55 matches found
PT-2026-49074
Name of the Vulnerable Software and Affected Versions abrt-dbus affected versions not specified Description A race condition exists in the ChownProblemDir method of the abrt-dbus D-Bus service. The ChownProblemDir method opens the dump directory using DD OPEN READONLY and executes dd chown to...
USN-8424-1: Ubuntu Kylin Software Center vulnerability
It was discovered that Ubuntu Kylin Software Center incorrectly handled user-supplied input in its D-Bus service. A local attacker could possibly use this issue to gain administrative privileges...
USN-8424-1 ubuntu-kylin-software-center vulnerability
It was discovered that Ubuntu Kylin Software Center incorrectly handled user-supplied input in its D-Bus service. A local attacker could possibly use this issue to gain administrative privileges...
EUVD-2018-4519
Malware in sbrugna...
EUVD-2018-4522
Malware in sbrugna...
EUVD-2018-4521
Malware in sbrugna...
EUVD-2021-8642
Malicious code in bioql PyPI...
EUVD-2024-41582
Malicious code in bioql PyPI...
PT-2025-14: Local privilege escalation in RED OS
The vulnerability was identified in RedOS, versions MUROM 7.3.5. The discovered vulnerability of the application for publishing directories in the sharedirectory domain is related to the lack of verification of the user privilege accessing the D-Bus service. Exploitation of the vulnerability may...
ROS-20250513-01
Vulnerability of directory publishing application in domain sharedirectory is related to the lack of verification of the of a user accessing the D-Bus service. Exploitation of the vulnerability could allow an attacker to to execute arbitrary operating system commands. Information about the...
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
CVE-2024-45752
CVE-2024-45752 affects logiops (up to 0.3.4); a misconfigured or unrestricted D-Bus interface in the logid daemon permits any unprivileged user to reconfigure the daemon, enabling privilege escalation via malicious keyboard macros. The vulnerability is local (AV:L/AC:L/PR:N/UI:R) with low exploit...
CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
SUSE CVE-2018-12561
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. A regular user can inject additional mount options such as filemode= by manipulating for example the domain parameter of the samba URL...
USN-5169-1: oddjob vulnerability
Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated attacker could use this to setup a symlink attack and change permissions on files on the host filesystem...
Mageia: Security Advisory (MGASA-2018-0314)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.02 : flatpak Vulnerability (NS-SA-2021-0122)
The remote NewStart CGSL host, running version MAIN 6.02, has flatpak packages installed that are affected by a vulnerability: - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the flatpak-portal service that can allow...