Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop libdbus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-3524
libdbus 1.5.x and previous versions, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that ...
Freedesktop Libdbus 1.5.2
Freedesktop Libdbus 1.5.6
Freedesktop Libdbus 1.5.8
Freedesktop Libdbus 1.5.0
Freedesktop Libdbus 1.5.10
Freedesktop Libdbus
Freedesktop Libdbus 1.5.4
1 EDB exploit
NA
CVE-2011-2200
The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka DBus) 1.2.x prior to 1.2.28, 1.4.x prior to 1.4.12, and 1.5.x prior to 1.5.4 does not properly handle a non-native byte order, which allows local users to cause a denial of service (connection loss), obtain...
Freedesktop Dbus 1.5.0
Freedesktop Dbus 1.5.2
Freedesktop Dbus 1.4.6
Freedesktop Dbus 1.4.8
Freedesktop Dbus 1.4.1
Freedesktop Dbus 1.4.0
Freedesktop Dbus 1.4.10
Freedesktop Dbus 1.4.4
D-bus Project D-bus 1.2.4.2
D-bus Project D-bus 1.2.4.4
Freedesktop Dbus 1.2.26
Freedesktop Dbus 1.2.20
Freedesktop Dbus 1.2.4
Freedesktop Dbus 1.2.1
Freedesktop Dbus 1.2.10
Freedesktop Dbus 1.2.6
Freedesktop Dbus 1.2.24
Freedesktop Dbus 1.2.22
Freedesktop Dbus 1.2.18
Freedesktop Dbus 1.2.8
Freedesktop Dbus 1.2.16
D-bus Project D-bus 1.2.4.6
NA
CVE-2008-3834
The dbus_signature_validate function in the D-bus library (libdbus) prior to 1.2.4 allows remote malicious users to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
Freedesktop Dbus 0.13
Freedesktop Dbus 1.1.2
Freedesktop Dbus 0.34
Freedesktop Dbus 0.92
Freedesktop Dbus 0.50
Freedesktop Dbus1.0 Rc2
Freedesktop Dbus1.0 Rc1
Freedesktop Dbus 0.35.1
Freedesktop Dbus 0.5
Freedesktop Dbus 0.36.1
Freedesktop Dbus 0.33
Freedesktop Dbus 0.10
Freedesktop Dbus 0.11
Freedesktop Dbus 0.2
Freedesktop Dbus 1.0.2
Freedesktop Dbus 0.9
Freedesktop Dbus
Freedesktop Dbus 0.23.2
Freedesktop Dbus 0.35
Freedesktop Dbus 0.91
Freedesktop Dbus 0.6
Freedesktop Dbus 0.8
1 EDB exploit
NA
CVE-2010-1172
DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, ...
Freedesktop Dbus-glib 0.73
NA
CVE-2012-4425
libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the a...
Freedesktop Spice-gtk -
Gtk Libgio -
1 EDB exploit
6.5
CVSSv3
CVE-2022-42010
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2022-42011
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of t...
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2022-42012
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
7.1
CVSSv3
CVE-2019-12749
dbus prior to 1.10.28, 1.12.x prior to 1.12.16, and 1.13.x prior to 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_C...
Freedesktop Dbus
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
5.5
CVSSv3
CVE-2020-12049
An issue exists in dbus >= 1.3.0 prior to 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's priv...
Freedesktop Dbus
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started