Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus project d-bus vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-12562
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards (such as in an injected string:/home...
Cantata Project Cantata
8.8
CVSSv3
CVE-2015-1326
python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file.
Python-dbusmock Project Python-dbusmock
8.8
CVSSv3
CVE-2018-12559
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. The mount target path check in mounter.cpp `mpOk()` is insufficient. A regular user can consequently mount a CIFS filesystem anywhere (e.g., outside of the /home directory tree) by passing ...
Cantata Project Cantata
8.8
CVSSv3
CVE-2018-12561
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. A regular user can inject additional mount options such as file_mode= by manipulating (for example) the domain parameter of the samba URL.
Cantata Project Cantata
8.4
CVSSv3
CVE-2015-8612
The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman prior to 2.0.3 allows local users to gain privileges via the dhcp_handler argument.
Blueman Project Blueman
1 EDB exploit
8
CVSSv3
CVE-2021-23556
The package guake prior to 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of execute_command and execute_command_by_uuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via the d-bus metho...
Guake-project Guake
7.8
CVSSv3
CVE-2022-40673
KDiskMark prior to 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache.
Kdiskmark Project Kdiskmark
Fedoraproject Fedora 36
7.8
CVSSv3
CVE-2019-25058
An issue exists in USBGuard prior to 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future.
Usbguard Project Usbguard
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2021-3560
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local malicious user to, for example, create a new local administrator. The hi...
Polkit Project Polkit
Debian Debian Linux 11.0
Canonical Ubuntu Linux 20.04
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Redhat Openshift Container Platform 4.7
48 Github repositories
1 Article
7.8
CVSSv3
CVE-2014-8156
The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged) git ma...
Fso-frameworkd Project Fso-frameworkd 0.9.5.9
Fso-gsmd Project Fso-gsmd 0.12.0-3
Fso-usaged Project Fso-usaged 0.12.0-2
Phonefsod Project Phonefsod 0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »