Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-42260
NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosur...
Nvidia Virtual Gpu
Nvidia Cloud Gaming
Nvidia Gpu Display Driver
1 Article
NA
CVE-2022-31608
NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclo...
Nvidia Gpu Display Driver
3.6
CVSSv2
CVE-2019-15718
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by e...
Systemd Project Systemd 240
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.1
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1
Redhat Enterprise Linux For Power Little Endian Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.1
Redhat Enterprise Linux For Power Little Endian Eus 8.1
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
2.1
CVSSv2
CVE-2014-3637
D-Bus 1.3.0 up to and including 1.6.x prior to 1.6.24 and 1.8.x prior to 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.4.18
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.4.22
Freedesktop Dbus 1.5.6
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.5.8
Freedesktop Dbus 1.5.4
Freedesktop Dbus 1.5.10
Freedesktop Dbus 1.4.24
Freedesktop Dbus 1.4.12
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.5.0
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.4.6
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.4.16
Freedesktop Dbus 1.5.2
Freedesktop Dbus 1.3.0
Freedesktop Dbus 1.4.8
3.6
CVSSv2
CVE-2009-1189
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) prior to 1.2.14 uses incorrect logic to validate a basic type, which allows remote malicious users to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE...
Freedesktop Dbus 0.13
Freedesktop Dbus 0.60
Freedesktop Dbus 1.1.2
Freedesktop Dbus 0.34
Freedesktop Dbus 0.92
Freedesktop Dbus 0.50
Freedesktop Dbus
Freedesktop Dbus 0.35.1
Freedesktop Dbus 0.5
Freedesktop Dbus 0.36.1
Freedesktop Dbus 0.33
Freedesktop Dbus 1.0
Freedesktop Dbus 0.10
Freedesktop Dbus 0.11
Freedesktop Dbus 1.1.0
Freedesktop Dbus 0.2
Freedesktop Dbus 1.0.2
Freedesktop Dbus 1.1.20
Freedesktop Dbus 0.9
Freedesktop Dbus 1.2.1
Freedesktop Dbus 0.23.2
Freedesktop Dbus 0.35
6.4
CVSSv2
CVE-2021-43400
An issue exists in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.
Bluez Bluez 5.61
Debian Debian Linux 10.0
7.2
CVSSv2
CVE-2020-35512
A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D...
Freedesktop Dbus 1.12.20
5.5
CVSSv2
CVE-2021-44225
In Keepalived up to and including 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a sett...
Keepalived Keepalived
Fedoraproject Fedora 34
Fedoraproject Fedora 35
NA
CVE-2022-40673
KDiskMark prior to 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache.
Kdiskmark Project Kdiskmark
Fedoraproject Fedora 36
4.6
CVSSv2
CVE-2018-14424
The daemon in GDM up to and including 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local malicious user to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial ...
Gnome Gnome Display Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »