Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

61 – 70 of 134 results

CVE-2017-10971

Medium priority

Some fixes available 5 of 6

In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.

8 affected packages

xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg Not affected
xorg-hwe-16.04 Not affected
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 8 packages Show less packages

CVE-2017-2624

Negligible priority

Some fixes available 4 of 10

It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp()...

10 affected packages

xorg-server, xorg-server-hwe-16.04, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-quantal Not in release
xorg-server-lts-raring Not in release
xorg-server-lts-saucy Not in release
xorg-server-lts-trusty Not in release
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 10 packages Show less packages

CVE-2015-3418

Medium priority

Some fixes available 5 of 9

The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.

6 affected packages

xorg-server, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy, xorg-server-lts-trusty, xorg-server-lts-utopic

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server
xorg-server-lts-quantal
xorg-server-lts-raring
xorg-server-lts-saucy
xorg-server-lts-trusty
xorg-server-lts-utopic
Show less packages

CVE-2015-3164

Medium priority
Ignored

The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.

7 affected packages

xorg-server, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy, xorg-server-lts-trusty...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server Not affected
xorg-server-lts-quantal Not in release
xorg-server-lts-raring Not in release
xorg-server-lts-saucy Not in release
xorg-server-lts-trusty Not in release
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
Show all 7 packages Show less packages

CVE-2015-0255

Medium priority

Some fixes available 27 of 41

X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value...

7 affected packages

vnc4, xorg-server, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vnc4 Not in release Not in release Not in release Vulnerable Fixed
xorg-server Fixed Fixed Fixed Fixed Fixed
xorg-server-lts-quantal Not in release Not in release Not in release Not in release Not in release
xorg-server-lts-raring Not in release Not in release Not in release Not in release Not in release
xorg-server-lts-saucy Not in release Not in release Not in release Not in release Not in release
xorg-server-lts-trusty Not in release Not in release Not in release Not in release Not in release
xorg-server-lts-utopic Not in release Not in release Not in release Not in release Not in release
Show all 7 packages Show less packages

CVE-2014-8103

Medium priority

Some fixes available 4 of 5

X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or...

2 affected packages

xorg-server, xorg-server-lts-trusty

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server
xorg-server-lts-trusty
Show less packages

CVE-2014-8102

Medium priority

Some fixes available 4 of 5

The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a...

2 affected packages

xorg-server, xorg-server-lts-trusty

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server
xorg-server-lts-trusty
Show less packages

CVE-2014-8101

Medium priority

Some fixes available 4 of 5

The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or...

2 affected packages

xorg-server, xorg-server-lts-trusty

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server
xorg-server-lts-trusty
Show less packages

CVE-2014-8100

Medium priority

Some fixes available 4 of 5

The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read...

2 affected packages

xorg-server, xorg-server-lts-trusty

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server
xorg-server-lts-trusty
Show less packages

CVE-2014-8099

Medium priority

Some fixes available 4 of 5

The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read...

2 affected packages

xorg-server, xorg-server-lts-trusty

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server
xorg-server-lts-trusty
Show less packages
  1. Previous page
  2. 5
  3. 6
  4. 7
  5. 8
  6. 9
  7. Next page
Export to JSON