Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2018-14345
An issue exists in SDDM up to and including 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display...
Sddm Project Sddm
5.8
CVSSv2
CVE-2018-16262
The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen prior to 5.0 M1, and Tizen-ba...
Linux Tizen 1.0
Linux Tizen 2.0
Linux Tizen 2.1
Linux Tizen 2.2
Linux Tizen 2.2.1
Linux Tizen 2.3
Linux Tizen 2.3.1
Linux Tizen 2.4
Linux Tizen 3.0
Linux Tizen 4.0
Linux Tizen 5.0
NA
CVE-2024-34397
An issue exists in GNOME GLib prior to 2.78.5, and 2.79.x and 2.80.x prior to 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that th...
4.9
CVSSv2
CVE-2011-0725
Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface.
Sebastian Heinlein Aptdaemon 0.40
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
9.3
CVSSv2
CVE-2015-1326
python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file.
Python-dbusmock Project Python-dbusmock
3.3
CVSSv2
CVE-2018-16268
The SoundServer/FocusServer system services in Tizen allow an unprivileged process to perform media-related system actions, due to improper D-Bus security policy configurations. Such actions include playing an arbitrary sound file or DTMF tones. This affects Tizen prior to 5.0 M1...
Linux Tizen 1.0
Linux Tizen 2.0
Linux Tizen 2.1
Linux Tizen 2.2
Linux Tizen 2.2.1
Linux Tizen 2.3
Linux Tizen 2.3.1
Linux Tizen 2.4
Linux Tizen 3.0
Linux Tizen 4.0
Linux Tizen 5.0
9
CVSSv2
CVE-2017-7622
dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 up to and including 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. Anybody can change the grub config, even to append some arguments to mak...
Deepin Deepin Desktop Environment 15.2
Deepin Deepin Desktop Environment 15.3
Deepin Deepin Desktop Environment 15.1
Deepin Deepin Desktop Environment 15.0
1 Github repository
4.8
CVSSv2
CVE-2018-16267
The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu, and prompting a popup with arbitrary strings. This affe...
Linux Tizen 1.0
Linux Tizen 2.0
Linux Tizen 2.1
Linux Tizen 2.2
Linux Tizen 2.2.1
Linux Tizen 2.3
Linux Tizen 2.3.1
Linux Tizen 2.4
Linux Tizen 3.0
Linux Tizen 4.0
Linux Tizen 5.0
3.3
CVSSv2
CVE-2018-16271
The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. An arbitrary email can also be sent from the mailbox via the ...
Samsung Galaxy Gear Firmware
Samsung Gear 2 Firmware
Samsung Gear Live Firmware
Samsung Gear S Firmware
Samsung Gear S2 Firmware
Samsung Gear S3 Firmware
Samsung Gear Sport Firmware
Samsung Gear Fit Firmware
Samsung Gear Fit 2 Firmware
Samsung Gear Fit 2 Pro Firmware
NA
CVE-2023-34969
D-Bus prior to 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to t...
Freedesktop Dbus
Fedoraproject Fedora 38
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »