cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2012-6111,https://securityvulnerability.io/vulnerability/CVE-2012-6111,,gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function,Gnome-keyring,Gnome-keyring,7.5,HIGH,0.0033100000582635403,false,,false,false,false,,,false,false,,2019-12-20T14:25:51.000Z,0
CVE-2018-20781,https://securityvulnerability.io/vulnerability/CVE-2018-20781,,"In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.",Gnome,Gnome Keyring,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2019-02-12T17:00:00.000Z,0
CVE-2018-19358,https://securityvulnerability.io/vulnerability/CVE-2018-19358,,"GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms (involving the busconfig and policy XML elements) are not used. NOTE: the vendor disputes this because, according to the security model, untrusted applications must not be allowed to access the user's session bus socket.",Gnome,Gnome-keyring,7.8,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2018-11-18T00:00:00.000Z,0
CVE-2012-3466,https://securityvulnerability.io/vulnerability/CVE-2012-3466,,"GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to ""idle"" or ""timeout,"" does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unspecified impact via unknown attack vectors.",Gnome,Gnome-keyring,,,0.0009500000160187483,false,,false,false,false,,,false,false,,2012-10-22T23:55:00.000Z,0