Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
prepending values to certain properties. An attacker could possibly use
this issue to cause the X Server to crash, execute arbitrary code, or
escalate privileges. (CVE-2023-5367)

Sri discovered that the X.Org X Server incorrectly handled detroying
windows in certain legacy multi-screen setups. An attacker could possibly
use this issue to cause the X Server to crash, execute arbitrary code, or
escalate privileges. (CVE-2023-5380)

References

ubuntu.com/security/CVE-2023-5367

ubuntu.com/security/CVE-2023-5380

ubuntu.com/security/notices/USN-6453-1

rosalinux 1

amazon 2

fedora 9

openvas 33

nessus 67

ubuntu 2

redhat 17

osv 12

mageia 2

oraclelinux 9

slackware 2

debian 2

freebsd 1

redos 1

cbl_mariner 2

redhatcve 2

cve 2

zdi 2

nvd 2

prion 2

cvelist 2

ubuntucve 2

veracode 2

alpinelinux 2

debiancve 2

almalinux 7

gentoo 1

ibm 2

hp 2

rosalinux

Advisory ROSA-SA-2024-2325

2024-01-23 12:18:22

amazon

Important: xorg-x11-server

2023-11-09 19:19:00

Important: xorg-x11-server

2023-11-10 17:32:00

fedora

[SECURITY] Fedora 39 Update: tigervnc-1.13.1-6.fc39

2023-11-17 01:38:57

[SECURITY] Fedora 39 Update: xorg-x11-server-1.20.14-26.fc39

2023-11-03 19:06:15

[SECURITY] Fedora 37 Update: tigervnc-1.13.1-6.fc37

2023-11-18 01:33:23

openvas

Ubuntu: Security Advisory (USN-6453-1)

2023-10-26 00:00:00

Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1115)

2024-01-29 00:00:00

Fedora: Security Advisory for tigervnc (FEDORA-2023-4708733ccc)

2023-11-19 00:00:00

nessus

Amazon Linux 2023 : xorg-x11-server-common, xorg-x11-server-devel, xorg-x11-server-source (ALAS2023-2023-404)

2023-11-04 00:00:00

Fedora 39 : tigervnc (2023-4bb75fa8f2)

2023-11-16 00:00:00

RHEL 7 : tigervnc (RHSA-2023:7428)

2023-11-21 00:00:00

ubuntu

X.Org X Server vulnerabilities

2023-10-25 00:00:00

X.Org X Server vulnerabilities

2023-10-31 00:00:00

redhat

(RHSA-2023:7428) Important: tigervnc security update

2023-11-21 14:52:48

(RHSA-2023:7405) Important: tigervnc security update

2023-11-21 09:47:53

(RHSA-2023:7373) Important: tigervnc security update

2023-11-21 08:13:57

osv

xorg-server vulnerabilities

2023-10-31 15:16:46

xorg-server - security update

2023-10-25 00:00:00

xorg-server - security update

2023-10-25 00:00:00

mageia

Updated tigervnc packages fix security vulnerabilities

2023-11-20 13:04:11

Updated x11-server packages fix security vulnerabilities

2023-11-07 02:08:32

oraclelinux

tigervnc security update

2023-11-22 00:00:00

xorg-x11-server security update

2023-11-08 00:00:00

tigervnc security update

2024-05-23 00:00:00

slackware

[slackware-security] xorg-server

2023-10-26 20:01:09

[slackware-security] tigervnc

2023-11-13 19:27:10

debian

[SECURITY] [DSA 5534-1] xorg-server security update

2023-10-25 14:45:31

[SECURITY] [DLA 3631-1] xorg-server security update

2023-10-25 15:17:02

freebsd

xorg-server -- Multiple vulnerabilities

2023-10-25 00:00:00

redos

ROS-20231114-02

2023-11-14 00:00:00

cbl_mariner

CVE-2023-5367 affecting package xorg-x11-server for versions less than 1.20.10-10

2024-04-09 20:48:36

CVE-2023-5380 affecting package xorg-x11-server for versions less than 1.20.10-10

2024-04-09 20:48:36

redhatcve

CVE-2023-5367

2023-10-25 19:46:38

CVE-2023-5380

2023-10-25 19:46:48

cve

CVE-2023-5367

2023-10-25 20:15:18

CVE-2023-5380

2023-10-25 20:15:18

zdi

X.Org Server ProcXIChangeProperty Heap-based Buffer Overflow Local Privilege Escalation Vulnerability

2024-01-04 00:00:00

X.Org Server Window Object Use-After-Free Local Privilege Escalation Vulnerability

2023-12-19 00:00:00

nvd

CVE-2023-5367

2023-10-25 20:15:18

CVE-2023-5380

2023-10-25 20:15:18

prion

Heap overflow

2023-10-25 20:15:00

Design/Logic Flaw

2023-10-25 20:15:00

cvelist

CVE-2023-5367 Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty

2023-10-25 19:46:58

CVE-2023-5380 Xorg-x11-server: use-after-free bug in destroywindow

2023-10-25 19:46:59

ubuntucve

CVE-2023-5367

2023-10-25 00:00:00

CVE-2023-5380

2023-10-25 00:00:00

veracode

Out-of-Bounds Write

2023-10-28 00:48:10

Use After Free

2023-11-30 18:35:01

alpinelinux

CVE-2023-5367

2023-10-25 20:15:18

CVE-2023-5380

2023-10-25 20:15:18

debiancve

CVE-2023-5367

2023-10-25 20:15:18

CVE-2023-5380

2023-10-25 20:15:18

almalinux

Moderate: tigervnc security update

2024-05-22 00:00:00

Important: tigervnc security update

2024-04-30 00:00:00

Important: tigervnc security update

2024-01-02 00:00:00

gentoo

X.Org X Server, XWayland: Multiple Vulnerabilities

2024-01-31 00:00:00

ibm

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

2024-05-24 20:02:29

Security Bulletin: Vulnerabilities in Axios, Node.js, VMWare tools, and Linux Kernel might affect IBM Storage Defender – Data Protect.

2024-02-09 16:04:42

HP ThinPro 8.1 SP 2 Security Updates

2024-04-12 00:00:00

HP ThinPro 8.0 SP 8 Security Updates

2024-03-01 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

28.9%

JSON

Related for OSV:USN-6453-1