Every CVE whose affected-product data names X.org Libx11, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2018-14599 — CVSS 9.8 (critical): An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by…
CVE-2021-31535 — CVSS 9.8 (critical): LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11…
CVE-2016-7942 — CVSS 9.8 (critical): The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and…
CVE-2016-7943 — CVSS 9.8 (critical): The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields…
CVE-2018-14600 — CVSS 9.8 (critical): An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of…
CVE-2007-1667 — CVSS 9.3 (critical): Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for…
CVE-2023-43787 — CVSS 7.8 (high): A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger…
CVE-2020-14363 — CVSS 7.8 (high): An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an…
CVE-2023-3138 — CVSS 7.5 (high): A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values…
CVE-2013-7439 — CVSS 7.5 (high): Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow…
CVE-2018-14598 — CVSS 7.5 (high): An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first…
CVE-2020-14344 — CVSS 6.7 (medium): An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version…
CVE-2023-43785 — CVSS 6.5 (medium): A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to…
CVE-2023-43786 — CVSS 5.5 (medium): A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all…
CVE-2006-5397 — CVSS 2.1 (low): The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file…