High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-04	CVE-2019-3813	Off-by-one Error vulnerability in multiple products Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. high complexity spice-project redhat debian canonical CWE-193	7.5
2018-09-11	CVE-2018-10893	Unspecified vulnerability in Spice Project Spice Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. network low complexity spice-project	8.8
2018-08-17	CVE-2018-10873	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. network low complexity spice-project debian canonical redhat CWE-20	8.8
2018-07-27	CVE-2016-9578	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. network low complexity spice-project redhat debian CWE-20	7.5
2018-07-27	CVE-2016-9577	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. network low complexity spice-project redhat debian CWE-119	8.8
2017-07-18	CVE-2017-7506	Unspecified vulnerability in Spice Project Spice spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak. network low complexity spice-project	8.8
2016-06-09	CVE-2016-2150	Improper Access Control vulnerability in multiple products SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261. local low complexity redhat opensuse debian spice-project CWE-284	7.1
2016-06-07	CVE-2015-5261	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation. local low complexity canonical redhat debian spice-project CWE-119	7.1
2016-06-07	CVE-2015-5260	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter. local low complexity redhat debian canonical spice-project CWE-119	7.8