Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop dbus vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2020-35512
A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D...
Freedesktop Dbus 1.12.20
7.2
CVSSv2
CVE-2013-0292
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib prior to 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
Freedesktop Dbus-glib
Freedesktop Dbus-glib 0.98
Freedesktop Dbus-glib 0.84
Freedesktop Dbus-glib 0.82
Freedesktop Dbus-glib 0.92
Freedesktop Dbus-glib 0.90
Freedesktop Dbus-glib 0.76
Freedesktop Dbus-glib 0.74
Freedesktop Dbus-glib 0.88
Freedesktop Dbus-glib 0.86
Freedesktop Dbus-glib 0.73
Freedesktop Dbus-glib 0.72
Freedesktop Dbus-glib 0.96
Freedesktop Dbus-glib 0.94
Freedesktop Dbus-glib 0.80
Freedesktop Dbus-glib 0.78
1 EDB exploit
6.9
CVSSv2
CVE-2012-3524
libdbus 1.5.x and previous versions, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that ...
Freedesktop Libdbus 1.5.2
Freedesktop Libdbus 1.5.6
Freedesktop Libdbus 1.5.8
Freedesktop Libdbus 1.5.0
Freedesktop Libdbus 1.5.10
Freedesktop Libdbus
Freedesktop Libdbus 1.5.4
1 EDB exploit
4.9
CVSSv2
CVE-2020-12049
An issue exists in dbus >= 1.3.0 prior to 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's priv...
Freedesktop Dbus
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
4.6
CVSSv2
CVE-2011-2200
The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka DBus) 1.2.x prior to 1.2.28, 1.4.x prior to 1.4.12, and 1.5.x prior to 1.5.4 does not properly handle a non-native byte order, which allows local users to cause a denial of service (connection loss), obtain...
Freedesktop Dbus 1.5.0
Freedesktop Dbus 1.5.2
Freedesktop Dbus 1.4.6
Freedesktop Dbus 1.4.8
Freedesktop Dbus 1.4.1
Freedesktop Dbus 1.4.0
Freedesktop Dbus 1.4.10
Freedesktop Dbus 1.4.4
D-bus Project D-bus 1.2.4.2
D-bus Project D-bus 1.2.4.4
Freedesktop Dbus 1.2.26
Freedesktop Dbus 1.2.20
Freedesktop Dbus 1.2.4
Freedesktop Dbus 1.2.1
Freedesktop Dbus 1.2.10
Freedesktop Dbus 1.2.6
Freedesktop Dbus 1.2.24
Freedesktop Dbus 1.2.22
Freedesktop Dbus 1.2.18
Freedesktop Dbus 1.2.8
Freedesktop Dbus 1.2.16
D-bus Project D-bus 1.2.4.6
4.6
CVSSv2
CVE-2008-4311
The default configuration of system.conf in D-Bus (aka DBus) prior to 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving message...
Freedesktop Dbus 1.1.4
Freedesktop Dbus 1.0
Freedesktop Dbus 0.92
Freedesktop Dbus 0.36.2
Freedesktop Dbus 0.36.1
Freedesktop Dbus
Freedesktop Dbus 1.1.2
Freedesktop Dbus 0.91
Freedesktop Dbus 0.90
Freedesktop Dbus 0.36
Freedesktop Dbus 0.35.2
Freedesktop Dbus 0.23.3
Freedesktop Dbus 0.23.2
Freedesktop Dbus 0.11
Freedesktop Dbus 0.10
Freedesktop Dbus 0.3
Freedesktop Dbus 0.2
Freedesktop Dbus 1.1.1
Freedesktop Dbus 1.1.0
Freedesktop Dbus 0.62
Freedesktop Dbus 0.61
Freedesktop Dbus 0.35.1
4.6
CVSSv2
CVE-2008-0595
dbus-daemon in D-Bus prior to 1.0.3, and 1.1.x prior to 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL int...
Mandrakesoft Mandrake Linux 2007.1
Mandrakesoft Mandrake Linux 2008.0
Mandrakesoft Mandrake Linux 2007
Redhat Enterprise Linux 5.0
Mandrakesoft Mandrake Linux 2007.0 X86 64
Redhat Enterprise Linux 5
Fedoraproject Fedora 7
Freedesktop Dbus
4.4
CVSSv2
CVE-2014-3635
Off-by-one error in D-Bus 1.3.0 up to and including 1.6.x prior to 1.6.24 and 1.8.x prior to 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to cause a denial of service (dbus-daemon crash) or possibly execute ...
D-bus Project D-bus
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.6.14
Freedesktop Dbus 1.6.6
Freedesktop Dbus 1.8.6
Freedesktop Dbus 1.6.18
Freedesktop Dbus 1.8.4
Freedesktop Dbus 1.8.2
Freedesktop Dbus 1.6.2
Opensuse Opensuse 12.3
3.6
CVSSv2
CVE-2019-12749
dbus prior to 1.10.28, 1.12.x prior to 1.12.16, and 1.13.x prior to 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_C...
Freedesktop Dbus
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
3.6
CVSSv2
CVE-2010-1172
DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, ...
Freedesktop Dbus-glib 0.73
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »