Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2019-12447

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used. CVE-2019-12447 No...

7.3CVSS6.9AI score0.01832EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.27 views

RHEL 7 : gvfs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing...

7.3CVSS7.6AI score0.0184EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.24 views

Rocky Linux 8 : GNOME (RLSA-2020:1766)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1766 advisory. - There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of...

8.8CVSS7.2AI score0.0207EPSS
Exploits2References72
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.34 views

AlmaLinux 8 : GNOME (ALSA-2020:1766)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:1766 advisory. - There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of servic...

8.8CVSS7.1AI score0.0207EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2019-0214)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.8AI score0.0184EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.29 views

openSUSE: Security Advisory for gvfs (openSUSE-SU-2019:1697-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7AI score0.0184EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/09/30 12:0 a.m.40 views

EulerOS 2.0 SP8 : gvfs (EulerOS-SA-2019-2079)

According to the versions of the gvfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not...

8.1CVSS6.6AI score0.0184EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.35 views

Fedora 29 : gvfs (2019-e6b02af8b8)

Update to 1.38.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

8.1CVSS6.5AI score0.0184EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/07/22 12:0 a.m.41 views

Fedora 30 : gvfs (2019-6ed5523cc0)

Update to 1.40.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

8.1CVSS6.5AI score0.0184EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2019/07/10 7:54 a.m.35 views

CVE-2019-12447

It was discovered that gvfs incorrectly set the ownership of files handled by the admin:// backend. An attacker could abuse this flaw when the destination file of a copy/move operation is handled by the admin:// backend. The attacker would have access to the target files with the ability to read...

7.3CVSS2.8AI score0.01832EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/07/10 12:0 a.m.29 views

Ubuntu 16.04 LTS / 18.04 LTS : GVfs vulnerabilities (USN-4053-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4053-1 advisory. It was discovered that GVfs incorrectly handled the admin backend. Files created or moved by the admin backend could end up with the wrong...

8.1CVSS6.7AI score0.0184EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2019/07/10 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-4053-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7AI score0.0184EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2019/07/09 11:29 a.m.66 views

USN-4053-1: GVfs vulnerabilities

It was discovered that GVfs incorrectly handled the admin backend. Files created or moved by the admin backend could end up with the wrong ownership information, contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. CVE-2019-12447, CVE-2019-12448,...

8.1CVSS6.6AI score0.0184EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/07/08 12:0 a.m.34 views

openSUSE Security Update : gvfs (openSUSE-2019-1699)

This update for gvfs fixes the following issues : Security issues fixed : - CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls bsc1137930. - CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of...

8.1CVSS6.3AI score0.0184EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2019/07/08 12:0 a.m.38 views

openSUSE Security Update : gvfs (openSUSE-2019-1697)

This update for gvfs fixes the following issues : Security issues fixed : - CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls bsc1137930. - CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of...

8.1CVSS6.3AI score0.0184EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2019/07/08 12:0 a.m.25 views

openSUSE: Security Advisory for gvfs (openSUSE-SU-2019:1699-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7AI score0.0184EPSS
Exploits0References2
CVE
CVE
added 2019/05/29 4:15 p.m.284 views

CVE-2019-12447

The CVE-2019-12447 entry affects GNOME gvfs, specifically the gvfsbackendadmin.c component. The root cause is mishandling of file ownership because setfsuid is not used in daemon/gvfsbackendadmin.c, as described for gvfs versions 1.29.4 through 1.41.2. Consequence notes in connected documents ind...

7.3CVSS7AI score0.01832EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder