Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2014-8156
The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged) git ma...
Phonefsod Project Phonefsod 0.1
Fso-usaged Project Fso-usaged 0.12.0-2
Fso-frameworkd Project Fso-frameworkd 0.9.5.9
Fso-gsmd Project Fso-gsmd 0.12.0-3
7.8
CVSSv3
CVE-2022-42260
NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosur...
Nvidia Virtual Gpu
Nvidia Cloud Gaming
Nvidia Gpu Display Driver
1 Article
7.8
CVSSv3
CVE-2022-31608
NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclo...
Nvidia Gpu Display Driver
5.5
CVSSv3
CVE-2019-6454
An issue exists in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafte...
Systemd Project Systemd 239
Opensuse Leap 15.0
Netapp Active Iq Performance Analytics Services -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
NA
CVE-2014-3637
D-Bus 1.3.0 up to and including 1.6.x prior to 1.6.24 and 1.8.x prior to 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.4.18
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.4.22
Freedesktop Dbus 1.5.6
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.5.8
Freedesktop Dbus 1.5.4
Freedesktop Dbus 1.5.10
Freedesktop Dbus 1.4.24
Freedesktop Dbus 1.4.12
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.5.0
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.4.6
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.4.16
Freedesktop Dbus 1.5.2
Freedesktop Dbus 1.3.0
Freedesktop Dbus 1.4.8
5.4
CVSSv3
CVE-2021-44225
In Keepalived up to and including 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a sett...
Keepalived Keepalived
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.8
CVSSv3
CVE-2020-35512
A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D...
Freedesktop Dbus 1.12.20
9.1
CVSSv3
CVE-2021-43400
An issue exists in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.
Bluez Bluez 5.61
Debian Debian Linux 10.0
NA
CVE-2009-1189
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) prior to 1.2.14 uses incorrect logic to validate a basic type, which allows remote malicious users to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE...
Freedesktop Dbus 0.13
Freedesktop Dbus 0.60
Freedesktop Dbus 1.1.2
Freedesktop Dbus 0.34
Freedesktop Dbus 0.92
Freedesktop Dbus 0.50
Freedesktop Dbus
Freedesktop Dbus 0.35.1
Freedesktop Dbus 0.5
Freedesktop Dbus 0.36.1
Freedesktop Dbus 0.33
Freedesktop Dbus 1.0
Freedesktop Dbus 0.10
Freedesktop Dbus 0.11
Freedesktop Dbus 1.1.0
Freedesktop Dbus 0.2
Freedesktop Dbus 1.0.2
Freedesktop Dbus 1.1.20
Freedesktop Dbus 0.9
Freedesktop Dbus 1.2.1
Freedesktop Dbus 0.23.2
Freedesktop Dbus 0.35
7.8
CVSSv3
CVE-2018-14424
The daemon in GDM up to and including 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local malicious user to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial ...
Gnome Gnome Display Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »