Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-12562
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards (such as in an injected string:/home...
Cantata Project Cantata
641
VMScore
CVE-2011-0729
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector prior to 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) ...
Ubuntu Language-selector 0.6.4
Ubuntu Language-selector 0.6.3
Ubuntu Language-selector 0.6.2
Ubuntu Language-selector 0.6.1
Ubuntu Language-selector 0.4.16
Ubuntu Language-selector 0.4.15
Ubuntu Language-selector 0.4.14
Ubuntu Language-selector 0.4.13
Ubuntu Language-selector 0.4.2
Ubuntu Language-selector 0.4.1
Ubuntu Language-selector 0.4.0
Ubuntu Language-selector 0.3.21
Ubuntu Language-selector 0.3.5
Ubuntu Language-selector 0.3.4
Ubuntu Language-selector 0.3.3
Ubuntu Language-selector 0.3.2
Ubuntu Language-selector 0.2.0
Ubuntu Language-selector 0.1.30
Ubuntu Language-selector 0.1.29
Ubuntu Language-selector 0.1.28
Ubuntu Language-selector 0.1.27
Ubuntu Language-selector 0.1.14
605
VMScore
CVE-2009-4144
NetworkManager (NM) 0.7.2 does not ensure that the configured Certification Authority (CA) certificate file for a (1) WPA Enterprise or (2) 802.1x network remains present upon a connection attempt, which might allow remote malicious users to obtain sensitive information or cause ...
Gnome Networkmanager 0.7.2
505
VMScore
CVE-2008-5081
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi prior to 0.6.24 allows remote malicious users to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
Avahi Avahi 0.6.16
Avahi Avahi 0.6.15
Avahi Avahi 0.6.7
Avahi Avahi 0.6.6
Avahi Avahi 0.5.1
Avahi Avahi 0.5
Avahi Avahi 0.6.20
Avahi Avahi 0.6.19
Avahi Avahi 0.6.12
Avahi Avahi 0.6.11
Avahi Avahi 0.6.10
Avahi Avahi 0.6.3
Avahi Avahi 0.6.2
Avahi Avahi 0.2
Avahi Avahi 0.1
Avahi Avahi 0.6.22
Avahi Avahi 0.6.21
Avahi Avahi 0.6.14
Avahi Avahi 0.6.13
Avahi Avahi 0.6.5
Avahi Avahi 0.6.4
Avahi Avahi 0.4
1 EDB exploit
187
VMScore
CVE-2007-3372
The Avahi daemon in Avahi prior to 0.6.20 allows malicious users to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error.
Avahi Avahi
294
VMScore
CVE-2011-2533
The configure script in D-Bus (aka DBus) 1.2.x prior to 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/.
Freedesktop Dbus 1.2.4
Freedesktop Dbus 1.2.3
Freedesktop Dbus 1.2.1
Freedesktop Dbus 1.2.12
Freedesktop Dbus 1.2.14
Freedesktop Dbus 1.2.22
Freedesktop Dbus 1.2.20
Freedesktop Dbus 1.2.8
Freedesktop Dbus 1.2.18
Freedesktop Dbus 1.2.10
Freedesktop Dbus 1.2.26
Freedesktop Dbus 1.2.24
Freedesktop Dbus 1.2.16
Freedesktop Dbus 1.2.6
409
VMScore
CVE-2019-12795
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs prior to 1.38.3, 1.40.x prior to 1.40.2, and 1.41.x prior to 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Not...
Gnome Gvfs
187
VMScore
CVE-2017-5084
Inappropriate implementation in image-burner in Google Chrome OS before 59.0.3071.92 allowed a local malicious user to read local files via dbus-send commands to a BurnImage D-Bus endpoint.
Google Chrome Os
NA
CVE-2022-42010
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-42011
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of t...
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »