The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain full control over the application.

The vulnerability of the Core component of the Oracle VM VirtualBox software relates to the double memory release during the processing of input/output messages from the smart card. Exploiting this vulnerability allows an attacker to gain full control over the application by sending specially...

CVE-2022-39425

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.40. Difficult to exploit vulnerability allows unauthenticated attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful...

PT-2022-5337 · Oracle +1 · Virtualbox +1

Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 6.1.40 Description: The issue is related to a double free memory error when handling smart card input/output messages in the Core component of Oracle VM VirtualBox. This can be exploited by a remote...

QEMU: vnc: memory leakage upon disconnect

A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon disconnection,...

CentOS 6 : spice-server (CESA-2019:0232)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: spice-server security update

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CentOS 6 : spice-server (CESA-2018:3522)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Virtuozzo 6 : spice-server / spice-server-devel (VZLSA-2018-3522)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Oracle Linux 6 : spice-server (ELSA-2018-3522)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-3522 advisory. - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506 Tenable has extracte...

Important: Red Hat Security Advisory: spice-server security update

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CVE-2018-3294

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows low privileged attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful...

Important: Red Hat Security Advisory: spice-gtk and spice-server security update

An update for spice-gtk and spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Virtuozzo 6 : spice-server / spice-server-devel (VZLSA-2017-0253)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Qemu: cirrus: heap buffer overflow via vnc connection

A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash...

CentOS Update for spice-server CESA-2017:0253 centos6

Check the version of spice-server SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882652";...

CentOS 6 : spice-server (CESA-2016:1204)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

spice security update

CentOS Errata and Security Advisory CESA-2015:1890 Updated spice packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...

RHEL 6 : spice-server (RHSA-2015:1715)

An updated spice-server package that fixes one security issue is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RedHat Update for spice RHSA-2015:1714-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 5 : qspice (CESA-2013:1474)

Updated qspice packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...