EulerOS 2.0 SP3 : gdm (EulerOS-SA-2021-1787)

According to the versions of the gdm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by...

OPENSUSE-SU-2020:2024-1 Security update for blueman

This update for blueman fixes the following issues: - Update to version 2.1.4 CVE-2020-15238: Fixed a local denial-of-service in the D-Bus interface boo1178196 This update was imported from the openSUSE:Leap:15.2:Update update project...

openSUSE Security Update : blueman (openSUSE-2020-1997)

This update for blueman fixes the following issues : - Update to version 2.1.4 - CVE-2020-15238: Fixed a local denial-of-service in the D-Bus interface boo1178196 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Security update for blueman (moderate)

openSUSE Security Update: Security update for blueman Announcement ID: openSUSE-SU-2020:1997-1 Rating: moderate References: 1178196 Cross-References: CVE-2020-15238 Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available...

MGASA-2020-0402 Updated blueman packages fixes a security vulnerability

Vaisha Bernard discovered that blueman did not properly sanitize input on the D-Bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service CVE-2020-15238...

[SECURITY] [DLA 2430-1] blueman security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2430-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 03, 2020 https://wiki.debian.org/LTS -...

PackageKit File Existence Disclosure

Exploit Title: File Existence Disclosure in PackageKit " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.freedesktop.PackageKit", "/org/freedesktop/PackageKit" aptdbusinterface = dbus.Interfaceaptdbusobject, "org.freedeskt...

CVE-2020-15238

Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...

[SECURITY] [DSA 4781-1] blueman security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4781-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 27, 2020 https://www.debian.org/security/faq -...

Information Disclosure

networkmanager is vulnerable to information disclosure. An information disclosure flaw was found in NetworkManager's D-Bus interface. A local attacker could leverage this flaw to discover sensitive information, such as network connection passwords and pre-shared keys...

MGASA-2019-0330 Updated systemd packages fix security vulnerability

Updated systemd packages fix security vulnerability: Nadav Markus from Palo Alto Networks discovered that systemd-resolved does not enforce appropriate access controls on its D-Bus interface and allows unprivileged users to execute methods that are meant to be available only to privileged users...

Updated systemd packages fix security vulnerability

Updated systemd packages fix security vulnerability: Nadav Markus from Palo Alto Networks discovered that systemd-resolved does not enforce appropriate access controls on its D-Bus interface and allows unprivileged users to execute methods that are meant to be available only to privileged users...

CVE-2009-4642

gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended...

Ubuntu 18.04 LTS : systemd vulnerability (USN-4120-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4120-1 advisory. It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a...

DEBIAN-CVE-2015-1326

python-dbusmock before version 0.15.1 AddTemplate D-Bus method call or DBusTestCase.spawnservertemplate method could be tricked into executing malicious code if an attacker supplies a .pyc file...

SUSE SLED15 / SLES15 Security Update : gdm (SUSE-SU-2018:2771-1)

This update for gdm provides the following fixes : This security issue was fixed : CVE-2018-14424: The daemon in GDM did not properly unexport display objects from its D-Bus interface when they are destroyed, which allowed a local attacker to trigger a use-after-free via a specially crafted...

CVE-2018-19358

GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms involving the busconf...

CVE-2018-19358

GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms involving the busconf...

CVE-2018-19358

GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms involving the busconf...

CVE-2018-19358

GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms involving the busconf...