Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome gvfs vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-12448
An issue exists in GNOME gvfs 1.29.4 up to and including 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write.
Gnome Gvfs
4.6
CVSSv2
CVE-2019-12795
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs prior to 1.38.3, 1.40.x prior to 1.40.2, and 1.41.x prior to 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Not...
Gnome Gvfs
3.3
CVSSv2
CVE-2019-3827
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious prog...
Gnome Gvfs
4.9
CVSSv2
CVE-2019-12447
An issue exists in GNOME gvfs 1.29.4 up to and including 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used.
Gnome Gvfs
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
3.5
CVSSv2
CVE-2019-12449
An issue exists in GNOME gvfs 1.29.4 up to and including 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.
Gnome Gvfs
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started