Lucene search
K

61 matches found

Cvelist
Cvelist
added 2020/11/26 1:23 a.m.23 views

CVE-2020-25653

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The...

6.3AI score0.00326EPSS
Exploits1References5
CVE
CVE
added 2020/11/26 1:23 a.m.208 views

CVE-2020-25653

CVE-2020-25653 describes a race-condition in spice-vdagentd that can let an unprivileged local guest user hijack the active agent via new UNIX socket connections, risking DoS or host data leakage. Affected: spice-vdagentd/spice-vdagent (v0.20 and earlier). Connected advisories/vendor notes consis...

6.3CVSS6.1AI score0.00326EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2020/11/26 1:23 a.m.32 views

CVE-2020-25653

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The...

6.3CVSS6.4AI score0.00326EPSS
Exploits1
NVD
NVD
added 2020/11/25 3:15 p.m.23 views

CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

5.5CVSS5.7AI score0.0049EPSS
Exploits1References5
OSV
OSV
added 2020/11/25 3:15 p.m.1 views

DEBIAN-CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

5.5CVSS5.5AI score0.0049EPSS
Exploits1References1
OSV
OSV
added 2020/11/25 3:15 p.m.9 views

AZL-7362 CVE-2020-25650 affecting package spice-vdagent for versions less than 0.22.1-1

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

5.5CVSS6AI score0.0049EPSS
Exploits1References1
OSV
OSV
added 2020/11/25 3:15 p.m.22 views

CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

5.5CVSS6.3AI score
Exploits0References5
Prion
Prion
added 2020/11/25 3:15 p.m.29 views

Design/Logic Flaw

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

2.1CVSS5.6AI score0.0049EPSS
Exploits1References5Affected Software3
Cvelist
Cvelist
added 2020/11/25 2:35 p.m.24 views

CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

5.7AI score0.0049EPSS
Exploits1References5
CVE
CVE
added 2020/11/25 2:35 p.m.229 views

CVE-2020-25650

CVE-2020-25650 : A flaw in the spice-vdagentd daemon allows an unprivileged local guest user with access to the UNIX domain socket /run/spice-vdagentd/spice-vdagent-sock to trigger a memory denial of service for spice-vdagentd or other VM processes. Affected: spice-vdagent 0.20 and earlier. Impac...

5.5CVSS5.6AI score0.0049EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2020/11/25 2:35 p.m.30 views

CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

5.5CVSS5.5AI score0.0049EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2020/11/04 9:59 a.m.33 views

CVE-2020-25653

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw allows an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The highes...

6.4CVSS3.6AI score0.00326EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2020/11/04 9:59 a.m.29 views

CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. This flaw allows any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock to perform a memory denial of service for...

5.5CVSS5.2AI score0.0049EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2020/11/03 12:0 a.m.29 views

CVE-2020-25652

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to th...

5.5CVSS6AI score0.00431EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2020/11/03 12:0 a.m.33 views

CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

5.5CVSS6AI score0.0049EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2020/11/03 12:0 a.m.3 views

PT-2020-16148 · Red Hat +7 · Spice-Vdagent +8

Name of the Vulnerable Software and Affected Versions: spice-vdagent versions 0.20 and prior Description: A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock...

7.8CVSS5.9AI score0.0049EPSS
Exploits4References76
Positive Technologies
Positive Technologies
added 2020/11/03 12:0 a.m.3 views

PT-2020-16149 · Red Hat +7 · Spice-Vdagent +8

Name of the Vulnerable Software and Affected Versions: spice-vdagent versions 0.20 and prior Description: A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent f...

7.8CVSS6.1AI score0.0049EPSS
Exploits4References78
UbuntuCve
UbuntuCve
added 2020/11/03 12:0 a.m.34 views

CVE-2020-25653

A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The...

6.3CVSS6.5AI score0.00326EPSS
Exploits1References3
OSV
OSV
added 2020/11/03 12:0 a.m.2 views

UBUNTU-CVE-2020-25652

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to th...

5.5CVSS5.7AI score0.00431EPSS
Exploits1References4
OSV
OSV
added 2020/11/03 12:0 a.m.4 views

UBUNTU-CVE-2020-25650

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path /run/spice-vdagentd/spice-vdagent-sock could use this flaw to perform a memory denial of service f...

5.5CVSS6AI score0.0049EPSS
Exploits1References4
Rows per page
Query Builder