Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus vulnerabilities and exploits
(subscribe to this query)
6.9
CVSSv2
CVE-2013-4327
systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-201...
Systemd Project Systemd
Debian Debian Linux 7.0
Canonical Ubuntu Linux 13.04
4.6
CVSSv2
CVE-2008-4311
The default configuration of system.conf in D-Bus (aka DBus) prior to 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving message...
Freedesktop Dbus 1.1.4
Freedesktop Dbus 1.0
Freedesktop Dbus 0.92
Freedesktop Dbus 0.36.2
Freedesktop Dbus 0.36.1
Freedesktop Dbus
Freedesktop Dbus 1.1.2
Freedesktop Dbus 0.91
Freedesktop Dbus 0.90
Freedesktop Dbus 0.36
Freedesktop Dbus 0.35.2
Freedesktop Dbus 0.23.3
Freedesktop Dbus 0.23.2
Freedesktop Dbus 0.11
Freedesktop Dbus 0.10
Freedesktop Dbus 0.3
Freedesktop Dbus 0.2
Freedesktop Dbus 1.1.1
Freedesktop Dbus 1.1.0
Freedesktop Dbus 0.62
Freedesktop Dbus 0.61
Freedesktop Dbus 0.35.1
4.8
CVSSv2
CVE-2018-16266
The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen prior to 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
Linux Tizen 1.0
Linux Tizen 2.0
Linux Tizen 2.1
Linux Tizen 2.2
Linux Tizen 2.2.1
Linux Tizen 2.3
Linux Tizen 2.3.1
Linux Tizen 2.4
Linux Tizen 3.0
Linux Tizen 4.0
Linux Tizen 5.0
5
CVSSv2
CVE-2018-16269
The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE...
Samsung Galaxy Gear Firmware
Samsung Gear 2 Firmware
Samsung Gear Live Firmware
Samsung Gear S Firmware
Samsung Gear S2 Firmware
Samsung Gear S3 Firmware
Samsung Gear Sport Firmware
Samsung Gear Fit Firmware
Samsung Gear Fit 2 Firmware
Samsung Gear Fit 2 Pro Firmware
2.1
CVSSv2
CVE-2014-7824
D-Bus 1.3.0 up to and including 1.6.x prior to 1.6.26, 1.8.x prior to 1.8.10, and 1.9.x prior to 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability e...
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.6.24
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.9.0
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.6.14
Freedesktop Dbus 1.6.6
Freedesktop Dbus 1.6.22
Freedesktop Dbus 1.8.6
Freedesktop Dbus 1.6.18
Freedesktop Dbus 1.8.8
Freedesktop Dbus 1.8.4
Freedesktop Dbus 1.8.2
Freedesktop Dbus 1.6.2
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Mageia Project Mageia 4
7.2
CVSSv2
CVE-2009-4642
gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate malicious users to access an unattended workstation on which screen locking had b...
Gnome Screensaver 2.26.1
NA
CVE-2023-4104
An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN ...
Mozilla Vpn
1 Article
3.3
CVSSv2
CVE-2018-16264
The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations. This affects Tizen prior to 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear seri...
Linux Tizen 1.0
Linux Tizen 2.0
Linux Tizen 2.1
Linux Tizen 2.2
Linux Tizen 2.2.1
Linux Tizen 2.3
Linux Tizen 2.3.1
Linux Tizen 2.4
Linux Tizen 3.0
Linux Tizen 4.0
Linux Tizen 5.0
7.5
CVSSv2
CVE-2018-16272
The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build R...
Samsung Galaxy Gear Firmware
Samsung Gear 2 Firmware
Samsung Gear Live Firmware
Samsung Gear S Firmware
Samsung Gear S2 Firmware
Samsung Gear S3 Firmware
Samsung Gear Sport Firmware
Samsung Gear Fit Firmware
Samsung Gear Fit 2 Firmware
Samsung Gear Fit 2 Pro Firmware
3.3
CVSSv2
CVE-2018-16265
The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This affects Tizen prior to 5.0 M1, and Tizen-based firmwares including Samsung...
Linux Tizen 1.0
Linux Tizen 2.0
Linux Tizen 2.1
Linux Tizen 2.2
Linux Tizen 2.2.1
Linux Tizen 2.3
Linux Tizen 2.3.1
Linux Tizen 2.4
Linux Tizen 3.0
Linux Tizen 4.0
Linux Tizen 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »