Filtered by vendor Spice-space
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-23793 | 1 Spice-space | 1 Spice-server | 2023-08-26 | N/A | 8.6 HIGH |
| An issue was discovered in spice-server spice-server-0.14.0-6.el7_6.1.x86_64 of Redhat's VDI product. There is a security vulnerablility that can restart KVMvirtual machine without any authorization. It is not yet known if there will be other other effects. | |||||
| CVE-2017-15108 | 1 Spice-space | 1 Spice-vdagent | 2021-01-13 | 4.6 MEDIUM | 7.8 HIGH |
| spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed. | |||||