CVE-2026-34969

Nhost CVE-2026-34969 affects the Nhost project (auth service) where, before 0.48.0, the OAuth provider callback incorrectly appended the refresh token as a URL query parameter during redirect. This caused refresh tokens to be exposed in browser history, server logs, HTTP Referer headers, and prox...

CVE-2026-34969

creationtimestamp| type| source ---|---|--- 2026-03-31 15:36:53+00:00| published-proof-of-concept| https://github.com/nhost/nhost/security/advisories/GHSA-g2qj-prgh-4g9r 2026-04-22 21:20:09+00:00| published-proof-of-concept| Telegram/wn9Qi4rYZ0wmwM3QnYEzwEWgvyumLNiA44jY2rXcciEdxg...

MiracleLinux 9 : dbus-1.12.20-7.el9.1 (AXSA:2023-6323:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6323:07 advisory. dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered CVE-2023-34969 Tenable has extracted the...

MiracleLinux 8 : dbus-1.12.8-24.el8.1 (AXSA:2023-6317:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6317:06 advisory. dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered CVE-2023-34969 CVEs: CVE-2023-34969 Tenable h...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2023-34969)

D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus- daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemo...

TencentOS Server 3: dbus (TSSA-2023:0171)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0171 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2022-34969

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

Alibaba Cloud Linux 3 : 0092: dbus (ALINUX3-SA-2023:0092)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0092 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-34969: D-Bus before 1.15.6 sometimes allow...

Advisory ROSA-SA-2025-2603

software: dbus 1.12.20 WASP: ROSA-CHROME packageevrstring: dbus-1.12.20-8 CVE-ID: CVE-2022-42010 BDU-ID: 2022-06389 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the D-Bus interprocess communication system is related to the reachability of an assertion in debug assemblies caused by a syntactical...

NewStart CGSL MAIN 6.02 : dbus Vulnerability (NS-SA-2024-0062)

The remote NewStart CGSL host, running version MAIN 6.02, has dbus packages installed that are affected by a vulnerability: - An assertion failure vulnerability was found in D-Bus. This issue occurs when a privileged monitoring connection dbus-monitor, busctl monitor, gdbus monitor, or similar is...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.100173)

The version of AHV installed on the remote host is prior to 20230302.102005. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.100173 advisory. - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in...

RHEL 7 : dbus (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour CVE-2020-35512...

CVE-2021-34969 Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2023-34969

creationtimestamp| type| source ---|---|--- 2024-04-12 10:47:49+00:00| seen| https://t.me/arpsyndicate/4594 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

openSUSE: Security Advisory for dbus (SUSE-SU-2023:2877-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : dbus (CESA-2023:4498)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:4498 advisory. - D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the...

Medium: dbus

Issue Overview: D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the...

Medium: dbus

Issue Overview: D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the...

EulerOS 2.0 SP11 : dbus (EulerOS-SA-2023-2840)

According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the...

EulerOS Virtualization 2.9.1 : dbus (EulerOS-SA-2023-2954)

According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemo...