| Max CVSS | 4.6 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-0595 | 4.6 |
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a m
|
01-02-2024 - 02:08 | 29-02-2008 - 19:44 | |
| CVE-2011-2200 | 4.6 |
The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka DBus) 1.2.x before 1.2.28, 1.4.x before 1.4.12, and 1.5.x before 1.5.4 does not properly handle a non-native byte order, which allows local users to cause a denial of service (
|
27-12-2023 - 16:36 | 22-06-2011 - 22:55 | |
| CVE-2009-1189 | 3.6 |
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) before 1.2.14 uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an
|
13-02-2023 - 02:19 | 27-04-2009 - 18:00 | |
| CVE-2008-3834 | 2.1 |
The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
|
29-09-2017 - 01:31 | 07-10-2008 - 21:01 | |
| CVE-2010-4352 | 2.1 |
Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.
|
08-12-2016 - 03:01 | 30-12-2010 - 19:00 |