13 matches found
USN-8114-1 gvfs vulnerabilities
It was discovered that the GVfs FTP backend incorrectly handled IP addresses and ports returned by passive mode responses. A malicious remote server could possibly use this issue to help scan for open ports. CVE-2026-28295 It was discovered that the GVfs FTP backend incorrectly handled crafted fi...
Slackware Linux 15.0 / current gvfs Multiple Vulnerabilities (SSA:2026-059-01)
The version of gvfs installed on the remote host is prior to 1.48.1 / 1.58.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-059-01 advisory. New gvfs packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...
DEBIAN-CVE-2026-28295
A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the...
CVE-2026-28296
A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed CRLF sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and...
gvfs 代码问题漏洞
GVfs is a virtual file system developed under the Gnome open-source project. GVfs has code vulnerabilities that stem from the unconditional trust placed in information within the passive mode response by clients. This vulnerability could allow malicious servers to detect open ports on the client’...
SUSE CVE-2004-0494
Multiple extfs backend scripts for GNOME virtual file system VFS before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI...
The vulnerability of the GVFS desktop environment subsystem in GNOME, related to deficiencies in access control, allows an intruder to gain unauthorized access to protected information.
The vulnerability of the GVFS desktop environment for GNOME is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information by running a specially created malware program...
gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move and copy with GFILECOPYALLMETADATA operations from admin:// to file:// URIs, because root privileges are unavailable...
DEBIAN-CVE-2019-12795
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. Note that the server socket...
ALPINE-CVE-2019-12448
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement queryinfoonread/write...
DEBIAN-CVE-2019-12448
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement queryinfoonread/write...
PT-2019-2632 · Gnome +7 · Gnome Gvfs +7
Name of the Vulnerable Software and Affected Versions: GNOME gvfs versions prior to 1.38.3 GNOME gvfs versions 1.40.x prior to 1.40.2 GNOME gvfs versions 1.41.x prior to 1.41.3 Description: The issue is related to errors in the authorization procedure of the GVFS subsystem in the GNOME desktop...
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the gnome-vfs2 package in the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...