Lucene search
Spice-gtk ProjectSpice-gtk0.14
2 matches found
CVE-2013-4324
spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec pr...
4.6CVSS6.3AI score0.00065EPSS
CVE-2016-3066
The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard.
6.5CVSS6AI score0.00276EPSS