Lucene search
+L

192 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.16 views

Mageia: Security Advisory (MGASA-2019-0099)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.05544EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2021/09/15 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for spice (EulerOS-SA-2021-2451)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.6AI score0.02703EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/07/07 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for spice-gtk (EulerOS-SA-2021-2099)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.05544EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/04 12:0 a.m.17 views

EulerOS Virtualization 3.0.6.6 : spice-gtk (EulerOS-SA-2021-1519)

According to the versions of the spice-gtk packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system,...

10CVSS7.5AI score0.05544EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.21 views

EulerOS 2.0 SP5 : spice-gtk (EulerOS-SA-2021-1233)

According to the versions of the spice-gtk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before...

10CVSS7.5AI score0.05544EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.22 views

EulerOS 2.0 SP3 : spice (EulerOS-SA-2021-1121)

According to the version of the spice package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Bot...

6.6CVSS7.5AI score0.02656EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.24 views

EulerOS 2.0 SP3 : spice-gtk (EulerOS-SA-2021-1122)

According to the versions of the spice-gtk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious...

10CVSS7.5AI score0.05544EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/12/22 12:0 a.m.32 views

Virtuozzo 6 : spice-server / spice-server-devel (VZLSA-2019-0232)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS7AI score0.01208EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/11/02 12:0 a.m.21 views

Debian DLA-2428-1 : spice-gtk security update

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed...

6.6CVSS7.3AI score0.02656EPSS
Exploits0References4
OSV
OSV
added 2020/10/07 3:15 p.m.4 views

ALPINE-CVE-2020-14355

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...

6.6CVSS8.1AI score0.02656EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/07 2:41 p.m.43 views

CVE-2020-14355

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...

7.4AI score0.02656EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2020/10/06 8:8 p.m.3 views

spice: multiple buffer overflow vulnerabilities in QUIC decoding code

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed...

6.6CVSS6.2AI score0.02656EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/10/06 7:57 p.m.6 views

spice: multiple buffer overflow vulnerabilities in QUIC decoding code

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed...

6.6CVSS6.2AI score0.02656EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/10/06 3:51 p.m.5 views

spice: multiple buffer overflow vulnerabilities in QUIC decoding code

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed...

6.6CVSS6.2AI score0.02656EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/19 12:49 a.m.53 views

Security Bulletin: Spice-server vulnerabilities affect IBM SmartCloud Entry (CVE-2016-0749 CVE-2016-2150 )

Summary SmartCloud Entry is vulerable to Spice-server vulnerabilities. Attackers could exploit them to cause improper bounds checking by smartcard interaction or bypass security restrictions Vulnerability Details CVEID: CVE-2016-0749 DESCRIPTION: Red Hat spice is vulnerable to a heap-based buffer...

10CVSS0.9AI score0.08492EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for spice-gtk (EulerOS-SA-2018-1149)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.05544EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.33 views

NewStart CGSL MAIN 4.05 : spice-server Vulnerability (NS-SA-2019-0149)

The remote NewStart CGSL host, running version MAIN 4.05, has spice-server packages installed that are affected by a vulnerability: - Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslotgetvirt. This may lead to a denial of service, o...

7.5CVSS7AI score0.01208EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.22 views

NewStart CGSL MAIN 4.05 : spice-server Multiple Vulnerabilities (NS-SA-2019-0144)

The remote NewStart CGSL host, running version MAIN 4.05, has spice-server packages installed that are affected by multiple vulnerabilities: - A vulnerability was discovered in spice server's protocol handling. An authenticated attacker could send specially crafted messages to the spice server,...

8.8CVSS7.8AI score0.04204EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.28 views

NewStart CGSL MAIN 4.06 : spice-server Vulnerability (NS-SA-2019-0092)

The remote NewStart CGSL host, running version MAIN 4.06, has spice-server packages installed that are affected by a vulnerability: - Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslotgetvirt. This may lead to a denial of service, o...

7.5CVSS7AI score0.01208EPSS
Exploits0References2
Veracode
Veracode
added 2019/05/02 5:34 a.m.34 views

Authorization Bypass

spice-server is vulnerable to authorization bypass. The vulnerability allows local guest OS users to read from or write to arbitrary host memory locations...

7.1CVSS7.9AI score0.00363EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder