Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40293
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object.
Samsung Harman Infotainment 20190525031613
4.9
CVSSv2
CVE-2019-6454
An issue exists in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafte...
Systemd Project Systemd 239
Opensuse Leap 15.0
Netapp Active Iq Performance Analytics Services -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
4
CVSSv2
CVE-2018-12560
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. Arbitrary unmounts can be performed by regular users via directory traversal sequences such as a home/../sys/kernel substring.
Cantata Project Cantata
6
CVSSv2
CVE-2021-23556
The package guake prior to 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of execute_command and execute_command_by_uuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via the d-bus metho...
Guake-project Guake
6.5
CVSSv2
CVE-2018-12561
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. A regular user can inject additional mount options such as file_mode= by manipulating (for example) the domain parameter of the samba URL.
Cantata Project Cantata
4.9
CVSSv2
CVE-2020-12049
An issue exists in dbus >= 1.3.0 prior to 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's priv...
Freedesktop Dbus
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
2.1
CVSSv2
CVE-2012-5560
The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call.
Mate-desktop Mate-settings-daemon 1.5.3
2.1
CVSSv2
CVE-2018-19358
GNOME Keyring up to and including 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mec...
Gnome Gnome-keyring
1 Github repository
2.1
CVSSv2
CVE-2007-3372
The Avahi daemon in Avahi prior to 0.6.20 allows malicious users to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error.
Avahi Avahi
5
CVSSv2
CVE-2008-5081
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi prior to 0.6.24 allows remote malicious users to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
Avahi Avahi 0.6.16
Avahi Avahi 0.6.15
Avahi Avahi 0.6.7
Avahi Avahi 0.6.6
Avahi Avahi 0.5.1
Avahi Avahi 0.5
Avahi Avahi 0.6.20
Avahi Avahi 0.6.19
Avahi Avahi 0.6.12
Avahi Avahi 0.6.11
Avahi Avahi 0.6.10
Avahi Avahi 0.6.3
Avahi Avahi 0.6.2
Avahi Avahi 0.2
Avahi Avahi 0.1
Avahi Avahi 0.6.22
Avahi Avahi 0.6.21
Avahi Avahi 0.6.14
Avahi Avahi 0.6.13
Avahi Avahi 0.6.5
Avahi Avahi 0.6.4
Avahi Avahi 0.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »