Spice Security Vulnerabilities and Issues — Spice CVE List

Lucene search

Spice ProjectSpice

5 matches found

CVE•added 2019/02/04 6:29 p.m.•226 views

CVE-2019-3813

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.

7.5CVSS7.4AI score0.00362EPSS

CVE•added 2018/07/27 9:29 p.m.•127 views

CVE-2016-9578

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.

7.5CVSS7.7AI score0.03467EPSS

CVE•added 2016/06/07 2:6 p.m.•92 views

CVE-2015-5260

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.

7.8CVSS8.1AI score0.00242EPSS

CVE•added 2016/06/09 4:59 p.m.•84 views

CVE-2016-2150

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.

7.1CVSS6.8AI score0.00086EPSS

CVE•added 2016/06/07 2:6 p.m.•68 views

CVE-2015-5261

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.

7.1CVSS7.4AI score0.00086EPSS