Lucene search
+L

45 matches found

Veracode
Veracode
added 2019/01/15 9:7 a.m.27 views

Denial Of Service (DoS)

spice-server is vulnerable to denial of service DoS attacks. The vulnerability exists through a race condition in the workerupdatemonitorsconfig function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service heap-based memory corruption and QEMU-KVM crash or possib...

6.9CVSS7.8AI score0.01144EPSS
Exploits0References27Affected Software1
myhack58
myhack58
added 2016/07/21 12:0 a.m.23 views

Security Bulletin: ASN. 1 coding in the presence of a heap memory corruption vulnerability-vulnerability warning-the black bar safety net

! ! 1. Security Bulletin information Title: Objective system integrated Co., Ltd. The design of the ASN. 1 coding specification in the presence of one can lead to heap memory corruption vulnerabilities. Vulnerability CVE number: CVE-2 0 1 6-5 0 8 0 Announcement of the URL address:...

Exploits0
Oracle linux
Oracle linux
added 2016/06/06 12:0 a.m.39 views

spice-server security update

0.12.4-13.1 - Fix heap-based memory corruption within smartcard handling Resolves: CVE-2016-0749 - Fix host memory access from guest with invalid primary surface parameters Resolves: CVE-2016-2150...

10CVSS2.8AI score0.08492EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/03/24 12:0 a.m.27 views

Scientific Linux Security Update : foomatic on SL6.x i386/x86_64 (20160323)

It was discovered that the unhtmlify function of foomatic-rip did not correctly calculate buffer sizes, possibly leading to a heap-based memory corruption. A malicious attacker could exploit this flaw to cause foomatic-rip to crash or, possibly, execute arbitrary code. CVE-2010-5325 It was...

9.8CVSS8.1AI score0.10171EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2016/03/24 12:0 a.m.38 views

CentOS Update for foomatic CESA-2016:0491 centos6

Check the version of foomatic SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882436";...

9.8CVSS7.5AI score0.10171EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/03/23 12:0 a.m.34 views

RedHat Update for foomatic RHSA-2016:0491-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.10171EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/10/22 12:0 a.m.34 views

CentOS 6 : spice-server (CESA-2015:1715)

An updated spice-server package that fixes one security issue is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.9CVSS7.8AI score0.01144EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2015-0373)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.6AI score0.01144EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/09/17 12:0 a.m.23 views

RHEL 6 : spice-server (RHSA-2015:1715)

An updated spice-server package that fixes one security issue is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.9CVSS7.8AI score0.01144EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/09/17 12:0 a.m.29 views

RHEL 7 : spice (RHSA-2015:1714)

An updated spice package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

6.9CVSS7.8AI score0.01144EPSS
Exploits0References3
Mageia
Mageia
added 2015/09/15 2:55 p.m.25 views

Updated spice packages fix CVE-2015-3247

Updated spice packages fix security vulnerability: A race condition flaw, leading to a heap-based memory corruption, was found in spice's workerupdatemonitorsconfig function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM...

6.9CVSS7.9AI score0.01144EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/09/09 12:0 a.m.27 views

Debian DSA-3354-1 : spice - security update

Frediano Ziglio of Red Hat discovered a race condition flaw in spice's workerupdatemonitorsconfig function, leading to a heap-based memory corruption. A malicious user in a guest can take advantage of this flaw to cause a denial of service QEMU process crash or, potentially execute arbitrary code...

6.9CVSS7.9AI score0.01144EPSS
Exploits0References4
NVD
NVD
added 2015/09/08 3:59 p.m.15 views

CVE-2015-3247

Race condition in the workerupdatemonitorsconfig function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service heap-based memory corruption and QEMU-KVM crash or possibly execute arbitrary code on the host via unspecified vectors...

6.9CVSS8AI score0.01144EPSS
Exploits0References10
OSV
OSV
added 2015/09/08 3:59 p.m.7 views

CVE-2015-3247

Race condition in the workerupdatemonitorsconfig function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service heap-based memory corruption and QEMU-KVM crash or possibly execute arbitrary code on the host via unspecified vectors...

8AI score
Exploits0References10
Prion
Prion
added 2015/09/08 3:59 p.m.16 views

Race condition

Race condition in the workerupdatemonitorsconfig function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service heap-based memory corruption and QEMU-KVM crash or possibly execute arbitrary code on the host via unspecified vectors...

6.9CVSS8.2AI score0.01144EPSS
Exploits0References10Affected Software6
Debian CVE
Debian CVE
added 2015/09/08 3:0 p.m.38 views

CVE-2015-3247

Race condition in the workerupdatemonitorsconfig function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service heap-based memory corruption and QEMU-KVM crash or possibly execute arbitrary code on the host via unspecified vectors...

6.9CVSS8AI score0.01144EPSS
Exploits0
CVE
CVE
added 2015/09/08 3:0 p.m.116 views

CVE-2015-3247

CVE-2015-3247 corresponds to a race condition in SPICE (specifically in worker_update_monitors_config within spice-server) that can cause a heap-based memory corruption. The issue allows a remote authenticated guest to crash the host QEMU-KVM process and may potentially enable arbitrary code exec...

6.9CVSS7.9AI score0.01144EPSS
Exploits0References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/09/04 12:0 a.m.34 views

Scientific Linux Security Update : spice-server on SL7.x x86_64 (20150903)

A race condition flaw, leading to a heap-based memory corruption, was found in spice's workerupdatemonitorsconfig function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with th...

6.9CVSS7.8AI score0.01144EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/09/04 12:0 a.m.28 views

Scientific Linux Security Update : spice-server on SL6.x x86_64 (20150903)

A race condition flaw, leading to a heap-based memory corruption, was found in spice's workerupdatemonitorsconfig function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with th...

6.9CVSS7.8AI score0.01144EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/04 12:0 a.m.17 views

CentOS Update for spice-server CESA-2015:1714 centos7

Check the version of spice-server SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882279";...

6.9CVSS7.6AI score0.01144EPSS
Exploits0References2
Rows per page
Query Builder