|Max CVSS||6.9||Min CVSS||1.7||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a m
|15-10-2018 - 22:01||29-02-2008 - 19:44|
Unspecified vulnerability in the match_rule_equal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other applications and cause a denial of service (lost process messages). This vulnrability is addre
|11-10-2017 - 01:31||14-12-2006 - 00:28|
The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
|29-09-2017 - 01:31||07-10-2008 - 21:01|
The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and po
|08-08-2017 - 01:32||10-12-2008 - 00:30|
Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.
|08-12-2016 - 03:01||30-12-2010 - 19:00|
libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus ma
|05-05-2014 - 05:12||18-09-2012 - 17:55|