Freedesktop dbus 1.4.12
Approved changes feed: RSS · Atom
cpe:2.3:a:freedesktop:dbus:1.4.12:*:*:*:*:*:*:*
part: a version: 1.4.12 update: *
| Vendor | Freedesktop (2c544e5d-e68e-5b35-a616-dc08f0ba697e) |
|---|---|
| Product | Dbus (7e992f2d-f5d6-5884-a5a2-9325da73d4f4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/dbus |
purl2cpe | 2026-06-01 10:14:03.871500 |
pkg:deb/ubuntu/dbus |
purl2cpe | 2026-06-01 10:14:03.871501 |
pkg:github/freedesktop/dbus |
purl2cpe | 2026-06-01 10:14:03.871502 |
pkg:gitlab/redhat/dbus |
purl2cpe | 2026-06-01 10:14:03.871504 |
pkg:rpm/centos/dbus |
purl2cpe | 2026-06-01 10:14:03.871505 |
pkg:rpm/fedora/dbus |
purl2cpe | 2026-06-01 10:14:03.871507 |
pkg:rpm/opensuse/dbus |
purl2cpe | 2026-06-01 10:14:03.871508 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2015-0245 |
vulnerable | 2026-06-03 14:34:29.347206 |
Details available
D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving sending an ActivationFailure signal before systemd responds.
Published: 2015-02-13T15:00:00.000Z
Updated: 2024-08-06T04:03:10.538Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-3637 |
vulnerable | 2026-06-03 14:34:00.398769 |
Details available
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.
Published: 2014-09-22T15:00:00.000Z
Updated: 2024-08-06T10:50:18.287Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-3533 |
vulnerable | 2026-06-03 14:33:55.136475 |
Details available
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.
Published: 2014-07-19T19:00:00.000Z
Updated: 2024-08-06T10:50:16.803Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-3477 |
vulnerable | 2026-06-03 14:33:54.655031 |
Details available
The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.
Published: 2014-07-01T17:00:00.000Z
Updated: 2025-01-16T20:11:35.974Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-2168 |
vulnerable | 2026-06-03 14:32:54.140632 |
Details available
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.
Published: 2013-07-03T18:00:00.000Z
Updated: 2024-08-06T15:27:41.099Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.