Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2010-1172
DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, ...
Freedesktop Dbus-glib 0.73
3.6
CVSSv2
CVE-2009-1189
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) prior to 1.2.14 uses incorrect logic to validate a basic type, which allows remote malicious users to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE...
Freedesktop Dbus 0.13
Freedesktop Dbus 0.60
Freedesktop Dbus 1.1.2
Freedesktop Dbus 0.34
Freedesktop Dbus 0.92
Freedesktop Dbus 0.50
Freedesktop Dbus
Freedesktop Dbus 0.35.1
Freedesktop Dbus 0.5
Freedesktop Dbus 0.36.1
Freedesktop Dbus 0.33
Freedesktop Dbus 1.0
Freedesktop Dbus 0.10
Freedesktop Dbus 0.11
Freedesktop Dbus 1.1.0
Freedesktop Dbus 0.2
Freedesktop Dbus 1.0.2
Freedesktop Dbus 1.1.20
Freedesktop Dbus 0.9
Freedesktop Dbus 1.2.1
Freedesktop Dbus 0.23.2
Freedesktop Dbus 0.35
3.3
CVSSv2
CVE-2013-4472
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and previous versions, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.
Freedesktop Poppler 0.24.0
Freedesktop Poppler 0.24.2
Freedesktop Poppler 0.24.1
Freedesktop Poppler
3.3
CVSSv2
CVE-2011-2533
The configure script in D-Bus (aka DBus) 1.2.x prior to 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/.
Freedesktop Dbus 1.2.4
Freedesktop Dbus 1.2.3
Freedesktop Dbus 1.2.1
Freedesktop Dbus 1.2.12
Freedesktop Dbus 1.2.14
Freedesktop Dbus 1.2.22
Freedesktop Dbus 1.2.20
Freedesktop Dbus 1.2.8
Freedesktop Dbus 1.2.18
Freedesktop Dbus 1.2.10
Freedesktop Dbus 1.2.26
Freedesktop Dbus 1.2.24
Freedesktop Dbus 1.2.16
Freedesktop Dbus 1.2.6
2.1
CVSSv2
CVE-2020-16126
An Ubuntu-specific modification to AccountsService in versions prior to 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion.
Freedesktop Accountsservice
1 Github repository
2.1
CVSSv2
CVE-2020-16127
An Ubuntu-specific modification to AccountsService in versions prior to 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment files, allowing an infinite loop if /dev/zero is symlinked to this location.
Freedesktop Accountsservice
1 Github repository
2.1
CVSSv2
CVE-2017-6355
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access.
Freedesktop Virglrenderer
2.1
CVSSv2
CVE-2014-7824
D-Bus 1.3.0 up to and including 1.6.x prior to 1.6.26, 1.8.x prior to 1.8.10, and 1.9.x prior to 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability e...
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.6.24
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.9.0
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.6.14
Freedesktop Dbus 1.6.6
Freedesktop Dbus 1.6.22
Freedesktop Dbus 1.8.6
Freedesktop Dbus 1.6.18
Freedesktop Dbus 1.8.8
Freedesktop Dbus 1.8.4
Freedesktop Dbus 1.8.2
Freedesktop Dbus 1.6.2
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Mageia Project Mageia 4
2.1
CVSSv2
CVE-2014-3637
D-Bus 1.3.0 up to and including 1.6.x prior to 1.6.24 and 1.8.x prior to 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.4.18
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.4.22
Freedesktop Dbus 1.5.6
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.5.8
Freedesktop Dbus 1.5.4
Freedesktop Dbus 1.5.10
Freedesktop Dbus 1.4.24
Freedesktop Dbus 1.4.12
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.5.0
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.4.6
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.4.16
Freedesktop Dbus 1.5.2
Freedesktop Dbus 1.3.0
Freedesktop Dbus 1.4.8
2.1
CVSSv2
CVE-2014-3638
The bus_connections_check_reply function in config-parser.c in D-Bus prior to 1.6.24 and 1.8.x prior to 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls.
D-bus Project D-bus
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.6.14
Freedesktop Dbus 1.6.6
Freedesktop Dbus 1.8.6
Freedesktop Dbus 1.6.18
Freedesktop Dbus 1.8.4
Freedesktop Dbus 1.8.2
Freedesktop Dbus 1.6.2
Opensuse Opensuse 12.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »