[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2008-4539":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":80,"related":81,"reserved_at":9,"published_at":84,"modified_at":85,"state":86,"summary":87,"references_raw":96,"kevs":191,"epss":192,"epss_history":195,"metrics":460,"affected":465},"CVE-2008-4539","Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX \"bitblt\" heap overflow.  NOTE: this issue exists because of an incorrect fix for CVE-2007-1320.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78],{"_key":73},"OPENSUSE-SU-2024:10233-1",{"_key":75},"OPENSUSE-SU-2024:10285-1",{"_key":77},"DSA-1799-1",{"_key":79},"DEBIAN-CVE-2008-4539",[],[82,83],{"_key":73},{"_key":75},"2008-12-29T15:00:00.000Z","2024-08-07T10:17:09.858Z","Modified",{"cisa_kev":88,"cisa_ransomware":88,"cisa_vendor":9,"epss_severity":89,"epss_score":90,"severity":91,"severity_score":92,"severity_version":93,"severity_source":94,"severity_vector":95,"severity_status":86},false,"low",0.00048,"high",7.2,"v2.0","nvd","AV:L/AC:L/Au:N/C:C/I:C/A:C",[97,104,110,114,120,124,128,134,139,143,147,153,157,162,166,170,175,179,183,187],{"url":98,"sources":99,"tags":101},"http://secunia.com/advisories/35062",[100,94],"cve.org",[102,103],"Third Party Advisory","X Refsource SECUNIA",{"url":105,"sources":106,"tags":107},"http://www.mail-archive.com/secure-testing-commits%40lists.alioth.debian.org/msg09322.html",[100,94],[108,109],"Mailing List","X Refsource MLIST",{"url":111,"sources":112,"tags":113},"http://www.mail-archive.com/cvs-all%40freebsd.org/msg129730.html",[100,94],[108,109],{"url":115,"sources":116,"tags":117},"https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html",[100,94],[118,119,102],"Vendor Advisory","X Refsource FEDORA",{"url":121,"sources":122,"tags":123},"http://secunia.com/advisories/25073",[100,94],[102,103],{"url":125,"sources":126,"tags":127},"http://secunia.com/advisories/34642",[100,94],[102,103],{"url":129,"sources":130,"tags":131},"https://bugzilla.redhat.com/show_bug.cgi?id=466890",[100,94],[132,133,102],"X Refsource CONFIRM","Issue Tracking",{"url":135,"sources":136,"tags":137},"http://www.ubuntu.com/usn/usn-776-1",[100,94],[118,138,102],"X Refsource UBUNTU",{"url":140,"sources":141,"tags":142},"http://secunia.com/advisories/33350",[100,94],[102,103],{"url":144,"sources":145,"tags":146},"https://bugzilla.redhat.com/show_bug.cgi?id=448525",[100,94],[132,133,102],{"url":148,"sources":149,"tags":150},"https://exchange.xforce.ibmcloud.com/vulnerabilities/47736",[100,94],[151,152,102],"VDB Entry","X Refsource XF",{"url":154,"sources":155,"tags":156},"https://bugzilla.redhat.com/show_bug.cgi?id=237342",[100,94],[132,133,102],{"url":158,"sources":159,"tags":160},"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html",[100,94],[118,161,108,102],"X Refsource SUSE",{"url":163,"sources":164,"tags":165},"http://secunia.com/advisories/29129",[100,94],[102,103],{"url":167,"sources":168,"tags":169},"http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=5587",[100,94],[132,102],{"url":171,"sources":172,"tags":173},"http://www.debian.org/security/2009/dsa-1799",[100,94],[118,174,102],"X Refsource