Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus d-bus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-40673
KDiskMark prior to 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache.
Kdiskmark Project Kdiskmark
Fedoraproject Fedora 36
3.6
CVSSv2
CVE-2009-1189
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) prior to 1.2.14 uses incorrect logic to validate a basic type, which allows remote malicious users to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE...
Freedesktop Dbus 0.13
Freedesktop Dbus 0.60
Freedesktop Dbus 1.1.2
Freedesktop Dbus 0.34
Freedesktop Dbus 0.92
Freedesktop Dbus 0.50
Freedesktop Dbus
Freedesktop Dbus 0.35.1
Freedesktop Dbus 0.5
Freedesktop Dbus 0.36.1
Freedesktop Dbus 0.33
Freedesktop Dbus 1.0
Freedesktop Dbus 0.10
Freedesktop Dbus 0.11
Freedesktop Dbus 1.1.0
Freedesktop Dbus 0.2
Freedesktop Dbus 1.0.2
Freedesktop Dbus 1.1.20
Freedesktop Dbus 0.9
Freedesktop Dbus 1.2.1
Freedesktop Dbus 0.23.2
Freedesktop Dbus 0.35
NA
CVE-2023-40293
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object.
Samsung Harman Infotainment 20190525031613
4
CVSSv2
CVE-2018-12560
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. Arbitrary unmounts can be performed by regular users via directory traversal sequences such as a home/../sys/kernel substring.
Cantata Project Cantata
6
CVSSv2
CVE-2021-23556
The package guake prior to 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of execute_command and execute_command_by_uuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via the d-bus metho...
Guake-project Guake
6.5
CVSSv2
CVE-2018-12561
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. A regular user can inject additional mount options such as file_mode= by manipulating (for example) the domain parameter of the samba URL.
Cantata Project Cantata
4.9
CVSSv2
CVE-2020-12049
An issue exists in dbus >= 1.3.0 prior to 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's priv...
Freedesktop Dbus
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
2.1
CVSSv2
CVE-2018-19358
GNOME Keyring up to and including 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mec...
Gnome Gnome-keyring
1 Github repository
2.1
CVSSv2
CVE-2012-5560
The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call.
Mate-desktop Mate-settings-daemon 1.5.3
3.5
CVSSv2
CVE-2017-18248
The add_job function in scheduler/ipp.c in CUPS prior to 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.
Apple Cups
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »