Skip to main content

Spice Gtk

3 CVEs product

Monthly

CVE-2016-3066 MEDIUM This Month

The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Spice Gtk
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2013-4324 MEDIUM This Month

spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Spice Gtk Enterprise Linux
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2012-4425 MEDIUM POC PATCH This Month

libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation RCE Spice Gtk Libgio
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
0.5%
EPSS 0% CVSS 6.5
MEDIUM This Month

The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Spice Gtk
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Spice Gtk Enterprise Linux
NVD
EPSS 1% CVSS 6.9
MEDIUM POC PATCH This Month

libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation RCE Spice Gtk +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy