Lucene search
K

18 matches found

OSV
OSV
added 2026/06/24 4:29 p.m.2 views

CVE-2026-53003 pppoe: drop PFC frames

In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an...

7.5CVSS5.8AI score0.00508EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2954

Malware in sbrugna...

8.8CVSS8AI score0.02363EPSS
Exploits0References8
Amazon
Amazon
added 2023/09/05 12:0 a.m.22 views

Medium: spice-protocol

Issue Overview: Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code. CVE-2018-10893 Affected Packages: spice-protocol Note: This advisory...

8.8CVSS9.3AI score0.02363EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/08/23 12:0 a.m.16 views

Amazon Linux 2 : spice-protocol (ALAS-2023-2219)

The version of spice-protocol installed on the remote host is prior to 0.12.14-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2219 advisory. Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A...

8.8CVSS8.1AI score0.02363EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.14 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : virt-viewer Vulnerability (NS-SA-2023-0027)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has virt-viewer packages installed that are affected by a vulnerability: - Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause...

8.8CVSS8.1AI score0.02363EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.31 views

Amazon Linux 2 : spice-protocol (ALAS-2023-1940)

The version of spice-protocol installed on the remote host is prior to 0.12.14-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1940 advisory. Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A...

8.8CVSS8.1AI score0.02363EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.38 views

Amazon Linux 2 : libgovirt (ALAS-2023-1939)

The version of libgovirt installed on the remote host is prior to 0.3.4-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1939 advisory. Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A...

8.8CVSS8.1AI score0.02363EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/10/13 12:0 a.m.23 views

NewStart CGSL MAIN 4.05 : spice-gtk Vulnerability (NS-SA-2020-0050)

The remote NewStart CGSL host, running version MAIN 4.05, has spice-gtk packages installed that are affected by a vulnerability: - Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to...

8.8CVSS8.1AI score0.02363EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/01 12:0 a.m.17 views

EulerOS Virtualization 3.0.6.0 : spice-gtk (EulerOS-SA-2020-1727)

According to the version of the spice-gtk packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A...

8.8CVSS7.9AI score0.02363EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.32 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : spice-gtk Vulnerability (NS-SA-2019-0257)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has spice-gtk packages installed that are affected by a vulnerability: - Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause th...

8.8CVSS8.3AI score0.02363EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/12/25 3:28 a.m.35 views

CVE-2018-10893

Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...

8.8CVSS3.1AI score0.02363EPSS
Exploits0References2
Mageia
Mageia
added 2019/02/22 1:8 a.m.44 views

Updated spice-gtk packages fix security vulnerability

A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are...

10CVSS3.8AI score0.05544EPSS
Exploits0References6
Mageia
Mageia
added 2019/02/22 12:35 a.m.42 views

Updated spice packages fix security vulnerability

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslotgetvirt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers. CVE-2019-3813 A vulnerability was discovered in SPICE before versio...

8.8CVSS3.6AI score0.03934EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2018/09/11 3:29 p.m.26 views

CVE-2018-10893

Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...

8.8CVSS7.5AI score0.02363EPSS
Exploits0References2
OSV
OSV
added 2018/09/11 3:29 p.m.4 views

CVE-2018-10893

Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...

8.8CVSS9.1AI score0.02363EPSS
Exploits0References4
Prion
Prion
added 2018/09/11 3:29 p.m.20 views

Integer overflow

Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...

6.5CVSS9AI score0.02363EPSS
Exploits0References4
CVE
CVE
added 2018/09/11 3:0 p.m.172 views

CVE-2018-10893

CVE-2018-10893 concerns spice-client’s handling of LZ compressed frames, with multiple integer/buffer overflow issues that could crash the client or allow arbitrary code execution. Public advisories reference fixes bundled in updated spice packages: Amazon Linux 2 ALAS-2023-2219 notes spice-proto...

8.8CVSS8.5AI score0.02363EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/09/11 3:0 p.m.23 views

CVE-2018-10893

Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...

7.6CVSS8.6AI score0.02363EPSS
Exploits0References4
Rows per page
Query Builder