Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

51 – 54 of 54 results


CVE-2017-2624

Negligible priority

Some fixes available 4 of 10

It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp()...

10 affected packages

xorg-server, xorg-server-hwe-16.04, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-quantal Not in release
xorg-server-lts-raring Not in release
xorg-server-lts-saucy Not in release
xorg-server-lts-trusty Not in release
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 10 packages Show less packages

CVE-2015-3418

Medium priority

Some fixes available 5 of 9

The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.

6 affected packages

xorg-server, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy, xorg-server-lts-trusty, xorg-server-lts-utopic

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server
xorg-server-lts-quantal
xorg-server-lts-raring
xorg-server-lts-saucy
xorg-server-lts-trusty
xorg-server-lts-utopic
Show less packages

CVE-2015-3164

Medium priority
Ignored

The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.

7 affected packages

xorg-server, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy, xorg-server-lts-trusty...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server Not affected
xorg-server-lts-quantal Not in release
xorg-server-lts-raring Not in release
xorg-server-lts-saucy Not in release
xorg-server-lts-trusty Not in release
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
Show all 7 packages Show less packages

CVE-2015-0255

Medium priority

Some fixes available 27 of 41

X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value...

7 affected packages

vnc4, xorg-server, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vnc4 Not in release Not in release Not in release Vulnerable Fixed
xorg-server Fixed Fixed Fixed Fixed Fixed
xorg-server-lts-quantal Not in release Not in release Not in release Not in release Not in release
xorg-server-lts-raring Not in release Not in release Not in release Not in release Not in release
xorg-server-lts-saucy Not in release Not in release Not in release Not in release Not in release
xorg-server-lts-trusty Not in release Not in release Not in release Not in release Not in release
xorg-server-lts-utopic Not in release Not in release Not in release Not in release Not in release
Show all 7 packages Show less packages