Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus project d-bus vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-14345
An issue exists in SDDM up to and including 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display...
Sddm Project Sddm
4.4
CVSSv3
CVE-2018-1116
A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a l...
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Polkit Project Polkit
8.8
CVSSv3
CVE-2018-12559
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. The mount target path check in mounter.cpp `mpOk()` is insufficient. A regular user can consequently mount a CIFS filesystem anywhere (e.g., outside of the /home directory tree) by passing ...
Cantata Project Cantata
8.8
CVSSv3
CVE-2018-12561
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. A regular user can inject additional mount options such as file_mode= by manipulating (for example) the domain parameter of the samba URL.
Cantata Project Cantata
9.8
CVSSv3
CVE-2018-12562
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards (such as in an injected string:/home...
Cantata Project Cantata
6.5
CVSSv3
CVE-2018-12560
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. Arbitrary unmounts can be performed by regular users via directory traversal sequences such as a home/../sys/kernel substring.
Cantata Project Cantata
8.4
CVSSv3
CVE-2015-8612
The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman prior to 2.0.3 allows local users to gain privileges via the dhcp_handler argument.
Blueman Project Blueman
1 EDB exploit
NA
CVE-2014-8148
The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root privileges.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Midgard-project Midgard2 10.05.7.1
NA
CVE-2014-7824
D-Bus 1.3.0 up to and including 1.6.x prior to 1.6.26, 1.8.x prior to 1.8.10, and 1.9.x prior to 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability e...
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.6.24
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.9.0
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.6.14
Freedesktop Dbus 1.6.6
Freedesktop Dbus 1.6.22
Freedesktop Dbus 1.8.6
Freedesktop Dbus 1.6.18
Freedesktop Dbus 1.8.8
Freedesktop Dbus 1.8.4
Freedesktop Dbus 1.8.2
Freedesktop Dbus 1.6.2
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Mageia Project Mageia 4
NA
CVE-2014-3636
D-Bus 1.3.0 up to and including 1.6.x prior to 1.6.24 and 1.8.x prior to 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) v...
D-bus Project D-bus
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.8.6
Freedesktop Dbus 1.8.4
Freedesktop Dbus 1.8.2
Opensuse Opensuse 12.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »