[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2008-1878":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T20:55:37.768Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":84,"duplicate_of":9,"upstream":85,"downstream":86,"duplicates":91,"related":92,"reserved_at":9,"published_at":93,"modified_at":94,"state":95,"summary":96,"references_raw":105,"kevs":193,"epss":194,"epss_history":197,"metrics":452,"affected":457},"CVE-2008-1878","Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[69],{"_key":70,"name":71,"source":72,"url":73,"maturity":74,"reliability_score":75,"verified":76,"type":77,"platforms":78,"requires_auth":9,"exploitdb":80,"metasploit":9},"5458","Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC)","exploit-database","https://www.exploit-db.com/exploits/5458","poc",0.8,true,"dos",[79],"linux",{"verified":76,"type":77,"platform":79,"file":81,"codes":82},"exploits/linux/dos/5458.txt",[83,7],"OSVDB-44450",[],[],[87,89],{"_key":88},"DSA-1586-1",{"_key":90},"DTSA-128-1",[],[],"2008-04-17T22:00:00.000Z","2024-08-07T08:41:00.200Z","Modified",{"cisa_kev":97,"cisa_ransomware":97,"cisa_vendor":9,"epss_severity":98,"epss_score":99,"severity":100,"severity_score":101,"severity_version":102,"severity_source":103,"severity_vector":104,"severity_status":95},false,"low",0.07928,"high",7.5,"v2.0","nvd","AV:N/AC:L/Au:N/C:P/I:P/A:P",[106,113,118,122,128,133,139,143,148,153,158,163,167,171,176,180,185,189],{"url":107,"sources":108,"tags":110},"https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00536.html",[109,103],"cve.org",[111,112],"Vendor Advisory","X Refsource FEDORA",{"url":114,"sources":115,"tags":116},"http://security.gentoo.org/glsa/glsa-200808-01.xml",[109,103],[111,117],"X Refsource GENTOO",{"url":119,"sources":120,"tags":121},"https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00571.html",[109,103],[111,112],{"url":123,"sources":124,"tags":125},"http://www.vupen.com/english/advisories/2008/1247/references",[109,103],[126,127],"VDB Entry","X Refsource VUPEN",{"url":129,"sources":130,"tags":131},"http://www.debian.org/security/2008/dsa-1586",[109,103],[111,132],"X Refsource DEBIAN",{"url":134,"sources":135,"tags":136},"http://secunia.com/advisories/30021",[109,103],[137,138],"Third Party Advisory","X Refsource SECUNIA",{"url":140,"sources":141,"tags":142},"http://secunia.com/advisories/29850",[109,103],[137,138,111],{"url":144,"sources":145,"tags":146},"http://www.mandriva.com/security/advisories?name=MDVSA-2008:177",[109,103],[111,147],"X Refsource MANDRIVA",{"url":73,"sources":149,"tags":150},[109,103],[151,152],"Exploit","X Refsource EXPLOIT DB",{"url":154,"sources":155,"tags":156},"http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html",[109,103],[111,157],"X Refsource SUSE",{"url":159,"sources":160,"tags":161},"https://exchange.xforce.ibmcloud.com/vulnerabilities/41865",[109,103],[126,162],"X Refsource XF",{"url":164,"sources":165,"tags":166},"http://secunia.com/advisories/31393",[109,103],[137,138],{"url":168,"sources":169,"tags":170},"http://www.mandriva.com/security/advisories?name=MDVSA-2008:178",[109,103],[111,147],{"url":172,"sources":173,"tags":174},"http://www.securityfocus.com/bid/28816",[109,103],[126,175],"X Refsource BID",{"url":177,"sources":178,"tags":179},"http://secunia.com/advisories/31372",[109,103],[137,138],{"url":181,"sources":182,"tags":183},"http://www.ubuntu.com/usn/usn-635-1",[109,103],[111,184],"X Refsource UBUNTU",{"url":186,"sources":187,"tags":188},"http://secunia.com/advisories/30337",[109,103],[137,138],{"url":190,"sources":191,"tags":192},"http://secunia.com/advisories/30581",[109,103],[137,138],[],{"date":195,"score":99,"percentile":196},"2026-06-06",0.92202,[198,201,204,207,210,213,215,218,221,224,227,230,233,236,239,242,245,248,251,254,257,260,263,265,268,271,274,276,279,282,285,288,291,294,297,299,302,305,308,311,313,315,317,320,323,326,329,331,334,337,340,343,345,347,350,352,355,358,361,364,367,369,372,375,378,380,383,386,389,391,394,397,400,403,406,409,412,415,418,421,424,427,430,433,435,438,441,444,447,449],{"date":199,"score":99,"percentile":200},"2025-11-04",0.91653,{"date":202,"score":99,"percentile":203},"2025-11-05",0.91652,{"date":205,"score":99,"percentile":206},"2025-11-06",0.91654,{"date":208,"score":99,"percentile":209},"2025-11-07",0.91658,{"date":211,"score":99,"percentile":212},"2025-11-08",0.91656,{"date":214,"score":99,"percentile":206},"2025-11-09",{"date":216,"score":99,"percentile":217},"2025-11-10",0.91655,{"date":219,"score":99,"percentile":220},"2025-11-11",0.9166,{"date":222,"score":99,"percentile":223},"2025-11-12",0.91664,{"date":225,"score":99,"percentile":226},"2025-11-13",0.91666,{"date":228,"score":99,"percentile":229},"2025-11-14",0.91668,{"date":231,"score":99,"percentile":232},"2025-11-15",0.91665,{"date":234,"score":99,"percentile":235},"2025-11-16",0.91675,{"date":237,"score":99,"percentile":238},"2025-11-17",0.91677,{"date":240,"score":99,"percentile":241},"2025-11-18",0.91162,{"date":243,"score":99,"percentile":244},"2025-11-19",0.91166,{"date":246,"score":99,"percentile":247},"2025-11-20",0.91171,{"date":249,"score":99,"percentile":250},"2025-11-21",0.91686,{"date":252,"score":99,"percentile":253},"2025-11-22",0.91685,{"date":255,"score":99,"percentile":256},"2025-11-23",0.91691,{"date":258,"score":99,"percentile":259},"2025-11-24",0.91692,{"date":261,"score":99,"percentile":262},"2025-11-25",0.91689,{"date":264,"score":99,"percentile":262},"2025-11-26",{"date":266,"score":99,"percentile":267},"2025-11-27",0.91687,{"date":269,"score":99,"percentile":270},"2025-11-28",0.91678,{"date":272,"score":99,"percentile":273},"2025-11-29",0.91704,{"date":275,"score":99,"percentile":273},"2025-11-30",{"date":277,"score":99,"percentile":278},"2025-12-01",0.91748,{"date":280,"score":99,"percentile":281},"2025-12-02",0.91752,{"date":283,"score":99,"percentile":284},"2025-12-03",0.91753,{"date":286,"score":99,"percentile":287},"2025-12-04",0.91703,{"date":289,"score":99,"percentile":290},"2025-12-05",0.91706,{"date":292,"score":99,"percentile":293},"2025-12-06",0.91709,{"date":295,"score":99,"percentile":296},"2025-12-07",0.91707,{"date":298,"score":99,"percentile":290},"2025-12-08",{"date":300,"score":99,"percentile":301},"2025-12-09",0.9171,{"date":303,"score":99,"percentile":304},"2025-12-10",0.91716,{"date":306,"score":99,"percentile":307},"2025-12-11",0.91719,{"date":309,"score":99,"percentile":310},"2025-12-12",0.9172,{"date":312,"score":99,"percentile":293},"2025-12-13",{"date":314,"score":99,"percentile":290},"2025-12-14",{"date":316,"score":99,"percentile":301},"2025-12-15",{"date":318,"score":99,"percentile":319},"2025-12-16",0.91723,{"date":321,"score":99,"percentile":322},"2025-12-17",0.9173,{"date":324,"score":99,"percentile":325},"2025-12-18",0.91734,{"date":327,"score":99,"percentile":328},"2025-12-19",0.91738,{"date":330,"score":99,"percentile":328},"2025-12-20",{"date":332,"score":99,"percentile":333},"2025-12-21",0.91741,{"date":335,"score":99,"percentile":336},"2025-12-22",0.91736,{"date":338,"score":99,"percentile":339},"2025-12-23",0.9174,{"date":341,"score":99,"percentile":342},"2025-12-24",0.9175,{"date":344,"score":99,"percentile":281},"2025-12-25",{"date":346,"score":99,"percentile":281},"2025-12-26",{"date":348,"score":99,"percentile":349},"2025-12-27",0.9178,{"date":351,"score":99,"percentile":278},"2025-12-28",{"date":353,"score":99,"percentile":354},"2025-12-29",0.91746,{"date":356,"score":99,"percentile":357},"2025-12-30",0.91751,{"date":359,"score":99,"percentile":360},"2025-12-31",0.91759,{"date":362,"score":99,"percentile":363},"2026-01-01",0.91819,{"date":365,"score":99,"percentile":366},"2026-01-02",0.91814,{"date":368,"score":99,"percentile":366},"2026-01-03",{"date":370,"score":99,"percentile":371},"2026-01-04",0.91766,{"date":373,"score":99,"percentile":374},"2026-01-05",0.91763,{"date":376,"score":99,"percentile":377},"2026-01-06",0.91765,{"date":379,"score":99,"percentile":377},"2026-01-07",{"date":381,"score":99,"percentile":382},"2026-01-08",0.91767,{"date":384,"score":99,"percentile":385},"2026-01-09",0.91769,{"date":387,"score":99,"percentile":388},"2026-01-10",0.9177,{"date":390,"score":99,"percentile":374},"2026-01-11",{"date":392,"score":99,"percentile":393},"2026-01-12",0.91762,{"date":395,"score":99,"percentile":396},"2026-01-13",0.91761,{"date":398,"score":99,"percentile":399},"2026-01-14",0.91775,{"date":401,"score":99,"percentile":402},"2026-01-15",0.91778,{"date":404,"score":99,"percentile":405},"2026-01-16",0.91781,{"date":407,"score":99,"percentile":408},"2026-01-17",0.91785,{"date":410,"score":99,"percentile":411},"2026-01-18",0.91782,{"date":413,"score":99,"percentile":414},"2026-01-19",0.91786,{"date":416,"score":99,"percentile":417},"2026-01-20",0.91788,{"date":419,"score":99,"percentile":420},"2026-01-21",0.91792,{"date":422,"score":99,"percentile":423},"2026-01-22",0.91796,{"date":425,"score":99,"percentile":426},"2026-01-23",0.91804,{"date":428,"score":99,"percentile":429},"2026-01-24",0.91811,{"date":431,"score":99,"percentile":432},"2026-01-25",0.9181,{"date":434,"score":99,"percentile":366},"2026-01-26",{"date":436,"score":99,"percentile":437},"2026-01-27",0.91817,{"date":439,"score":99,"percentile":440},"2026-01-28",0.91823,{"date":442,"score":99,"percentile":443},"2026-01-29",0.91824,{"date":445,"score":99,"percentile":446},"2026-01-30",0.91825,{"date":448,"score":99,"percentile":440},"2026-01-31",{"date":450,"score":99,"percentile":451},"2026-02-01",0.91868,[453],{"source":103,"cvss_v2_0":454,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":101,"baseSeverity":9,"vectorString":104,"impactScore":455,"exploitabilityScore":456},6.4,10,[458],{"ecosystem":9,"name":459,"vendor":460,"product":459,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":462},"xine-lib","xine","a",[463,468,470,472,474,476,478,480],{"version":464,"is_range":76,"range_type":465,"version_start":9,"version_start_type":9,"version_end":466,"version_end_type":467,"fixed_in":9},"lte1.1.12","cpe","1.1.12","including",{"version":469,"is_range":97,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.1.0",{"version":471,"is_range":97,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.1.1",{"version":473,"is_range":97,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.1.9",{"version":475,"is_range":97,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.1.10",{"version":477,"is_range":97,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.1.10.1",{"version":479,"is_range":97,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.1.11",{"version":481,"is_range":97,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.1.11.1"]