Lucene search
K

113 matches found

OSV
OSV
added 2018/11/18 7:29 p.m.11 views

CVE-2018-19358

GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms involving the busconf...

7.8CVSS6.7AI score
Exploits0References5
Debian CVE
Debian CVE
added 2018/11/18 7:0 p.m.95 views

CVE-2018-19358

GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms involving the busconf...

7.8CVSS6.8AI score0.00554EPSS
Exploits1
Cvelist
Cvelist
added 2018/11/18 7:0 p.m.36 views

CVE-2018-19358

GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms involving the busconf...

6.9AI score0.00554EPSS
Exploits1References5
Debian
Debian
added 2018/09/05 6:28 p.m.24 views

[SECURITY] [DLA 1494-1] gdm3 security update

Package : gdm3 Version : 3.14.1-7+deb8u1 CVE ID : CVE-2018-14424 The daemon in GDM does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulti...

7.8CVSS6.6AI score0.00532EPSS
Exploits0
OSV
OSV
added 2018/08/14 6:29 p.m.23 views

CVE-2018-14424

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code...

7.8CVSS7.6AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2018/08/13 3:48 p.m.29 views

CVE-2018-14424

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code...

7.8CVSS5.2AI score0.00532EPSS
Exploits0References2
seebug.org
seebug.org
added 2017/05/19 12:0 a.m.58 views

KDE kauth and kdelibs Logic Flaw Lets Local Users Obtain Root Privileges(CVE-2017-8422)

This document describes a generic root exploit against kde. The exploit is achieved by abusing a logic flaw within the KAuth framework which is present in kde4 org.kde.auth and kde5 org.kde.kf5auth. It is possible to spoof what KAuth calls callerID's which are indeed D-Bus unique names of the...

7.2CVSS7.6AI score0.01805EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2016/11/28 12:0 a.m.55 views

CentOS 7 : firewalld (CESA-2016:2597)

An update for firewalld is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

5.5CVSS5.5AI score0.00364EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/11/03 8:11 a.m.58 views

Moderate: Red Hat Security Advisory: firewalld security, bug fix, and enhancement update

An update for firewalld is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

5.5CVSS6AI score0.00364EPSS
Exploits0References37
Fedora
Fedora
added 2016/09/03 5:43 p.m.28 views

[SECURITY] Fedora 25 Update: firewalld-0.4.3.3-1.fc25

firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface...

5.5CVSS2.6AI score0.00364EPSS
Exploits0
Fedora
Fedora
added 2015/09/27 3:28 a.m.16 views

[SECURITY] Fedora 22 Update: rolekit-0.3.2-2.fc22

rolekit is a server daemon that provides a D-Bus interface and server roles...

2.3AI score
Exploits0
Fedora
Fedora
added 2015/09/04 7:50 p.m.15 views

[SECURITY] Fedora 23 Update: rolekit-0.4.0-4.rc1.fc23

rolekit is a server daemon that provides a D-Bus interface and server roles...

2.3AI score
Exploits0
NVD
NVD
added 2014/04/07 3:55 p.m.21 views

CVE-2012-2095

The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message...

6.9CVSS6.2AI score0.00802EPSS
Exploits2References15
OSV
OSV
added 2014/04/07 3:55 p.m.9 views

CVE-2012-2095

The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message...

6.2AI score
Exploits0References15
UbuntuCve
UbuntuCve
added 2014/04/07 3:55 p.m.20 views

CVE-2012-2095

The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message...

6.9CVSS6AI score0.00802EPSS
Exploits2References2
CVE
CVE
added 2014/04/07 3:0 p.m.78 views

CVE-2012-2095

The CVE-2012-2095 issue affects WICD before 1.7.2, where the SetWiredProperty function in the D-Bus interface allows local users to write arbitrary configuration and gain privileges via a crafted property name in a dbus message. This is a local-privilege-escalation vulnerability with CVSS v2 base...

6.9CVSS6.3AI score0.00802EPSS
Exploits2References15Affected Software2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.25 views

Scientific Linux Security Update : NetworkManager on SL5.x i386/x86_64

CVE-2009-4145 NetworkManager: information disclosure by nm-connection-editor CVE-2009-4144 NetworkManager: WPA enterprise network not verified when certificate is removed A missing network certificate verification flaw was found in NetworkManager. If a user created a WPA Enterprise or 802.1x...

6.8CVSS5.3AI score0.01897EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/06/22 12:0 a.m.31 views

GLSA-201206-08 : Wicd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201206-08 Wicd: Multiple vulnerabilities Two vulnerabilities have been found in Wicd: Passwords and passphrases are written to /var/log/wicd CVE-2012-0813. Input from the daemon's D-Bus interface is not properly sanitized...

6.9CVSS5.5AI score0.00802EPSS
Exploits2References3
NVD
NVD
added 2011/02/23 7:0 p.m.24 views

CVE-2011-0725

Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sourceslist argument, related to the D-Bus interface...

4.9CVSS6.2AI score0.00392EPSS
Exploits0References6
Prion
Prion
added 2011/02/23 7:0 p.m.15 views

Path traversal

Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sourceslist argument, related to the D-Bus interface...

4.9CVSS6.7AI score0.00392EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder