Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
service bus vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2021-3560
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local malicious user to, for example, create a new local administrator. The hi...
Polkit Project Polkit
Debian Debian Linux 11.0
Canonical Ubuntu Linux 20.04
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Redhat Openshift Container Platform 4.7
48 Github repositories
1 Article
7.2
CVSSv2
CVE-2021-3489
The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an malicious user to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed ...
Linux Linux Kernel
Linux Linux Kernel 5.13
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
1 Github repository
7.2
CVSSv2
CVE-2021-3490
The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4...
Linux Linux Kernel
Linux Linux Kernel 5.13
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
6 Github repositories
1 Article
7.2
CVSSv2
CVE-2021-3491
The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. This could be used to create a heap overflow leading to arbitrary code e...
Linux Linux Kernel
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
7.2
CVSSv2
CVE-2021-3543
A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.
Nitro Enclaves Project Nitro Enclaves
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
7.2
CVSSv2
CVE-2021-21261
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug exists in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape). This sandbox-escape bug is pres...
Flatpak Flatpak
Debian Debian Linux 10.0
7.2
CVSSv2
CVE-2020-27187
An issue exists in KDE Partition Manager 4.1.0 prior to 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning r...
Kde Partition Manager
7.2
CVSSv2
CVE-2015-3151
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.
Redhat Automatic Bug Reporting Tool -
7.2
CVSSv2
CVE-2015-3150
abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method.
Redhat Automatic Bug Reporting Tool -
7.2
CVSSv2
CVE-2014-8156
The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged) git ma...
Phonefsod Project Phonefsod 0.1
Fso-usaged Project Fso-usaged 0.12.0-2
Fso-frameworkd Project Fso-frameworkd 0.9.5.9
Fso-gsmd Project Fso-gsmd 0.12.0-3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »