Spice_project Spice
8 CVEs affecting Spice_project Spice. Latest disclosed: 2017-07-18. Critical: 1, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-0749 | Critical | 9.8 | 2016-06-09 | The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors… |
CVE-2017-7506 | High | 8.8 | 2017-07-18 | spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice se… |
CVE-2015-5260 | High | 7.8 | 2016-06-07 | Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possi… |
CVE-2016-2150 | High | 7.1 | 2016-06-09 | SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-… |
CVE-2015-5261 | High | 7.1 | 2016-06-07 | Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands rela… |
CVE-2015-3247 | | 2015-09-08 | Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based… | |
CVE-2013-4282 | | 2013-11-02 | Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) vi… | |
CVE-2013-4130 | | 2013-08-20 | The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform rin… |