Package Instance

reference_id

AVG-1239

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2134

reference_url

reference_id

AVG-2134

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2134

reference_url	https://access.redhat.com/errata/RHSA-2020:4184
reference_id	RHSA-2020:4184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4184

reference_url	https://access.redhat.com/errata/RHSA-2020:4185
reference_id	RHSA-2020:4185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4185

reference_url	https://access.redhat.com/errata/RHSA-2020:4186
reference_id	RHSA-2020:4186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4186

reference_url	https://access.redhat.com/errata/RHSA-2020:4187
reference_id	RHSA-2020:4187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4187

reference_url	https://usn.ubuntu.com/4572-1/
reference_id	USN-4572-1
reference_type
scores
url	https://usn.ubuntu.com/4572-1/

reference_url	https://usn.ubuntu.com/4572-2/
reference_id	USN-4572-2
reference_type
scores
url	https://usn.ubuntu.com/4572-2/

fixed_packages

url pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

purl pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.0-1.3%252Bdeb10u1

url	pkg:deb/debian/spice@0.14.3-2.1
purl	pkg:deb/debian/spice@0.14.3-2.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.3-2.1

aliases CVE-2020-14355

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-15db-nrnx-wbcw

url VCID-7rdm-m2fr-qbb6

vulnerability_id VCID-7rdm-m2fr-qbb6

summary Multiple vulnerabilities have been found in Spice Server, the worst of which may result in the remote execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20201.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20201.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20201

reference_id

reference_type

scores

value	0.0073
scoring_system	epss
scoring_elements	0.72609
published_at	2026-04-01T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.72712
published_at	2026-04-18T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.72658
published_at	2026-04-13T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.727
published_at	2026-04-16T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.72617
published_at	2026-04-02T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.72634
published_at	2026-04-04T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.72612
published_at	2026-04-07T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.7265
published_at	2026-04-08T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.72662
published_at	2026-04-09T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.72685
published_at	2026-04-11T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.72668
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20201
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20201

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1921846
reference_id	1921846
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1921846

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983698
reference_id	983698
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983698

reference_url	https://security.archlinux.org/ASA-202107-12
reference_id	ASA-202107-12
reference_type
scores
url	https://security.archlinux.org/ASA-202107-12

reference_url

reference_id

AVG-1239

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3813.json

reference_url	https://security.gentoo.org/glsa/202208-10
reference_id	GLSA-202208-10
reference_type
scores
url	https://security.gentoo.org/glsa/202208-10

reference_url	https://access.redhat.com/errata/RHSA-2021:1924
reference_id	RHSA-2021:1924
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1924

fixed_packages

url	pkg:deb/debian/spice@0.14.3-2.1
purl	pkg:deb/debian/spice@0.14.3-2.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.3-2.1

aliases CVE-2021-20201

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7rdm-m2fr-qbb6

url VCID-8hpc-axe9-p7am

vulnerability_id VCID-8hpc-axe9-p7am

summary

A buffer overread has been discovered in spice possibly allowing
    remote execution of code.

references

reference_url

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3813.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-3813

reference_id

reference_type

scores

value	0.00241
scoring_system	epss
scoring_elements	0.4733
published_at	2026-04-01T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47445
published_at	2026-04-18T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47389
published_at	2026-04-09T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47413
published_at	2026-04-11T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47394
published_at	2026-04-13T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47453
published_at	2026-04-16T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47366
published_at	2026-04-02T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47387
published_at	2026-04-12T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47335
published_at	2026-04-07T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.4739
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-3813

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3813
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3813

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/01/msg00026.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/01/msg00026.html

reference_url	https://www.debian.org/security/2019/dsa-4375
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4375

reference_url	http://www.securityfocus.com/bid/106801
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106801

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665371
reference_id	1665371
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665371

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920762
reference_id	920762
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920762

reference_url	https://security.archlinux.org/ASA-201902-4
reference_id	ASA-201902-4
reference_type
scores
url	https://security.archlinux.org/ASA-201902-4

reference_url

reference_id

AVG-866

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:spice_project:spice::::::::
reference_id	cpe:2.3:a:spice_project:spice::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:spice_project:spice::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

reference_id

CVE-2019-3813

reference_type

scores

value	5.4
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10873.json

reference_url	https://security.gentoo.org/glsa/202007-30
reference_id	GLSA-202007-30
reference_type
scores
url	https://security.gentoo.org/glsa/202007-30

reference_url	https://access.redhat.com/errata/RHSA-2019:0231
reference_id	RHSA-2019:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0231

reference_url	https://access.redhat.com/errata/RHSA-2019:0232
reference_id	RHSA-2019:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0232

reference_url	https://access.redhat.com/errata/RHSA-2019:0457
reference_id	RHSA-2019:0457
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0457

reference_url	https://usn.ubuntu.com/3870-1/
reference_id	USN-3870-1
reference_type
scores
url	https://usn.ubuntu.com/3870-1/

fixed_packages

url pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

purl pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.0-1.3%252Bdeb10u1

aliases CVE-2019-3813

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8hpc-axe9-p7am

url VCID-btxr-2zwf-hfdc

vulnerability_id VCID-btxr-2zwf-hfdc

summary security update

references

reference_url

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10873.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10873

reference_id

reference_type

scores

value	0.01206
scoring_system	epss
scoring_elements	0.78911
published_at	2026-04-01T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78917
published_at	2026-04-02T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78946
published_at	2026-04-04T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78929
published_at	2026-04-07T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78954
published_at	2026-04-08T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.7896
published_at	2026-04-09T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78984
published_at	2026-04-18T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78968
published_at	2026-04-12T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78958
published_at	2026-04-13T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78987
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10873

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10873

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1596008
reference_id	1596008
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1596008

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906315
reference_id	906315
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906315

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906316
reference_id	906316
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906316

reference_url	https://access.redhat.com/errata/RHSA-2018:2731
reference_id	RHSA-2018:2731
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2731

reference_url	https://access.redhat.com/errata/RHSA-2018:2732
reference_id	RHSA-2018:2732
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2732

reference_url	https://access.redhat.com/errata/RHSA-2018:3470
reference_id	RHSA-2018:3470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3470

reference_url	https://usn.ubuntu.com/3751-1/
reference_id	USN-3751-1
reference_type
scores
url	https://usn.ubuntu.com/3751-1/

fixed_packages

url pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

purl pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.0-1.3%252Bdeb10u1

aliases CVE-2018-10873

risk_score 3.8

exploitability 0.5

weighted_severity 7.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-btxr-2zwf-hfdc

url VCID-ffvg-6mve-zuee

vulnerability_id VCID-ffvg-6mve-zuee

summary spice: Improper input validation in function async_READ_handler

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23793.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23793.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-23793

reference_id

reference_type

scores

value	0.0009
scoring_system	epss
scoring_elements	0.25476
published_at	2026-04-01T12:55:00Z

value	0.0009
scoring_system	epss
scoring_elements	0.25542
published_at	2026-04-02T12:55:00Z

value	0.0009
scoring_system	epss
scoring_elements	0.2538
published_at	2026-04-18T12:55:00Z

value	0.0009
scoring_system	epss
scoring_elements	0.25383
published_at	2026-04-13T12:55:00Z

value	0.0009
scoring_system	epss
scoring_elements	0.2539
published_at	2026-04-16T12:55:00Z

value	0.0009
scoring_system	epss
scoring_elements	0.25579
published_at	2026-04-04T12:55:00Z

value	0.0009
scoring_system	epss
scoring_elements	0.25352
published_at	2026-04-07T12:55:00Z

value	0.0009
scoring_system	epss
scoring_elements	0.2542
published_at	2026-04-08T12:55:00Z

value	0.0009
scoring_system	epss
scoring_elements	0.25467
published_at	2026-04-09T12:55:00Z

value	0.0009
scoring_system	epss
scoring_elements	0.25479
published_at	2026-04-11T12:55:00Z

value	0.0009
scoring_system	epss
scoring_elements	0.25437
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-23793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23793

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2234984
reference_id	2234984
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2234984

reference_url

https://github.com/zelat/spice-security-issues

reference_id

spice-security-issues

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:56:53Z/

url

https://github.com/zelat/spice-security-issues

fixed_packages

url pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

purl pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.0-1.3%252Bdeb10u1

aliases CVE-2020-23793

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ffvg-6mve-zuee

url VCID-qep8-yync-3kch

vulnerability_id VCID-qep8-yync-3kch

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7506.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7506.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7506

reference_id

reference_type

scores

value	0.00855
scoring_system	epss
scoring_elements	0.749
published_at	2026-04-01T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.74903
published_at	2026-04-07T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.74901
published_at	2026-04-02T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.7493
published_at	2026-04-04T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.74937
published_at	2026-04-08T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.74949
published_at	2026-04-09T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.74972
published_at	2026-04-11T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.7495
published_at	2026-04-12T12:55:00Z

value	0.00884
scoring_system	epss
scoring_elements	0.75412
published_at	2026-04-13T12:55:00Z

value	0.00884
scoring_system	epss
scoring_elements	0.75453
published_at	2026-04-16T12:55:00Z

value	0.00884
scoring_system	epss
scoring_elements	0.75459
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7506

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:P/I:P/A:C

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452606
reference_id	1452606
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452606

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868083
reference_id	868083
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868083

reference_url	https://security.archlinux.org/ASA-201708-12
reference_id	ASA-201708-12
reference_type
scores
url	https://security.archlinux.org/ASA-201708-12

reference_url

reference_id

AVG-349

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3813.json

reference_url	https://access.redhat.com/errata/RHSA-2017:2471
reference_id	RHSA-2017:2471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2471

reference_url	https://access.redhat.com/errata/RHSA-2018:3522
reference_id	RHSA-2018:3522
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3522

reference_url	https://usn.ubuntu.com/3355-1/
reference_id	USN-3355-1
reference_type
scores
url	https://usn.ubuntu.com/3355-1/

fixed_packages

url pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

purl pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.0-1.3%252Bdeb10u1

aliases CVE-2017-7506

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qep8-yync-3kch

Fixing_vulnerabilities

url VCID-8hpc-axe9-p7am

vulnerability_id VCID-8hpc-axe9-p7am

summary

A buffer overread has been discovered in spice possibly allowing
    remote execution of code.

references

reference_url

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3813.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-3813

reference_id

reference_type

scores

value	0.00241
scoring_system	epss
scoring_elements	0.4733
published_at	2026-04-01T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47445
published_at	2026-04-18T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47389
published_at	2026-04-09T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47413
published_at	2026-04-11T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47394
published_at	2026-04-13T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47453
published_at	2026-04-16T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47366
published_at	2026-04-02T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47387
published_at	2026-04-12T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.47335
published_at	2026-04-07T12:55:00Z

value	0.00241
scoring_system	epss
scoring_elements	0.4739
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-3813

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3813
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3813

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/01/msg00026.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/01/msg00026.html

reference_url	https://www.debian.org/security/2019/dsa-4375
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4375

reference_url	http://www.securityfocus.com/bid/106801
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106801

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665371
reference_id	1665371
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665371

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920762
reference_id	920762
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920762

reference_url	https://security.archlinux.org/ASA-201902-4
reference_id	ASA-201902-4
reference_type
scores
url	https://security.archlinux.org/ASA-201902-4

reference_url

reference_id

AVG-866

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:spice_project:spice::::::::
reference_id	cpe:2.3:a:spice_project:spice::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:spice_project:spice::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

reference_id

CVE-2019-3813

reference_type

scores

value	5.4
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0749

reference_url	https://security.gentoo.org/glsa/202007-30
reference_id	GLSA-202007-30
reference_type
scores
url	https://security.gentoo.org/glsa/202007-30

reference_url	https://access.redhat.com/errata/RHSA-2019:0231
reference_id	RHSA-2019:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0231

reference_url	https://access.redhat.com/errata/RHSA-2019:0232
reference_id	RHSA-2019:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0232

reference_url	https://access.redhat.com/errata/RHSA-2019:0457
reference_id	RHSA-2019:0457
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0457

reference_url	https://usn.ubuntu.com/3870-1/
reference_id	USN-3870-1
reference_type
scores
url	https://usn.ubuntu.com/3870-1/

fixed_packages

url pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

purl pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

vulnerability	VCID-8hpc-axe9-p7am

vulnerability	VCID-btxr-2zwf-hfdc

vulnerability	VCID-ffvg-6mve-zuee

vulnerability	VCID-qep8-yync-3kch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.8-2.1%252Bdeb9u3

url pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

purl pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.0-1.3%252Bdeb10u1

aliases CVE-2019-3813

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8hpc-axe9-p7am

url VCID-9uj2-9xph-y3hm

vulnerability_id VCID-9uj2-9xph-y3hm

summary

Multiple vulnerabilities have been found in spice, the worst of
    which may result in the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-07/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-07/msg00003.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-07/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-07/msg00004.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0749.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0749.json

reference_url

reference_id

reference_type

scores

value	0.15975
scoring_system	epss
scoring_elements	0.94778
published_at	2026-04-18T12:55:00Z

value	0.15975
scoring_system	epss
scoring_elements	0.94766
published_at	2026-04-12T12:55:00Z

value	0.15975
scoring_system	epss
scoring_elements	0.94767
published_at	2026-04-13T12:55:00Z

value	0.15975
scoring_system	epss
scoring_elements	0.94775
published_at	2026-04-16T12:55:00Z

value	0.15975
scoring_system	epss
scoring_elements	0.94731
published_at	2026-04-01T12:55:00Z

value	0.15975
scoring_system	epss
scoring_elements	0.9474
published_at	2026-04-02T12:55:00Z

value	0.15975
scoring_system	epss
scoring_elements	0.94744
published_at	2026-04-04T12:55:00Z

value	0.15975
scoring_system	epss
scoring_elements	0.94745
published_at	2026-04-07T12:55:00Z

value	0.15975
scoring_system	epss
scoring_elements	0.94755
published_at	2026-04-08T12:55:00Z

value	0.15975
scoring_system	epss
scoring_elements	0.94759
published_at	2026-04-09T12:55:00Z

value	0.15975
scoring_system	epss
scoring_elements	0.94762
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2150

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3596
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3596

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.ubuntu.com/usn/USN-3014-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3014-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1300646
reference_id	1300646
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1300646

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=826585
reference_id	826585
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=826585

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:spice_project:spice:-:::::::*
reference_id	cpe:2.3:a:spice_project:spice:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:spice_project:spice:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0::::scientific_computing:::
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0::::scientific_computing:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0::::scientific_computing:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0::::scientific_computing:::
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0::::scientific_computing:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0::::scientific_computing:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-0749

reference_id

CVE-2016-0749

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-0749

reference_url	https://security.gentoo.org/glsa/201606-05
reference_id	GLSA-201606-05
reference_type
scores
url	https://security.gentoo.org/glsa/201606-05

reference_url	https://access.redhat.com/errata/RHSA-2016:1204
reference_id	RHSA-2016:1204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1204

reference_url	https://access.redhat.com/errata/RHSA-2016:1205
reference_id	RHSA-2016:1205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1205

reference_url	https://usn.ubuntu.com/3014-1/
reference_id	USN-3014-1
reference_type
scores
url	https://usn.ubuntu.com/3014-1/

fixed_packages

url pkg:deb/debian/spice@0.12.5-1%2Bdeb8u5

purl pkg:deb/debian/spice@0.12.5-1%2Bdeb8u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

vulnerability	VCID-8hpc-axe9-p7am

vulnerability	VCID-9uj2-9xph-y3hm

vulnerability	VCID-btxr-2zwf-hfdc

vulnerability	VCID-c2qd-zga1-vycn

vulnerability	VCID-cqg7-9pas-5ffk

vulnerability	VCID-ffvg-6mve-zuee

vulnerability	VCID-md4t-zmhj-cbhf

vulnerability	VCID-qep8-yync-3kch

vulnerability	VCID-vbf4-zj87-rkck

vulnerability	VCID-w9nw-q8yp-qugm

vulnerability	VCID-we7z-vyz3-3udn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.5-1%252Bdeb8u5

url pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

purl pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

vulnerability	VCID-8hpc-axe9-p7am

vulnerability	VCID-btxr-2zwf-hfdc

vulnerability	VCID-ffvg-6mve-zuee

vulnerability	VCID-qep8-yync-3kch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.8-2.1%252Bdeb9u3

aliases CVE-2016-0749

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9uj2-9xph-y3hm

url VCID-btxr-2zwf-hfdc

vulnerability_id VCID-btxr-2zwf-hfdc

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10873.json

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10873.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10873

reference_id

reference_type

scores

value	0.01206
scoring_system	epss
scoring_elements	0.78911
published_at	2026-04-01T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78917
published_at	2026-04-02T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78946
published_at	2026-04-04T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78929
published_at	2026-04-07T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78954
published_at	2026-04-08T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.7896
published_at	2026-04-09T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78984
published_at	2026-04-18T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78968
published_at	2026-04-12T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78958
published_at	2026-04-13T12:55:00Z

value	0.01206
scoring_system	epss
scoring_elements	0.78987
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10873

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10873

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1596008
reference_id	1596008
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1596008

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906315
reference_id	906315
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906315

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906316
reference_id	906316
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906316

reference_url	https://access.redhat.com/errata/RHSA-2018:2731
reference_id	RHSA-2018:2731
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2731

reference_url	https://access.redhat.com/errata/RHSA-2018:2732
reference_id	RHSA-2018:2732
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2732

reference_url	https://access.redhat.com/errata/RHSA-2018:3470
reference_id	RHSA-2018:3470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3470

reference_url	https://usn.ubuntu.com/3751-1/
reference_id	USN-3751-1
reference_type
scores
url	https://usn.ubuntu.com/3751-1/

fixed_packages

url pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

purl pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

vulnerability	VCID-8hpc-axe9-p7am

vulnerability	VCID-btxr-2zwf-hfdc

vulnerability	VCID-ffvg-6mve-zuee

vulnerability	VCID-qep8-yync-3kch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.8-2.1%252Bdeb9u3

url pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

purl pkg:deb/debian/spice@0.14.0-1.3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.14.0-1.3%252Bdeb10u1

aliases CVE-2018-10873

risk_score 3.8

exploitability 0.5

weighted_severity 7.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-btxr-2zwf-hfdc

url VCID-c2qd-zga1-vycn

vulnerability_id VCID-c2qd-zga1-vycn

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9577.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9577.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9577

reference_id

reference_type

scores

value	0.03672
scoring_system	epss
scoring_elements	0.8785
published_at	2026-04-01T12:55:00Z

value	0.03672
scoring_system	epss
scoring_elements	0.8792
published_at	2026-04-18T12:55:00Z

value	0.03672
scoring_system	epss
scoring_elements	0.87907
published_at	2026-04-13T12:55:00Z

value	0.03672
scoring_system	epss
scoring_elements	0.87921
published_at	2026-04-16T12:55:00Z

value	0.03672
scoring_system	epss
scoring_elements	0.8786
published_at	2026-04-02T12:55:00Z

value	0.03672
scoring_system	epss
scoring_elements	0.87873
published_at	2026-04-04T12:55:00Z

value	0.03672
scoring_system	epss
scoring_elements	0.87876
published_at	2026-04-07T12:55:00Z

value	0.03672
scoring_system	epss
scoring_elements	0.87898
published_at	2026-04-08T12:55:00Z

value	0.03672
scoring_system	epss
scoring_elements	0.87905
published_at	2026-04-09T12:55:00Z

value	0.03672
scoring_system	epss
scoring_elements	0.87916
published_at	2026-04-11T12:55:00Z

value	0.03672
scoring_system	epss
scoring_elements	0.87909
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9577

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9577
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9577

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9578
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9578

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	10
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1401603
reference_id	1401603
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1401603

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854336
reference_id	854336
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854336

reference_url	https://access.redhat.com/errata/RHSA-2017:0253
reference_id	RHSA-2017:0253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0253

reference_url	https://access.redhat.com/errata/RHSA-2017:0254
reference_id	RHSA-2017:0254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0254

reference_url	https://access.redhat.com/errata/RHSA-2017:0549
reference_id	RHSA-2017:0549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0549

reference_url	https://access.redhat.com/errata/RHSA-2017:0552
reference_id	RHSA-2017:0552
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0552

reference_url	https://usn.ubuntu.com/3202-1/
reference_id	USN-3202-1
reference_type
scores
url	https://usn.ubuntu.com/3202-1/

fixed_packages

url pkg:deb/debian/spice@0.12.5-1%2Bdeb8u5

purl pkg:deb/debian/spice@0.12.5-1%2Bdeb8u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

vulnerability	VCID-8hpc-axe9-p7am

vulnerability	VCID-9uj2-9xph-y3hm

vulnerability	VCID-btxr-2zwf-hfdc

vulnerability	VCID-c2qd-zga1-vycn

vulnerability	VCID-cqg7-9pas-5ffk

vulnerability	VCID-ffvg-6mve-zuee

vulnerability	VCID-md4t-zmhj-cbhf

vulnerability	VCID-qep8-yync-3kch

vulnerability	VCID-vbf4-zj87-rkck

vulnerability	VCID-w9nw-q8yp-qugm

vulnerability	VCID-we7z-vyz3-3udn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.5-1%252Bdeb8u5

url pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

purl pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

vulnerability	VCID-8hpc-axe9-p7am

vulnerability	VCID-btxr-2zwf-hfdc

vulnerability	VCID-ffvg-6mve-zuee

vulnerability	VCID-qep8-yync-3kch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.8-2.1%252Bdeb9u3

aliases CVE-2016-9577

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2qd-zga1-vycn

url VCID-cqg7-9pas-5ffk

vulnerability_id VCID-cqg7-9pas-5ffk

summary

Multiple vulnerabilities have been found in spice, the worst of
    which may result in the remote execution of arbitrary code.

references

reference_url	http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html
reference_id
reference_type
scores
url	http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1889.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1889.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1890.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1890.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5261.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5261.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5261

reference_id

reference_type

scores

value	0.00092
scoring_system	epss
scoring_elements	0.25902
published_at	2026-04-18T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25975
published_at	2026-04-12T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25917
published_at	2026-04-13T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25921
published_at	2026-04-16T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25999
published_at	2026-04-01T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.26083
published_at	2026-04-02T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.26123
published_at	2026-04-04T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25889
published_at	2026-04-07T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25958
published_at	2026-04-08T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.2601
published_at	2026-04-09T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.2602
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5261

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5260
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5260

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5261
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5261

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:P/I:N/A:P

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2015/dsa-3371
reference_id
reference_type
scores
url	http://www.debian.org/security/2015/dsa-3371

reference_url	http://www.openwall.com/lists/oss-security/2015/10/06/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/10/06/4

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.securitytracker.com/id/1033753
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1033753

reference_url	http://www.ubuntu.com/usn/USN-2766-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2766-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1261889
reference_id	1261889
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1261889

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801091
reference_id	801091
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801091

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:spice_project:spice::::::::
reference_id	cpe:2.3:a:spice_project:spice::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:spice_project:spice::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-5261

reference_id

CVE-2015-5261

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:P/A:N

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2015-5261

reference_url	https://security.gentoo.org/glsa/201606-05
reference_id	GLSA-201606-05
reference_type
scores
url	https://security.gentoo.org/glsa/201606-05

reference_url	https://access.redhat.com/errata/RHSA-2015:1889
reference_id	RHSA-2015:1889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1889

reference_url	https://access.redhat.com/errata/RHSA-2015:1890
reference_id	RHSA-2015:1890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1890

reference_url	https://usn.ubuntu.com/2766-1/
reference_id	USN-2766-1
reference_type
scores
url	https://usn.ubuntu.com/2766-1/

fixed_packages

url pkg:deb/debian/spice@0.12.5-1%2Bdeb8u5

purl pkg:deb/debian/spice@0.12.5-1%2Bdeb8u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

vulnerability	VCID-8hpc-axe9-p7am

vulnerability	VCID-9uj2-9xph-y3hm

vulnerability	VCID-btxr-2zwf-hfdc

vulnerability	VCID-c2qd-zga1-vycn

vulnerability	VCID-cqg7-9pas-5ffk

vulnerability	VCID-ffvg-6mve-zuee

vulnerability	VCID-md4t-zmhj-cbhf

vulnerability	VCID-qep8-yync-3kch

vulnerability	VCID-vbf4-zj87-rkck

vulnerability	VCID-w9nw-q8yp-qugm

vulnerability	VCID-we7z-vyz3-3udn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.5-1%252Bdeb8u5

url pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

purl pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

vulnerability	VCID-8hpc-axe9-p7am

vulnerability	VCID-btxr-2zwf-hfdc

vulnerability	VCID-ffvg-6mve-zuee

vulnerability	VCID-qep8-yync-3kch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.8-2.1%252Bdeb9u3

aliases CVE-2015-5261

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cqg7-9pas-5ffk

url VCID-md4t-zmhj-cbhf

vulnerability_id VCID-md4t-zmhj-cbhf

summary

Multiple vulnerabilities have been found in spice, the worst of
    which may result in the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-07/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-07/msg00003.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-07/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-07/msg00004.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2150.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2150.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2150

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.2208
published_at	2026-04-18T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22187
published_at	2026-04-11T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22146
published_at	2026-04-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22087
published_at	2026-04-16T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22044
published_at	2026-04-01T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22201
published_at	2026-04-02T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22249
published_at	2026-04-04T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22032
published_at	2026-04-07T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22112
published_at	2026-04-08T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22167
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2150

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:C/I:C/A:C

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3596
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3596

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.ubuntu.com/usn/USN-3014-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3014-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1313496
reference_id	1313496
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1313496

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=826584
reference_id	826584
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=826584

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:spice_project:spice:-:::::::*
reference_id	cpe:2.3:a:spice_project:spice:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:spice_project:spice:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0::::scientific_computing:::
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0::::scientific_computing:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0::::scientific_computing:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0::::scientific_computing:::
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0::::scientific_computing:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0::::scientific_computing:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2150

reference_id

CVE-2016-2150

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:P/A:N

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2150

reference_url	https://security.gentoo.org/glsa/201606-05
reference_id	GLSA-201606-05
reference_type
scores
url	https://security.gentoo.org/glsa/201606-05

reference_url	https://access.redhat.com/errata/RHSA-2016:1204
reference_id	RHSA-2016:1204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1204

reference_url	https://access.redhat.com/errata/RHSA-2016:1205
reference_id	RHSA-2016:1205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1205

reference_url	https://usn.ubuntu.com/3014-1/
reference_id	USN-3014-1
reference_type
scores
url	https://usn.ubuntu.com/3014-1/

fixed_packages

url pkg:deb/debian/spice@0.12.5-1%2Bdeb8u5

purl pkg:deb/debian/spice@0.12.5-1%2Bdeb8u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

vulnerability	VCID-8hpc-axe9-p7am

vulnerability	VCID-9uj2-9xph-y3hm

vulnerability	VCID-btxr-2zwf-hfdc

vulnerability	VCID-c2qd-zga1-vycn

vulnerability	VCID-cqg7-9pas-5ffk

vulnerability	VCID-ffvg-6mve-zuee

vulnerability	VCID-md4t-zmhj-cbhf

vulnerability	VCID-qep8-yync-3kch

vulnerability	VCID-vbf4-zj87-rkck

vulnerability	VCID-w9nw-q8yp-qugm

vulnerability	VCID-we7z-vyz3-3udn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.5-1%252Bdeb8u5

url pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

purl pkg:deb/debian/spice@0.12.8-2.1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-15db-nrnx-wbcw

vulnerability	VCID-7rdm-m2fr-qbb6

vulnerability	VCID-8hpc-axe9-p7am

vulnerability	VCID-btxr-2zwf-hfdc

vulnerability	VCID-ffvg-6mve-zuee

vulnerability	VCID-qep8-yync-3kch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spice@0.12.8-2.1%252Bdeb9u3

aliases CVE-2016-2150

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-md4t-zmhj-cbhf

url VCID-qep8-yync-3kch

vulnerability_id VCID-qep8-yync-3kch

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7506.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7506.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7506

reference_id

reference_type

scores

value	0.00855
scoring_system	epss
scoring_elements	0.749
published_at	2026-04-01T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.74903
published_at	2026-04-07T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.74901
published_at	2026-04-02T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.7493
published_at	2026-04-04T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.74937
published_at	2026-04-08T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.74949
published_at	2026-04-09T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.74972
published_at	2026-04-11T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.7495
published_at	2026-04-12T12:55:00Z

value	0.00884
scoring_system	epss
scoring_elements	0.75412
published_at	2026-04-13T12:55:00Z

value	0.00884
scoring_system	epss
scoring_elements	0.75453
published_at	2026-04-16T12:55:00Z

value	0.00884
scoring_system	epss
scoring_elements	0.75459
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7506

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:P/I:P/A:C

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452606
reference_id	1452606
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452606

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868083
reference_id	868083
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868083

reference_url	https://security.archlinux.org/ASA-201708-12
reference_id	ASA-201708-12
reference_type
scores
url	https://security.archlinux.org/ASA-201708-12

reference_url

reference_id

AVG-349

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url