66 matches found
CVE-2026-55740
Nur-Alam39 bus-ticket no released versions; latest commit 459cabdbeb99c00225b26e46e3c2c30ae1de7bad contains an unauthenticated SQL injection vulnerability in businfo.php. The busid parameter received via HTTP POST is concatenated directly into a MySQL query select from businfo where id=$busid...
PT-2026-49074
Name of the Vulnerable Software and Affected Versions abrt-dbus affected versions not specified Description A race condition exists in the ChownProblemDir method of the abrt-dbus D-Bus service. The ChownProblemDir method opens the dump directory using DD OPEN READONLY and executes dd chown to...
USN-8424-1 ubuntu-kylin-software-center vulnerability
It was discovered that Ubuntu Kylin Software Center incorrectly handled user-supplied input in its D-Bus service. A local attacker could possibly use this issue to gain administrative privileges...
USN-8424-1: Ubuntu Kylin Software Center vulnerability
It was discovered that Ubuntu Kylin Software Center incorrectly handled user-supplied input in its D-Bus service. A local attacker could possibly use this issue to gain administrative privileges...
EUVD-2018-4519
Malware in sbrugna...
EUVD-2018-4522
Malware in sbrugna...
EUVD-2018-4521
Malware in sbrugna...
EUVD-2021-8642
Malicious code in bioql PyPI...
EUVD-2024-41582
Malicious code in bioql PyPI...
The vulnerability of the application for publishing director entries in the share_directory domain of the REDEOS operating system allows a perpetrator to elevate their privileges and execute arbitrary commands.
The vulnerability of the application for publishing director entries in the sharedirectory domain of the REDEOS operating system is related to insecure management of privileges during the execution of the D-Bus service. Exploiting this vulnerability allows an attacker to increase their privileges...
PT-2025-14: Local privilege escalation in RED OS
The vulnerability was identified in RedOS, versions MUROM 7.3.5. The discovered vulnerability of the application for publishing directories in the sharedirectory domain is related to the lack of verification of the user privilege accessing the D-Bus service. Exploitation of the vulnerability may...
ROS-20250513-01
Vulnerability of directory publishing application in domain sharedirectory is related to the lack of verification of the of a user accessing the D-Bus service. Exploitation of the vulnerability could allow an attacker to to execute arbitrary operating system commands. Information about the...
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
CVE-2024-45752
CVE-2024-45752 affects logiops (up to 0.3.4); a misconfigured or unrestricted D-Bus interface in the logid daemon permits any unprivileged user to reconfigure the daemon, enabling privilege escalation via malicious keyboard macros. The vulnerability is local (AV:L/AC:L/PR:N/UI:R) with low exploit...
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
CVE-2023-39391
Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality...
SUSE CVE-2018-12561
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. A regular user can inject additional mount options such as filemode= by manipulating for example the domain parameter of the samba URL...