EUVD-2019-0112

Malware in sbrugna...

EUVD-2022-43944

Malicious code in bioql PyPI...

SUSE: Security Advisory (SUSE-SU-2024:2681-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:2681-1 Security update for gvfs

This update for gvfs fixes the following issues: - CVE-2019-12795: Fixed attack via local D-Bus method calls bsc1137930...

CVE-2023-50700

Insecure Permissions vulnerability in Deepin dde-file-manager 6.0.54 and earlier allows privileged operations to be called by unprivileged users via the D-Bus method...

CVE-2024-1930

No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the opensession D-Bus method. For each...

CVE-2024-1930 No Limit on Number of Open Sessions / Bad Session Close Behaviour

No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the opensession D-Bus method. For each...

CVE-2024-1930

The CVE-2024-1930 issue affects dnf5daemon-server and is triggered by an unlimited number of sessions created via the D-Bus open_session() method. Each session spawns a thread, consuming memory (hundreds of MB per session), which can exhaust resources and render the service unable to accept new c...

CVE-2021-23556

The package guake before 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of executecommand and executecommandbyuuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via the d-bus method. Note: Exploitation...

openSUSE Security Update : gvfs (openSUSE-2019-1699)

This update for gvfs fixes the following issues : Security issues fixed : - CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls bsc1137930. - CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of...

Security update for gvfs (important)

openSUSE Security Update: Security update for gvfs Announcement ID: openSUSE-SU-2019:1697-1 Rating: important References: 1125433 1136981 1136986 1136992 1137930 Cross-References: CVE-2019-12447 CVE-2019-12448 CVE-2019-12449 CVE-2019-12795 Affected Products: openSUSE Leap 15.1 An update that solv...

GHSA-74XW-82V7-HMRM Improper Input Validation in python-dbusmock

python-dbusmock before version 0.15.1 AddTemplate D-Bus method call or DBusTestCase.spawnservertemplate method could be tricked into executing malicious code if an attacker supplies a .pyc file...

CVE-2015-1326 python-dbusmock arbitrary code execution or file overwrite when templates are loaded from /tmp

python-dbusmock before version 0.15.1 AddTemplate D-Bus method call or DBusTestCase.spawnservertemplate method could be tricked into executing malicious code if an attacker supplies a .pyc file...

SUSE SLES12 Security Update : tcmu-runner (SUSE-SU-2017:2601-1)

This update for tcmu-runner fixes the following issues: Security issues fixed : - CVE-2017-1000198: The glfs handler allowed local DoS via crafted CheckConfig strings bsc1049485 - CVE-2017-1000199: The qcow handler leaked information via the CheckConfig D-Bus method bsc1049491 Note that Tenable...

SUSE SLES12 Security Update : tcmu-runner (SUSE-SU-2017:2109-1)

This update for tcmu-runner fixes the following issues : - qcow handler opens up an information leak via the CheckConfig D-Bus method bsc1049491 - glfs handler allows local DoS via crafted CheckConfig strings bsc1049485 - UnregisterHandler dbus method in tcmu-runner daemon for non-existing handle...

SUSE-SU-2017:2109-1 Security update for tcmu-runner

This update for tcmu-runner fixes the following issues: - qcow handler opens up an information leak via the CheckConfig D-Bus method bsc1049491 - glfs handler allows local DoS via crafted CheckConfig strings bsc1049485 - UnregisterHandler dbus method in tcmu-runner daemon for non-existing handler...

KDE kauth and kdelibs Logic Flaw Lets Local Users Obtain Root Privileges(CVE-2017-8422)

This document describes a generic root exploit against kde. The exploit is achieved by abusing a logic flaw within the KAuth framework which is present in kde4 org.kde.auth and kde5 org.kde.kf5auth. It is possible to spoof what KAuth calls callerID's which are indeed D-Bus unique names of the...