Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:46 a.m.9 views

CVE-2025-23222

An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods in the actual D-Bus services, and the actual D-Bus servic...

8.4CVSS7AI score0.00237EPSS
Exploits0References1
NVD
NVD
added 2025/01/24 5:15 p.m.17 views

CVE-2025-23222

An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods in the actual D-Bus services, and the actual D-Bus servic...

8.4CVSS0.00237EPSS
Exploits0References3
Circl
Circl
added 2025/01/24 5:0 p.m.9 views

CVE-2025-23222

creationtimestamp| type| source ---|---|--- 2025-01-24 17:00:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113884397944832603 2025-01-24 17:04:47+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2935 2025-01-24 17:48:33+00:00| seen|...

8.4CVSS4.8AI score0.00237EPSS
Exploits0References9
CVE
CVE
added 2025/01/24 12:0 a.m.110 views

CVE-2025-23222

Deepin dde-api-proxy (v1.0.19 and earlier) exposes a local privilege-escalation flaw: the daemon runs as root and forwards local user D-Bus requests to legacy D-Bus services, which do not detect the proxy context. This can allow unprivileged users to access D-Bus methods that should be restricted...

8.4CVSS7.3AI score0.00237EPSS
Exploits0References3
Rows per page
Query Builder