cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-12795,https://securityvulnerability.io/vulnerability/CVE-2019-12795,,"daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)",Gnome,Gvfs,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2019-06-11T21:07:32.000Z,0
CVE-2019-12449,https://securityvulnerability.io/vulnerability/CVE-2019-12449,,"An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.",Gnome,Gvfs,5.7,MEDIUM,0.0025100000202655792,false,,false,false,false,,,false,false,,2019-05-29T16:16:06.000Z,0
CVE-2019-12448,https://securityvulnerability.io/vulnerability/CVE-2019-12448,,An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write.,Gnome,Gvfs,8.1,HIGH,0.03784000128507614,false,,false,false,false,,,false,false,,2019-05-29T16:15:57.000Z,0
CVE-2019-12447,https://securityvulnerability.io/vulnerability/CVE-2019-12447,,An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used.,Gnome,Gvfs,7.3,HIGH,0.0023900000378489494,false,,false,false,false,,,false,false,,2019-05-29T16:15:29.000Z,0