xorg-x11-libs (SUSE:Linux Enterprise Software Development Kit 11 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 11 SP4 package xorg-x11-libs, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (12)
CVE-2016-7948 — CVSS 9.8 (critical): X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
CVE-2015-9262 — CVSS 9.8 (critical): _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code…
CVE-2016-7953 — CVSS 9.8 (critical): Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
CVE-2016-7951 — CVSS 9.8 (critical): Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by…
CVE-2016-7947 — CVSS 9.8 (critical): Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted…
CVE-2015-1804 — CVSS 8.5 (high): The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type…
CVE-2016-7946 — CVSS 7.5 (high): X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
CVE-2016-7952 — CVSS 7.5 (high): X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData…
CVE-2016-7945 — CVSS 7.5 (high): Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or…
CVE-2017-16612 — CVSS 7.5 (high): libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g…
CVE-2017-13720 — CVSS 7.1 (high): In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X…
CVE-2017-13722 — CVSS 7.1 (high): In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF…