Lucene search
K

10 matches found

OSV
OSV
added 2026/03/18 7:46 a.m.6 views

SUSE-SU-2026:0916-1 Security update for gvfs

This update for gvfs fixes the following issues: - CVE-2026-28295: fixed by using control connection address for PASV data bsc1258953. - CVE-2026-28296: fixed by rejecting paths containing CR/LF characters bsc1258954...

4.3CVSS5.8AI score0.0036EPSS
Exploits2References5
SUSE CVE
SUSE CVE
added 2026/02/27 12:24 a.m.7 views

SUSE CVE-2026-28295

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the...

4.3CVSS5.8AI score0.00186EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/02/26 3:10 p.m.21 views

CVE-2026-28296

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed CRLF sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and...

4.3CVSS8.9AI score0.0036EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/02/26 3:10 p.m.7 views

CVE-2026-28296

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed CRLF sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and...

4.3CVSS6.5AI score0.0036EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2020/04/28 3:44 p.m.6 views

gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement queryinfoonread/write...

8.1CVSS5.8AI score0.01749EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/07/16 12:0 a.m.4 views

The vulnerability of the daemon/gvfsbackendadmin.c component of the GVFS subsystem in GNOME desktop environments on Linux operating systems allows a attacker to compromise the integrity, confidentiality, and accessibility of the protected information.

The vulnerability of the daemon/gvfsbackendadmin.c component in the GVFS subsystem of GNOME desktop environments on Linux operating systems arises from the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability allows an attacker to compromise...

8.1CVSS5.7AI score0.01749EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/07/16 12:0 a.m.5 views

The vulnerability of the daemon/gvfsbackendadmin.c component of the GVFS subsystem in GNOME desktop environments on Linux operating systems allows a attacker to compromise the integrity, confidentiality, and accessibility of the protected information.

The vulnerability of the daemon/gvfsbackendadmin.c component in the GVFS subsystem of GNOME desktop environments on Linux operating systems is related to permission handling errors. Exploiting this vulnerability allows an attacker to compromise the integrity, confidentiality, and accessibility of...

9.8CVSS5.5AI score0.01832EPSS
Exploits0References6Affected Software3
UbuntuCve
UbuntuCve
added 2004/11/23 5:0 a.m.24 views

CVE-2004-0494

Multiple extfs backend scripts for GNOME virtual file system VFS before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI...

7.5CVSS5.9AI score0.01625EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/08/27 12:0 a.m.23 views

FreeBSD : gnomevfs -- unsafe URI handling (60)

The following package needs to be updated: gnomevfs2 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg7884d56ff7a111d89837000c41e2cdad.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

6.4AI score0.01625EPSS
Exploits0References15
Cvelist
Cvelist
added 2004/08/05 4:0 a.m.30 views

CVE-2004-0494

Multiple extfs backend scripts for GNOME virtual file system VFS before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI...

6.3AI score0.01625EPSS
Exploits0References5
Rows per page
Query Builder