026 13:17:26

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this buffer at a client-con...

  • EPSS 0.16%
  • Veröffentlicht 05.06.2026 10:31:39
  • Zuletzt bearbeitet 09.07.2026 13:17:25

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types to XkbMaxShiftLevel...

  • EPSS 0.14%
  • Veröffentlicht 05.06.2026 10:31:22
  • Zuletzt bearbeitet 09.07.2026 13:17:25

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence ...

  • EPSS 0.16%
  • Veröffentlicht 05.06.2026 10:31:22
  • Zuletzt bearbeitet 09.07.2026 13:17:25

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates...

  • EPSS 0.49%
  • Veröffentlicht 05.05.2026 16:16:11
  • Zuletzt bearbeitet 08.06.2026 05:16:31

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes t...