Every CVE whose affected-product data names X.org X11, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2012-2118 — CVSS 10.0 (critical): Format string vulnerability in the LogVHdrMessageVerb function in os/log.c in X.Org X11 1.11 allows attackers to cause a denial of service…
CVE-1999-0526 — CVSS 10.0 (critical): An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
CVE-2007-1003 — CVSS 9.0 (critical): Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver)…
CVE-2013-7439 — CVSS 7.5 (high): Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow…
CVE-2014-8102 — CVSS 6.5 (medium): The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server…
CVE-2014-8098 — CVSS 6.5 (medium): The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before…
CVE-2014-8099 — CVSS 6.5 (medium): The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before…
CVE-2014-8100 — CVSS 6.5 (medium): The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before…
CVE-2014-8101 — CVSS 6.5 (medium): The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before…
CVE-2014-8092 — CVSS 6.5 (medium): Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow…
CVE-2014-8093 — CVSS 6.5 (medium): Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver…
CVE-2014-8095 — CVSS 6.5 (medium): The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows…
CVE-2014-8096 — CVSS 6.5 (medium): The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver…
CVE-2014-8097 — CVSS 6.5 (medium): The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows…
CVE-2009-2711 — CVSS 4.9 (medium): XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used…
CVE-2014-8091 — CVSS 4.3 (medium): X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC)…
CVE-2009-3100 — CVSS 4.0 (medium): xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not…