| Max CVSS | 2.1 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-2625 | 2.1 |
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing
|
12-02-2023 - 23:29 | 27-07-2018 - 18:29 | |
| CVE-2017-2626 | 2.1 |
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
|
12-02-2023 - 23:29 | 27-07-2018 - 19:29 | |
| CVE-2017-2624 | 1.9 |
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations ret
|
09-10-2019 - 23:26 | 27-07-2018 - 18:29 |