cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21886,https://securityvulnerability.io/vulnerability/CVE-2024-21886,Heap Buffer Overflow Flaw in X.Org Server Could Lead to Application Crash or Remote Code Execution,"A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.",Red Hat,"Xorg-server,Xwayland,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Fedora",,,0.0004400000034365803,false,false,false,false,,false,false,2024-02-28T12:13:12.555Z,0
CVE-2024-0229,https://securityvulnerability.io/vulnerability/CVE-2024-0229,"X.Org Server Vulnerability Could Lead to Application Crash, Privilege Escalation, or Remote Code Execution","The vulnerability arises from an out-of-bounds memory access flaw present in the X.Org server, a software that handles graphical displays in Unix-like operating systems. This flaw is triggered when a device that has been 'frozen' by a sync grab is subsequently reattached to a new master device, creating a condition where improper memory access can occur. Exploitation of this vulnerability may lead to application crashes, and in scenarios where the server operates with elevated privileges, it could enable local privilege escalation. Additionally, in environments that utilize SSH X11 forwarding, this defect poses a risk of remote code execution, presenting significant security challenges for users relying on this system.",Red Hat,"xorg-server,xwayland,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Fedora",7.8,HIGH,0.0012499999720603228,false,false,false,false,,false,false,2024-02-09T06:29:51.542Z,0
CVE-2024-0409,https://securityvulnerability.io/vulnerability/CVE-2024-0409,Xorg-x11-server: selinux context corruption,"A vulnerability exists within the X.Org server that affects the cursor code utilized in both Xephyr and Xwayland. The issue arises from the use of an incorrect type of private at the cursor's creation, specifically using the cursor bits type. This misconfiguration leads to overwriting of the XSELINUX context during the cursor initialization process, potentially compromising system security and functionality. Users of these products should evaluate their configurations and consider applying relevant patches to mitigate potential risks associated with this vulnerability.",Red Hat,"Xorg-server,Xwayland,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Fedora",7.8,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2024-01-18T15:40:22.071Z,0
CVE-2024-0408,https://securityvulnerability.io/vulnerability/CVE-2024-0408,Xorg-x11-server: selinux unlabeled glx pbuffer,"A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.",Red Hat,"Xorg-server,Xwayland,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Fedora",5.5,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2024-01-18T15:40:06.955Z,0