Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus d-bus vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-18248
The add_job function in scheduler/ipp.c in CUPS prior to 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.
Apple Cups
2.1
CVSSv2
CVE-2007-3372
The Avahi daemon in Avahi prior to 0.6.20 allows malicious users to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error.
Avahi Avahi
5
CVSSv2
CVE-2008-5081
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi prior to 0.6.24 allows remote malicious users to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
Avahi Avahi 0.6.16
Avahi Avahi 0.6.15
Avahi Avahi 0.6.7
Avahi Avahi 0.6.6
Avahi Avahi 0.5.1
Avahi Avahi 0.5
Avahi Avahi 0.6.20
Avahi Avahi 0.6.19
Avahi Avahi 0.6.12
Avahi Avahi 0.6.11
Avahi Avahi 0.6.10
Avahi Avahi 0.6.3
Avahi Avahi 0.6.2
Avahi Avahi 0.2
Avahi Avahi 0.1
Avahi Avahi 0.6.22
Avahi Avahi 0.6.21
Avahi Avahi 0.6.14
Avahi Avahi 0.6.13
Avahi Avahi 0.6.5
Avahi Avahi 0.6.4
Avahi Avahi 0.4
1 EDB exploit
7.2
CVSSv2
CVE-2011-0729
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector prior to 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) ...
Ubuntu Language-selector 0.6.4
Ubuntu Language-selector 0.6.3
Ubuntu Language-selector 0.6.2
Ubuntu Language-selector 0.6.1
Ubuntu Language-selector 0.4.16
Ubuntu Language-selector 0.4.15
Ubuntu Language-selector 0.4.14
Ubuntu Language-selector 0.4.13
Ubuntu Language-selector 0.4.2
Ubuntu Language-selector 0.4.1
Ubuntu Language-selector 0.4.0
Ubuntu Language-selector 0.3.21
Ubuntu Language-selector 0.3.5
Ubuntu Language-selector 0.3.4
Ubuntu Language-selector 0.3.3
Ubuntu Language-selector 0.3.2
Ubuntu Language-selector 0.2.0
Ubuntu Language-selector 0.1.30
Ubuntu Language-selector 0.1.29
Ubuntu Language-selector 0.1.28
Ubuntu Language-selector 0.1.27
Ubuntu Language-selector 0.1.14
7.5
CVSSv2
CVE-2018-12562
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards (such as in an injected string:/home...
Cantata Project Cantata
6.8
CVSSv2
CVE-2009-4144
NetworkManager (NM) 0.7.2 does not ensure that the configured Certification Authority (CA) certificate file for a (1) WPA Enterprise or (2) 802.1x network remains present upon a connection attempt, which might allow remote malicious users to obtain sensitive information or cause ...
Gnome Networkmanager 0.7.2
3.3
CVSSv2
CVE-2011-2533
The configure script in D-Bus (aka DBus) 1.2.x prior to 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/.
Freedesktop Dbus 1.2.4
Freedesktop Dbus 1.2.3
Freedesktop Dbus 1.2.1
Freedesktop Dbus 1.2.12
Freedesktop Dbus 1.2.14
Freedesktop Dbus 1.2.22
Freedesktop Dbus 1.2.20
Freedesktop Dbus 1.2.8
Freedesktop Dbus 1.2.18
Freedesktop Dbus 1.2.10
Freedesktop Dbus 1.2.26
Freedesktop Dbus 1.2.24
Freedesktop Dbus 1.2.16
Freedesktop Dbus 1.2.6
4.6
CVSSv2
CVE-2019-12795
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs prior to 1.38.3, 1.40.x prior to 1.40.2, and 1.41.x prior to 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Not...
Gnome Gvfs
2.1
CVSSv2
CVE-2017-5084
Inappropriate implementation in image-burner in Google Chrome OS before 59.0.3071.92 allowed a local malicious user to read local files via dbus-send commands to a BurnImage D-Bus endpoint.
Google Chrome Os
NA
CVE-2022-42010
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »