GCVE - cpe:2.3:a:x.org:xorg-server:1.15.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:x.org:xorg-server:1.15.0:*:*:*:*:*:*:*

part: a version: 1.15.0 update: *

Vendor	X.Org (`4cd053ee-09df-594a-873d-dbd09ec2f899`)
Product	Xorg Server (`d5c5a228-377c-5b85-be9a-ca5da7e1b31e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/xserver-xorg-core`	purl2cpe	2026-06-01 10:14:02.689833
`pkg:deb/ubuntu/xserver-xorg-core`	purl2cpe	2026-06-01 10:14:02.689834
`pkg:freedesktop/xorg/xserver`	purl2cpe	2026-06-01 10:14:02.689836
`pkg:github/freedesktop/xorg-xserver`	purl2cpe	2026-06-01 10:14:02.689837
`pkg:rpm/fedora/xorg-x11-server`	purl2cpe	2026-06-01 10:14:02.689838

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-8103`	vulnerable	2026-06-03 14:34:22.670889	Details available X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) sproc_dri3_query_version, (2) sproc_dri3_open, (3) sproc_dri3_pixmap_from_buffer, (4) sproc_dri3_buffer_from_pixmap, (5) sproc_dri3_fence_from_fd, (6) sproc_dri3_fd_from_fence, (7) proc_present_query_capabilities, (8) sproc_present_query_version, (9) sproc_present_pixmap, (10) sproc_present_notify_msc, (11) sproc_present_select_input, or (12) sproc_present_query_capabilities function in the (a) DRI3 or (b) Present extension. Published: 2014-12-10T15:00:00.000Z Updated: 2024-08-06T13:10:50.010Z Open on db.gcve.eu Reference links http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ https://security.gentoo.org/glsa/201504-06 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://secunia.com/advisories/61947	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-8094`	vulnerable	2026-06-03 14:34:22.567440	Details available Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, which triggers an out-of-bounds read or write. Published: 2014-12-10T15:00:00.000Z Updated: 2024-08-06T13:10:49.952Z Open on db.gcve.eu Reference links http://www.debian.org/security/2014/dsa-3095 http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ http://advisories.mageia.org/MGASA-2014-0532.html https://security.gentoo.org/glsa/201504-06 http://www.securityfocus.com/bid/71601	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.