Lucene search
K

58 matches found

Veracode
Veracode
added 2019/05/02 6:37 a.m.22 views

NULL Pointer Dereference

tcmu-runner is vulnerable to NULL pointer dereference. The vulnerability exists in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call UnregisterHandler method with non-existing tcmu handler as paramater to...

5.5CVSS6.2AI score0.00317EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2019/04/19 12:6 p.m.2 views

OPENSUSE-SU-2019:1246-1 Security update for blueman

This update for blueman fixes the following issues: The following security issue was addressed: - Fixed the polkit authorization checks in blueman, which previously allowed any user with access to the D-Bus system bus to trigger certain network configuration logic in blueman without authenticatio...

7.4AI score
Exploits0References2
OSV
OSV
added 2018/10/26 6:47 p.m.4 views

MGASA-2018-0414 Updated blueman packages fix security vulnerability

Flawed polkit authorization checks in blueman allowed any user with access to the D-Bus system bus to trigger certain network configuration logic in blueman without authentication boo1083066...

7.2AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2017/11/29 3:32 a.m.30 views

Moderate: Red Hat Security Advisory: tcmu-runner security update

An update for tcmu-runner is now available for Red Hat Gluster Storage 3.3.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.5AI score0.01463EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2017/08/31 1:49 p.m.19 views

CVE-2017-1000200

A NULL pointer dereference flaw was found in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call the UnregisterHandler method with the name of a handler loaded internally in tcmu-runner via dlopen to trigger DoS...

7.5CVSS2AI score0.01392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/08/31 1:49 p.m.16 views

CVE-2017-1000201

A NULL pointer dereference flaw was found in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call UnregisterHandler method with non-existing tcmu handler as paramater to trigger DoS...

5.5CVSS1.4AI score0.00317EPSS
Exploits0References1
OSV
OSV
added 2016/11/01 5:1 p.m.5 views

USN-3116-1 dbus vulnerabilities

It was discovered that DBus incorrectly validated the source of ActivationFailure signals. A local attacker could use this issue to cause a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-0245 It was discovered that DBus incorrectly handled certain...

1.9CVSS6.9AI score0.00273EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities exist in the dbus-1-glib-debuginfo-32bit package of the SUSE Linux Enterprise operating system. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. The exploitation of these vulnerabilities...

6.2CVSS6.5AI score0.00785EPSS
Exploits2References5
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the dbus-1-qt3-debugsource package of the OpenSUSE operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out by a malicious individual who has complete...

6.2CVSS6.5AI score0.00785EPSS
Exploits2References4Affected Software1
CNVD
CNVD
added 2015/02/10 12:0 a.m.3 views

D-Bus Local Denial of Service Vulnerability

D-Bus is an inter-process communication IPC implementation. It is used to send messages between applications. D-Bus suffers from a local denial of service vulnerability that can be exploited by a local attacker to crash the system and deny service to legitimate users...

1.9CVSS6.6AI score0.00273EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2014/12/13 12:0 a.m.37 views

D-Bus: Multiple Vulnerabilities

Background D-Bus is a message bus system, a simple way for applications to talk to one another. Description Multiple vulnerabilities have been discovered in D-Bus. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly cause a Denial of Service...

4.4CVSS7AI score0.00594EPSS
Exploits1
OSV
OSV
added 2014/11/18 12:0 a.m.2 views

UBUNTU-CVE-2014-7824

D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service prevention of new connections and connection drop by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix fo...

2.1CVSS7.2AI score0.00594EPSS
Exploits1References6
OSV
OSV
added 2014/09/17 12:0 a.m.4 views

UBUNTU-CVE-2014-3638

The busconnectionscheckreply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service CPU consumption via a large number of method calls...

2.1CVSS6.6AI score0.00388EPSS
Exploits0References4
OSV
OSV
added 2010/12/30 7:0 p.m.1 views

DEBIAN-CVE-2010-4352

Stack consumption vulnerability in D-Bus aka DBus before 1.4.1 allows local users to cause a denial of service daemon crash via a message containing many nested variants...

2.1CVSS5.9AI score0.0058EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2010/12/28 12:0 a.m.24 views

Fedora Update for dbus FEDORA-2010-19166

Check for the Version of dbus OpenVAS Vulnerability Test Fedora Update for dbus FEDORA-2010-19166 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

2.1CVSS0.0058EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2009/01/07 1:30 p.m.36 views

Moderate: Red Hat Security Advisory: dbus security update

Updated dbus packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. D-Bus is a system for sending messages between applications. It is used for the system-wide messag...

2.1CVSS6.9AI score0.04623EPSS
Exploits8References2
OSV
OSV
added 2005/06/29 4:0 a.m.1 views

DEBIAN-CVE-2005-0201

D-BUS dbus before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket...

2.1CVSS6.4AI score0.00428EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/06/25 12:0 a.m.20 views

Mandrake Linux Security Advisory : dbus (MDKSA-2005:105)

Dan Reed discovered a vulnerability in the D-BUS system for sending messages between applications. He found that a user can send and listen to messages on another user's per-user session bus if they knew the address of the socket. The updated packages have been patched to correct this problem...

2.1CVSS5.4AI score0.00428EPSS
Exploits0References1
Rows per page
Query Builder