Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-42012
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.9
CVSSv2
CVE-2012-2095
The SetWiredProperty function in the D-Bus interface in WICD prior to 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
Fedoraproject Fedora 15
David Paleino Wicd 1.5.3
David Paleino Wicd 1.5.2
David Paleino Wicd 1.5.1
David Paleino Wicd 1.5.0
Fedoraproject Fedora 16
David Paleino Wicd
David Paleino Wicd 1.5.6
David Paleino Wicd 1.5.4
David Paleino Wicd 1.4.2
David Paleino Wicd 1.4.0
David Paleino Wicd 1.7.0
David Paleino Wicd 1.6.2
David Paleino Wicd 1.6.0
David Paleino Wicd 1.5.9
David Paleino Wicd 1.5.8
David Paleino Wicd 1.2.7
Fedoraproject Fedora 17
David Paleino Wicd 1.7.1
David Paleino Wicd 1.5.7
David Paleino Wicd 1.5.5
David Paleino Wicd 1.4.1
1 EDB exploit
7.2
CVSSv2
CVE-2015-3151
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.
Redhat Automatic Bug Reporting Tool -
NA
CVE-2021-36217
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3502. Reason: This candidate is a duplicate of CVE-2021-3502. Notes: All CVE users should reference CVE-2021-3502 instead of this candidate. All references and descriptions in this candidate have been removed...
7.2
CVSSv2
CVE-2014-8148
The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root privileges.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Midgard-project Midgard2 10.05.7.1
6.5
CVSSv2
CVE-2018-12559
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. The mount target path check in mounter.cpp `mpOk()` is insufficient. A regular user can consequently mount a CIFS filesystem anywhere (e.g., outside of the /home directory tree) by passing ...
Cantata Project Cantata
6
CVSSv2
CVE-2011-2520
fw_dbus.py in system-config-firewall 1.2.29 and previous versions uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
Redhat System-config-firewall
Fedoraproject Fedora 15
NA
CVE-2023-3297
In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.
Canonical Accountsservice
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Ubuntu Linux 23.04
2.1
CVSSv2
CVE-2020-16126
An Ubuntu-specific modification to AccountsService in versions prior to 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion.
Freedesktop Accountsservice
1 Github repository
5.8
CVSSv2
CVE-2018-16263
The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen prior to 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
Linux Tizen 1.0
Linux Tizen 2.0
Linux Tizen 2.1
Linux Tizen 2.2
Linux Tizen 2.2.1
Linux Tizen 2.3
Linux Tizen 2.3.1
Linux Tizen 2.4
Linux Tizen 3.0
Linux Tizen 4.0
Linux Tizen 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »