EUVD-2023-43972

Malicious code in bioql PyPI...

Important: Red Hat Security Advisory: yggdrasil security update

An update for yggdrasil is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

AZL-43453 CVE-2023-3297 affecting package accountsservice 0.6.55-4

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process...

PT-2023-24107 · Unknown +2 · Accountsservice +2

Name of the Vulnerable Software and Affected Versions: accountsservice affected versions not specified Description: An unprivileged local attacker can trigger a use-after-free issue in accountsservice by sending a D-Bus message to the accounts-daemon process. This allows the attacker to potential...

SUSE: Security Advisory (SUSE-SU-2019:1364-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2019:1364-1 Security update for systemd

This update for systemd fixes the following issues: Security issues fixed: - CVE-2019-3842: Fixed a privilege escalation in pamsystemd which could be exploited by a local user bsc1132348. - CVE-2019-6454: Fixed a denial of service via crafted D-Bus message bsc1125352. - CVE-2019-3843,...

CVE-2019-6454

An issue was discovered in sd-bus in systemd 239. busprocessobject in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to...

Security update for systemd (important)

openSUSE Security Update: Security update for systemd Announcement ID: openSUSE-SU-2019:0268-1 Rating: important References: 1111498 1117025 1117382 1120658 1122000 1122344 1123333 1123892 1125352 Cross-References: CVE-2019-6454 Affected Products: openSUSE Leap 42.3 An update that solves one...

SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2019:0428-1)

This update for systemd fixes the following issues : Security vulnerability fixed : CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS message on the system bus by an unprivileged user bsc1125352 Other bug fixes and changes: journal-remote: set a limit on the number of fields...

Debian DLA-1684-1 : systemd security update

Chris Coulson discovered a flaw in systemd leading to denial of service. An unprivileged user could take advantage of this issue to crash PID1 by sending a specially crafted D-Bus message on the system bus. For Debian 8 'Jessie', this problem has been fixed in version 215-17+deb8u10. We recommend...

Debian DSA-4393-1 : systemd - security update

Chris Coulson discovered a flaw in systemd leading to denial of service. An unprivileged user could take advantage of this issue to crash PID1 by sending a specially crafted D-Bus message on the system bus. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...

SUSE-SU-2019:0425-1 Security update for systemd

This update for systemd fixes the following issues: Security vulnerability fixed: - CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS message on the system bus by an unprivileged user bsc1125352...

SUSE-SU-2019:0424-1 Security update for systemd

This update for systemd fixes the following issues: Security vulnerability fixed: - CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS message on the system bus by an unprivileged user bsc1125352...

Updated dbus packages fix multiple security vulnerabilities

Updated dbus packages fixes the following security issues: Alban Crequy and Simon McVittie discovered several vulnerabilities in the D-Bus message daemon: On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in dbus-daemon, leading to a crash, or...

[SECURITY] [DSA 3026-1] dbus security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3026-1 [email protected] http://www.debian.org/security/ Florian Weimer September 16, 2014 http://www.debian.org/security/faq -...

Debian DSA-3026-1 : dbus - security update

Alban Crequy and Simon McVittie discovered several vulnerabilities in the D-Bus message daemon. - CVE-2014-3635 On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in dbus-daemon, leading to a crash, or potentially to arbitrary code execution. -...

DSA-3026-1 dbus - security update

Bulletin has no description...

Debian Security Advisory DSA 3026-1 (dbus - security update)

Alban Crequy and Simon McVittie discovered several vulnerabilities in the D-Bus message daemon. CVE-2014-3635 On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in dbus-daemon, leading to a crash, or potentially to arbitrary code execution...

CVE-2014-3477

The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service initialization failure and exit...

Debian Security Advisory DSA 2707-1 (dbus - denial of service)

Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in dbusprintfstringupperbound. This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. Depending on the dbus services running, it could lead to...