148 matches found
Amazon Linux 2023 : dbus, dbus-common, dbus-daemon (ALAS2023-2023-100)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-100 advisory. An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus t...
EulerOS 2.0 SP5 : dbus (EulerOS-SA-2023-1497)
According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause...
K16729408: D-Bus vulnerability CVE-2020-12049
Security Advisory Description An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system...
SUSE CVE-2012-3524
libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUSSYSTEMBUSADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the...
SUSE CVE-2019-12749
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 and in some, less common, uses of dbus-daemon, allows cookie spoofing because of symlink mishandling in the reference implementation of DBUSCOOKIESHA1 in the libdbus...
SUSE CVE-2020-12049
An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AFUNIX socket...
EulerOS 2.0 SP10 : dbus (EulerOS-SA-2023-1380)
According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause...
EulerOS 2.0 SP10 : dbus (EulerOS-SA-2023-1352)
According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause...
AlmaLinux 9 : dbus (ALSA-2023:0335)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0335 advisory. - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause...
dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type...
dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format...
RHEL 9 : dbus (RHSA-2023:0335)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0335 advisory. D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a...
AlmaLinux 8 : dbus (ALSA-2023:0096)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0096 advisory. - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause...
dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format...
RHEL 8 : dbus (RHSA-2023:0096)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0096 advisory. D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a...
Oracle Linux 8 : dbus (ELSA-2023-0096)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0096 advisory. - Fix CVE-2022-42010 2133644 - Fix CVE-2022-42011 2133638 Tenable has extracted the preceding description block directly from the Oracle Linux security...
EulerOS 2.0 SP9 : dbus (EulerOS-SA-2023-1120)
According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause...
EulerOS 2.0 SP9 : dbus (EulerOS-SA-2023-1096)
According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause...
EulerOS 2.0 SP11 : dbus (EulerOS-SA-2023-1006)
According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause...
dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type...