Lucene search
K

59 matches found

SUSE CVE
SUSE CVE
added 2024/08/08 2:36 a.m.3 views

SUSE CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

8.8CVSS9.4AI score0.00658EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2024/08/07 2:16 p.m.24 views

CVE-2024-5290

A vulnerability was found in the wpasupplicant package. This flaw allows a local unprivileged user who is part of the netdev group to achieve privilege escalation to the same user running wpasupplicant typically root. Mitigation Mitigation for this issue is either not available or the currently...

6.4CVSS8.4AI score0.00658EPSS
Exploits1References5
OSV
OSV
added 2024/08/07 9:16 a.m.1 views

DEBIAN-CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

7.8CVSS7.4AI score0.00658EPSS
Exploits1References1
OSV
OSV
added 2024/08/07 9:16 a.m.19 views

CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

7.8CVSS8.7AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/08/07 8:14 a.m.27 views

CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

8.8CVSS7.2AI score0.00658EPSS
Exploits1References3
OSV
OSV
added 2024/08/06 4:0 p.m.3 views

UBUNTU-CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

8.8CVSS7.4AI score0.00658EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.4 views

PT-2024-5576 · Unknown +4 · Wpa Supplicant +4

Name of the Vulnerable Software and Affected Versions: wpa supplicant affected versions not specified Description: The issue is related to an uncontrolled search path element in wpa supplicant, allowing a local unprivileged attacker to escalate privileges to the user that wpa supplicant runs as,...

8.8CVSS7.2AI score0.00658EPSS
Exploits1References33
OSV
OSV
added 2024/05/08 2:15 a.m.6 views

AZL-40343 CVE-2024-1930 affecting package dnf5 for versions less than 5.1.11-3

No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the opensession D-Bus method. For each...

6.5CVSS5.8AI score0.00299EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2023/08/22 4:41 p.m.3 views

subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the...

7.8CVSS7.3AI score0.00253EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/22 4:35 p.m.6 views

subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the...

7.8CVSS7.3AI score0.00253EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/22 4:6 p.m.2 views

subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the...

7.8CVSS7.3AI score0.00253EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/22 3:56 p.m.1 views

subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the...

7.8CVSS7.3AI score0.00253EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/22 12:0 a.m.5 views

PT-2023-4483 · Red Hat +5 · Subscription-Manager +6

Name of the Vulnerable Software and Affected Versions: subscription-manager affected versions not specified Description: A flaw in the authorization procedure of the D-Bus interface com.redhat.RHSM1 allows local privilege escalation. The interface exposes several methods to all users, which can...

7.8CVSS8.7AI score0.00253EPSS
Exploits0References32
SUSE CVE
SUSE CVE
added 2023/02/15 5:0 a.m.3 views

SUSE CVE-2016-5410

firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the 1 addPassthrough, 2 removePassthrough, 3 addEntry, 4 removeEntry, or 5 setEntries D-Bus API method...

5.5CVSS6.9AI score0.00364EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.2 views

SUSE CVE-2018-14424

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code...

7CVSS7.3AI score0.00532EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/12/13 4:11 p.m.5 views

usbguard: Fix unauthorized access via D-Bus

A flaw was found in usbguard. The vulnerability occurs due to the No default access control listACL on some D-Bus methods and leads to unauthorized access. This flaw allows an attacker to access and escape policy configuration...

7.8CVSS5.7AI score0.00378EPSS
Exploits1References4
OSV
OSV
added 2020/12/09 4:15 a.m.4 views

CVE-2020-16128

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

3.8CVSS5.8AI score0.00335EPSS
Exploits0References2
NVD
NVD
added 2020/12/09 4:15 a.m.29 views

CVE-2020-16128

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

3.8CVSS4AI score0.00335EPSS
Exploits0References2
Prion
Prion
added 2020/12/09 4:15 a.m.22 views

Design/Logic Flaw

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

2.1CVSS4.4AI score0.00335EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/12/08 12:0 a.m.1 views

UBUNTU-CVE-2020-16128

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

3.8CVSS5.8AI score0.00335EPSS
Exploits0References3
Rows per page
Query Builder