Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop dbus 1.1.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-42010
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2022-42011
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of t...
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2022-42012
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2009-1189
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) prior to 1.2.14 uses incorrect logic to validate a basic type, which allows remote malicious users to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE...
Freedesktop Dbus 0.13
Freedesktop Dbus 0.60
Freedesktop Dbus 1.1.2
Freedesktop Dbus 0.34
Freedesktop Dbus 0.92
Freedesktop Dbus 0.50
Freedesktop Dbus
Freedesktop Dbus 0.35.1
Freedesktop Dbus 0.5
Freedesktop Dbus 0.36.1
Freedesktop Dbus 0.33
Freedesktop Dbus 1.0
Freedesktop Dbus 0.10
Freedesktop Dbus 0.11
Freedesktop Dbus 1.1.0
Freedesktop Dbus 0.2
Freedesktop Dbus 1.0.2
Freedesktop Dbus 1.1.20
Freedesktop Dbus 0.9
Freedesktop Dbus 1.2.1
Freedesktop Dbus 0.23.2
Freedesktop Dbus 0.35
NA
CVE-2008-4311
The default configuration of system.conf in D-Bus (aka DBus) prior to 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving message...
Freedesktop Dbus 1.1.4
Freedesktop Dbus 1.0
Freedesktop Dbus 0.92
Freedesktop Dbus 0.36.2
Freedesktop Dbus 0.36.1
Freedesktop Dbus
Freedesktop Dbus 1.1.2
Freedesktop Dbus 0.91
Freedesktop Dbus 0.90
Freedesktop Dbus 0.36
Freedesktop Dbus 0.35.2
Freedesktop Dbus 0.23.3
Freedesktop Dbus 0.23.2
Freedesktop Dbus 0.11
Freedesktop Dbus 0.10
Freedesktop Dbus 0.3
Freedesktop Dbus 0.2
Freedesktop Dbus 1.1.1
Freedesktop Dbus 1.1.0
Freedesktop Dbus 0.62
Freedesktop Dbus 0.61
Freedesktop Dbus 0.35.1
NA
CVE-2008-3834
The dbus_signature_validate function in the D-bus library (libdbus) prior to 1.2.4 allows remote malicious users to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
Freedesktop Dbus 1.1.1
Freedesktop Dbus1.1.0
Freedesktop Dbus 0.62
Freedesktop Dbus 0.61
Freedesktop Dbus 0.35
Freedesktop Dbus 0.34
Freedesktop Dbus 0.33
Freedesktop Dbus 0.22
Freedesktop Dbus 0.21
Freedesktop Dbus 0.8
Freedesktop Dbus 0.7
Freedesktop Dbus 1.0.2
Freedesktop Dbus1.0 Rc1
Freedesktop Dbus 0.92
Freedesktop Dbus 0.36.1
Freedesktop Dbus 0.36
Freedesktop Dbus 0.23.3
Freedesktop Dbus 0.23.2
Freedesktop Dbus 0.12
Freedesktop Dbus 0.11
Freedesktop Dbus 0.4
Freedesktop Dbus 0.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started