Vulnerabilities > Spice Space > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2021-3700 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. | 6.4 |
| 2020-11-26 | CVE-2020-25653 | Race Condition vulnerability in multiple products A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. | 6.3 |
| 2020-11-26 | CVE-2020-25652 | A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in `/run/spice-vdagentd/spice-vdagent-sock`. | 5.5 |
| 2020-11-26 | CVE-2020-25651 | A flaw was found in the SPICE file transfer protocol. | 6.4 |
| 2020-11-25 | CVE-2020-25650 | A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. | 5.5 |