Lucene search
K

13 matches found

OSV
OSV
added 2026/03/23 12:53 p.m.4 views

USN-8114-1 gvfs vulnerabilities

It was discovered that the GVfs FTP backend incorrectly handled IP addresses and ports returned by passive mode responses. A malicious remote server could possibly use this issue to help scan for open ports. CVE-2026-28295 It was discovered that the GVfs FTP backend incorrectly handled crafted fi...

4.3CVSS6AI score0.0036EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.6 views

Slackware Linux 15.0 / current gvfs Multiple Vulnerabilities (SSA:2026-059-01)

The version of gvfs installed on the remote host is prior to 1.48.1 / 1.58.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-059-01 advisory. New gvfs packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...

4.3CVSS6AI score0.0036EPSS
Exploits2References3
OSV
OSV
added 2026/02/26 4:24 p.m.5 views

DEBIAN-CVE-2026-28295

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the...

4.3CVSS5.5AI score0.00186EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/26 3:10 p.m.6 views

CVE-2026-28296

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed CRLF sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and...

4.3CVSS6.4AI score0.0036EPSS
Exploits2References3
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.8 views

gvfs 代码问题漏洞

GVfs is a virtual file system developed under the Gnome open-source project. GVfs has code vulnerabilities that stem from the unconditional trust placed in information within the passive mode response by clients. This vulnerability could allow malicious servers to detect open ports on the client’...

4.3CVSS5.9AI score0.00186EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.4 views

SUSE CVE-2004-0494

Multiple extfs backend scripts for GNOME virtual file system VFS before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI...

7.5CVSS7AI score0.01625EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2020/07/15 12:0 a.m.5 views

The vulnerability of the GVFS desktop environment subsystem in GNOME, related to deficiencies in access control, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the GVFS desktop environment for GNOME is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information by running a specially created malware program...

6.3CVSS6.8AI score0.00368EPSS
Exploits0References5Affected Software4
RedHat Linux
RedHat Linux
added 2020/04/28 3:44 p.m.5 views

gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move and copy with GFILECOPYALLMETADATA operations from admin:// to file:// URIs, because root privileges are unavailable...

5.7CVSS5.8AI score0.0184EPSS
Exploits0References4
OSV
OSV
added 2019/06/11 10:29 p.m.3 views

DEBIAN-CVE-2019-12795

daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. Note that the server socket...

7.8CVSS6.6AI score0.00388EPSS
Exploits0References1
OSV
OSV
added 2019/05/29 5:29 p.m.2 views

ALPINE-CVE-2019-12448

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement queryinfoonread/write...

8.1CVSS7AI score0.01749EPSS
Exploits0References1
OSV
OSV
added 2019/05/29 5:29 p.m.1 views

DEBIAN-CVE-2019-12448

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement queryinfoonread/write...

8.1CVSS7AI score0.01749EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/05/29 12:0 a.m.3 views

PT-2019-2632 · Gnome +7 · Gnome Gvfs +7

Name of the Vulnerable Software and Affected Versions: GNOME gvfs versions prior to 1.38.3 GNOME gvfs versions 1.40.x prior to 1.40.2 GNOME gvfs versions 1.41.x prior to 1.41.3 Description: The issue is related to errors in the authorization procedure of the GVFS subsystem in the GNOME desktop...

9.3CVSS6.5AI score0.18108EPSS
Exploits15References341
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gnome-vfs2 package in the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

7.5CVSS5.4AI score0.04621EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder