Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freedesktop dbus vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-42011
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of t...
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2022-42012
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2012-3524
libdbus 1.5.x and previous versions, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that ...
Freedesktop Libdbus 1.5.2
Freedesktop Libdbus 1.5.6
Freedesktop Libdbus 1.5.8
Freedesktop Libdbus 1.5.0
Freedesktop Libdbus 1.5.10
Freedesktop Libdbus
Freedesktop Libdbus 1.5.4
1 EDB exploit
NA
CVE-2014-3532
dbus 1.3.0 prior to 1.6.22 and 1.8.x prior to 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum ...
Freedesktop Dbus
Opensuse Opensuse 12.3
Debian Debian Linux 7.0
Mageia Mageia 3.0
Mageia Mageia 4.0
Oracle Solaris 11.3
7.1
CVSSv3
CVE-2019-12749
dbus prior to 1.10.28, 1.12.x prior to 1.12.16, and 1.13.x prior to 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_C...
Freedesktop Dbus
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
5.5
CVSSv3
CVE-2020-12049
An issue exists in dbus >= 1.3.0 prior to 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's priv...
Freedesktop Dbus
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
NA
CVE-2008-0595
dbus-daemon in D-Bus prior to 1.0.3, and 1.1.x prior to 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL int...
Mandrakesoft Mandrake Linux 2007.1
Mandrakesoft Mandrake Linux 2008.0
Mandrakesoft Mandrake Linux 2007
Redhat Enterprise Linux 5.0
Mandrakesoft Mandrake Linux 2007.0 X86 64
Redhat Enterprise Linux 5
Fedoraproject Fedora 7
Freedesktop Dbus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3