Lucene search

K
FreedesktopDbus

7 matches found

CVE
CVE
added 2014/11/18 3:59 p.m.92 views

CVE-2014-7824

D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix fo...

2.1CVSS7.9AI score0.00097EPSS
CVE
CVE
added 2014/09/22 3:55 p.m.91 views

CVE-2014-3638

The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls.

2.1CVSS5.8AI score0.00101EPSS
CVE
CVE
added 2014/09/22 3:55 p.m.82 views

CVE-2014-3639

The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomplete connections.

2.1CVSS5.8AI score0.00092EPSS
CVE
CVE
added 2014/07/19 7:55 p.m.81 views

CVE-2014-3533

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.

2.1CVSS5.8AI score0.00081EPSS
CVE
CVE
added 2008/10/07 9:1 p.m.80 views

CVE-2008-3834

The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.

2.1CVSS5.2AI score0.0117EPSS
CVE
CVE
added 2014/07/19 7:55 p.m.76 views

CVE-2014-3532

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before ...

2.1CVSS5.9AI score0.00123EPSS
CVE
CVE
added 2014/09/22 3:55 p.m.71 views

CVE-2014-3637

D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.

2.1CVSS5.9AI score0.00067EPSS