Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d-bus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3372
The Avahi daemon in Avahi prior to 0.6.20 allows malicious users to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error.
Avahi Avahi
NA
CVE-2008-5081
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi prior to 0.6.24 allows remote malicious users to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
Avahi Avahi 0.6.16
Avahi Avahi 0.6.15
Avahi Avahi 0.6.7
Avahi Avahi 0.6.6
Avahi Avahi 0.5.1
Avahi Avahi 0.5
Avahi Avahi 0.6.20
Avahi Avahi 0.6.19
Avahi Avahi 0.6.12
Avahi Avahi 0.6.11
Avahi Avahi 0.6.10
Avahi Avahi 0.6.3
Avahi Avahi 0.6.2
Avahi Avahi 0.2
Avahi Avahi 0.1
Avahi Avahi 0.6.22
Avahi Avahi 0.6.21
Avahi Avahi 0.6.14
Avahi Avahi 0.6.13
Avahi Avahi 0.6.5
Avahi Avahi 0.6.4
Avahi Avahi 0.4
1 EDB exploit
NA
CVE-2011-0729
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector prior to 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) ...
Ubuntu Language-selector 0.6.4
Ubuntu Language-selector 0.6.3
Ubuntu Language-selector 0.6.2
Ubuntu Language-selector 0.6.1
Ubuntu Language-selector 0.4.16
Ubuntu Language-selector 0.4.15
Ubuntu Language-selector 0.4.14
Ubuntu Language-selector 0.4.13
Ubuntu Language-selector 0.4.2
Ubuntu Language-selector 0.4.1
Ubuntu Language-selector 0.4.0
Ubuntu Language-selector 0.3.21
Ubuntu Language-selector 0.3.5
Ubuntu Language-selector 0.3.4
Ubuntu Language-selector 0.3.3
Ubuntu Language-selector 0.3.2
Ubuntu Language-selector 0.2.0
Ubuntu Language-selector 0.1.30
Ubuntu Language-selector 0.1.29
Ubuntu Language-selector 0.1.28
Ubuntu Language-selector 0.1.27
Ubuntu Language-selector 0.1.14
9.8
CVSSv3
CVE-2018-12562
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards (such as in an injected string:/home...
Cantata Project Cantata
NA
CVE-2009-4144
NetworkManager (NM) 0.7.2 does not ensure that the configured Certification Authority (CA) certificate file for a (1) WPA Enterprise or (2) 802.1x network remains present upon a connection attempt, which might allow remote malicious users to obtain sensitive information or cause ...
Gnome Networkmanager 0.7.2
NA
CVE-2011-2533
The configure script in D-Bus (aka DBus) 1.2.x prior to 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/.
Freedesktop Dbus 1.2.4
Freedesktop Dbus 1.2.3
Freedesktop Dbus 1.2.1
Freedesktop Dbus 1.2.12
Freedesktop Dbus 1.2.14
Freedesktop Dbus 1.2.22
Freedesktop Dbus 1.2.20
Freedesktop Dbus 1.2.8
Freedesktop Dbus 1.2.18
Freedesktop Dbus 1.2.10
Freedesktop Dbus 1.2.26
Freedesktop Dbus 1.2.24
Freedesktop Dbus 1.2.16
Freedesktop Dbus 1.2.6
3.3
CVSSv3
CVE-2017-5084
Inappropriate implementation in image-burner in Google Chrome OS before 59.0.3071.92 allowed a local malicious user to read local files via dbus-send commands to a BurnImage D-Bus endpoint.
Google Chrome Os
7.8
CVSSv3
CVE-2019-12795
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs prior to 1.38.3, 1.40.x prior to 1.40.2, and 1.41.x prior to 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Not...
Gnome Gvfs
6.5
CVSSv3
CVE-2022-42010
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2022-42011
An issue exists in D-Bus prior to 1.12.24, 1.13.x and 1.14.x prior to 1.14.4, and 1.15.x prior to 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of t...
Freedesktop Dbus
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »