Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Xfree86 Project Subscribe
Filtered by product Xfce
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-1060 1 Xfree86 Project 1 Xfce 2018-05-02 4.6 MEDIUM N/A
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.