MiracleLinux 8 : glib2-2.56.4-8.el8 (AXSA:2020-523:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-523:01 advisory. ibus: missing authorization allows local attacker to access the input bus of another user CVE-2019-14822 CVE-2019-14822 A flaw was discovered in ibus that...

MiracleLinux 8 : ibus-1.5.19-11.el8 (AXSA:2020-640:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-640:02 advisory. ibus: missing authorization allows local attacker to access the input bus of another user CVE-2019-14822 CVE-2019-14822 A flaw was discovered in ibus that...

TencentOS Server 3: ibus and glib2 (TSSA-2022:0060)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0060 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

ibus: missing authorization allows local attacker to access the input bus of another user

A flaw was discovered in ibus that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface...

USN-4134-3: IBus vulnerability

USN-4134-1 fixed a vulnerability in IBus. The update caused a regression in some Qt applications and the fix was subsequently reverted in USN-4134-2. The regression has since been resolved and so this update fixes the original vulnerability. We apologize for the inconvenience. Original advisory...

USN-4134-3 ibus vulnerability

USN-4134-1 fixed a vulnerability in IBus. The update caused a regression in some Qt applications and the fix was subsequently reverted in USN-4134-2. The regression has since been resolved and so this update fixes the original vulnerability. We apologize for the inconvenience. Original advisory...

DEBIAN-CVE-2019-14822

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is usi...

USN-4134-1: IBus vulnerability

Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user...

CVE-2013-4509

The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen...