Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34969
D-Bus prior to 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to t...
Freedesktop Dbus
Fedoraproject Fedora 38
Debian Debian Linux 10.0
4.4
CVSSv2
CVE-2018-8885
screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._chec...
Canonical Screen-resolution-extra 0.17.2
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
1.9
CVSSv2
CVE-2013-2168
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x prior to 1.4.26, 1.6.x prior to 1.6.12, and 1.7.x prior to 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.
Freedesktop Dbus 1.4.18
Freedesktop Dbus 1.4.24
Freedesktop Dbus 1.4.12
Freedesktop Dbus 1.4.6
Freedesktop Dbus 1.4.16
Freedesktop Dbus 1.4.8
Freedesktop Dbus 1.4.14
Freedesktop Dbus 1.4.1
Freedesktop Dbus 1.4.0
Freedesktop Dbus 1.4.20
Freedesktop Dbus 1.4.10
Freedesktop Dbus 1.4.4
Freedesktop Dbus 1.7.0
Freedesktop Dbus 1.7.2
Freedesktop Dbus 1.6.4
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.6.8
Freedesktop Dbus 1.6.6
Freedesktop Dbus 1.6.2
Opensuse Opensuse 12.3
NA
CVE-2023-3899
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.re...
Redhat Subscription-manager
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6
Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
4.6
CVSSv2
CVE-2013-1065
backend.py in Jockey prior to 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pk...
Martin Pitt Jockey
Martin Pitt Jockey 0.9.7-0ubuntu7.8
Martin Pitt Jockey 0.9.7-0ubuntu7.1
Martin Pitt Jockey 0.9.7-0ubuntu7.6
Martin Pitt Jockey 0.9.7-0ubuntu7.5
Martin Pitt Jockey 0.9.7-0ubuntu7.4
Martin Pitt Jockey 0.9.7-0ubuntu7.3
Martin Pitt Jockey 0.9.7-0ubuntu7.9
Martin Pitt Jockey 0.9.7-0ubuntu7.7
Martin Pitt Jockey 0.9.7-0ubuntu7.2
Martin Pitt Jockey 0.9.7-0ubuntu7
Canonical Ubuntu Linux 12.04
6.9
CVSSv2
CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman prior to 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower...
Blueman Project Blueman
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
4.6
CVSSv2
CVE-2013-1064
apt-xapian-index prior to 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1...
Canonical Apt-xapian-index 0.44ubuntu7.1
Canonical Apt-xapian-index 0.44ubuntu5.1
Canonical Apt-xapian-index
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
7.2
CVSSv2
CVE-2021-21261
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug exists in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape). This sandbox-escape bug is pres...
Flatpak Flatpak
Debian Debian Linux 10.0
4.6
CVSSv2
CVE-2013-1063
usb-creator 0.2.47 prior to 0.2.47.1, 0.2.40 prior to 0.2.40ubuntu2, and 0.2.38 prior to 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Evan Dandrea Usb-creator 0.2.47
Evan Dandrea Usb-creator 0.2.40
Evan Dandrea Usb-creator 0.2.38
Evan Dandrea Usb-creator 0.2.38.1
NA
CVE-2022-31615
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.
Nvidia Gpu Display Driver
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »