MiracleLinux 8 : keepalived-2.1.5-8.el8.ML.1 (AXSA:2022-3396:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3396:02 advisory. keepalived: dbus access control bypass CVE-2021-44225 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

EUVD-2020-12552

Malware in sbrugna...

CVE-2023-7025 KylinSoft hedron-domain-hook DBus init_kcm access control

A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. It has been declared as critical. This vulnerability affects the function initkcm of the component DBus Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has...

SUSE CVE-2017-5084

Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint...

usbguard: Fix unauthorized access via D-Bus

A flaw was found in usbguard. The vulnerability occurs due to the No default access control listACL on some D-Bus methods and leads to unauthorized access. This flaw allows an attacker to access and escape policy configuration...

ALSA-2022:1930 Moderate: keepalived security and bug fix update

The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server IPVS kernel module providing layer-4 transport layer load balancing. Keepalived implements a set of checke...

keepalived security and bug fix update

An update is available for keepalived. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The keepalived utility provides simple and robust facilities for load...

PT-2022-12418 · Unknown · Globalprotect-Openconnect

Name of the Vulnerable Software and Affected Versions: GlobalProtect-openconnect versions prior to 2.0.0 Description: The issue is related to incorrect access control in GPService through DBUS and GUI. This allows arbitrary users to start a VPN connection to arbitrary servers. An attacker can hos...

CVE-2020-1690

An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation. A non-root attacker in one or more Red Hat OpenStack RHOSP containers could send messages to the dbus. With access to the dbus, t...