DEBIAN",{"url":176,"sources":177,"tags":178},"http://groups.google.com/group/linux.debian.changes.devel/msg/9e0dc008572f2867?dmode=source",[100,94],[108,109,102],{"url":180,"sources":181,"tags":182},"http://git.kernel.dk/?p=qemu.git%3Ba=commitdiff%3Bh=65d35a09979e63541afc5bfc595b9f1b1b4ae069",[100,94],[132],{"url":184,"sources":185,"tags":186},"http://secunia.com/advisories/35031",[100,94],[102,103],{"url":188,"sources":189,"tags":190},"https://launchpad.net/ubuntu/jaunty/+source/qemu/0.9.1+svn20081112-1ubuntu1",[100,94],[132,102],[],{"date":193,"score":90,"percentile":194},"2026-06-04",0.15213,[196,199,202,205,208,211,214,217,220,223,226,229,232,235,238,241,244,247,250,253,256,259,262,265,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,327,330,333,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378,381,384,386,389,392,394,397,400,403,406,408,411,414,417,420,423,426,429,432,435,438,441,444,447,450,452,455,458],{"date":197,"score":90,"percentile":198},"2025-11-04",0.14563,{"date":200,"score":90,"percentile":201},"2025-11-05",0.14596,{"date":203,"score":90,"percentile":204},"2025-11-06",0.14693,{"date":206,"score":90,"percentile":207},"2025-11-07",0.14713,{"date":209,"score":90,"percentile":210},"2025-11-08",0.14725,{"date":212,"score":90,"percentile":213},"2025-11-09",0.147,{"date":215,"score":90,"percentile":216},"2025-11-10",0.14663,{"date":218,"score":90,"percentile":219},"2025-11-11",0.1468,{"date":221,"score":90,"percentile":222},"2025-11-12",0.14719,{"date":224,"score":90,"percentile":225},"2025-11-13",0.14746,{"date":227,"score":90,"percentile":228},"2025-11-14",0.14745,{"date":230,"score":90,"percentile":231},"2025-11-15",0.14704,{"date":233,"score":90,"percentile":234},"2025-11-16",0.14696,{"date":236,"score":90,"percentile":237},"2025-11-17",0.14654,{"date":239,"score":90,"percentile":240},"2025-11-18",0.10125,{"date":242,"score":90,"percentile":243},"2025-11-19",0.10136,{"date":245,"score":90,"percentile":246},"2025-11-20",0.1016,{"date":248,"score":90,"percentile":249},"2025-11-21",0.14679,{"date":251,"score":90,"percentile":252},"2025-11-22",0.14662,{"date":254,"score":90,"percentile":255},"2025-11-23",0.14645,{"date":257,"score":90,"percentile":258},"2025-11-24",0.14614,{"date":260,"score":90,"percentile":261},"2025-11-25",0.14608,{"date":263,"score":90,"percentile":264},"2025-11-26",0.14603,{"date":266,"score":90,"percentile":258},"2025-11-27",{"date":268,"score":90,"percentile":269},"2025-11-28",0.14595,{"date":271,"score":90,"percentile":272},"2025-11-29",0.14583,{"date":274,"score":90,"percentile":275},"2025-11-30",0.14587,{"date":277,"score":90,"percentile":278},"2025-12-01",0.14622,{"date":280,"score":90,"percentile":281},"2025-12-02",0.14639,{"date":283,"score":90,"percentile":284},"2025-12-03",0.14664,{"date":286,"score":90,"percentile":287},"2025-12-04",0.14627,{"date":289,"score":90,"percentile":290},"2025-12-05",0.1469,{"date":292,"score":90,"percentile":293},"2025-12-06",0.14707,{"date":295,"score":90,"percentile":296},"2025-12-07",0.14686,{"date":298,"score":90,"percentile":299},"2025-12-08",0.14694,{"date":301,"score":90,"percentile":302},"2025-12-09",0.14753,{"date":304,"score":90,"percentile":305},"2025-12-10",0.14826,{"date":307,"score":90,"percentile":308},"2025-12-11",0.14851,{"date":310,"score":90,"percentile":311},"2025-12-12",0.14903,{"date":313,"score":90,"percentile":314},"2025-12-13",0.14911,{"date":316,"score":90,"percentile":317},"2025-12-14",0.14865,{"date":319,"score":90,"percentile":320},"2025-12-15",0.14831,{"date":322,"score":90,"percentile":323},"2025-12-16",0.14858,{"date":325,"score":90,"percentile":326},"2025-12-17",0.14955,{"date":328,"score":90,"percentile":329},"2025-12-18",0.15013,{"date":331,"score":90,"percentile":332},"2025-12-19",0.15053,{"date":334,"score":90,"percentile":335},"2025-12-20",0.15027,{"date":337,"score":90,"percentile":338},"2025-12-21",0.14992,{"date":340,"score":90,"percentile":341},"2025-12-22",0.14946,{"date":343,"score":90,"percentile":344},"2025-12-23",0.14947,{"date":346,"score":90,"percentile":347},"2025-12-24",0.14958,{"date":349,"score":90,"percentile":350},"2025-12-25",0.15033,{"date":352,"score":90,"percentile":353},"2025-12-26",0.15026,{"date":355,"score":90,"percentile":356},"2025-12-27",0.15042,{"date":358,"score":90,"percentile":359},"2025-12-28",0.14989,{"date":361,"score":90,"percentile":362},"2025-12-29",0.14926,{"date":364,"score":90,"percentile":365},"2025-12-30",0.1494,{"date":367,"score":90,"percentile":368},"2025-12-31",0.15003,{"date":370,"score":90,"percentile":371},"2026-01-01",0.15095,{"date":373,"score":90,"percentile":374},"2026-01-02",0.15082,{"date":376,"score":90,"percentile":377},"2026-01-03",0.15059,{"date":379,"score":90,"percentile":380},"2026-01-04",0.14977,{"date":382,"score":90,"percentile":383},"2026-01-05",0.14936,{"date":385,"score":90,"percentile":344},"2026-01-06",{"date":387,"score":90,"percentile":388},"2026-01-07",0.14982,{"date":390,"score":90,"percentile":391},"2026-01-08",0.15032,{"date":393,"score":90,"percentile":356},"2026-01-09",{"date":395,"score":90,"percentile":396},"2026-01-10",0.15061,{"date":398,"score":90,"percentile":399},"2026-01-11",0.15017,{"date":401,"score":90,"percentile":402},"2026-01-12",0.14983,{"date":404,"score":90,"percentile":405},"2026-01-13",0.1497,{"date":407,"score":90,"percentile":353},"2026-01-14",{"date":409,"score":90,"percentile":410},"2026-01-15",0.15022,{"date":412,"score":90,"percentile":413},"2026-01-16",0.15034,{"date":415,"score":90,"percentile":416},"2026-01-17",0.15052,{"date":418,"score":90,"percentile":419},"2026-01-18",0.1499,{"date":421,"score":90,"percentile":422},"2026-01-19",0.14917,{"date":424,"score":90,"percentile":425},"2026-01-20",0.149,{"date":427,"score":90,"percentile":428},"2026-01-21",0.14889,{"date":430,"score":90,"percentile":431},"2026-01-22",0.14809,{"date":433,"score":90,"percentile":434},"2026-01-23",0.14886,{"date":436,"score":90,"percentile":437},"2026-01-24",0.14915,{"date":439,"score":90,"percentile":440},"2026-01-25",0.14853,{"date":442,"score":90,"percentile":443},"2026-01-26",0.14763,{"date":445,"score":90,"percentile":446},"2026-01-27",0.14759,{"date":448,"score":90,"percentile":449},"2026-01-28",0.1477,{"date":451,"score":90,"percentile":228},"2026-01-29",{"date":453,"score":90,"percentile":454},"2026-01-30",0.1474,{"date":456,"score":90,"percentile":457},"2026-01-31",0.14765,{"date":459,"score":90,"percentile":225},"2026-02-01",[461],{"source":94,"cvss_v2_0":462,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":92,"baseSeverity":9,"vectorString":95,"impactScore":463,"exploitabilityScore":464},10,3.9,[466,477,486,496],{"ecosystem":9,"name":467,"vendor":468,"product":469,"cpe_part":470,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":471},"ubuntu linux","canonical","ubuntu_linux","o",[472,475],{"version":473,"is_range":88,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.04","cpe",{"version":476,"is_range":88,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.10",{"ecosystem":9,"name":478,"vendor":479,"product":480,"cpe_part":470,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":481},"debian linux","debian","debian_linux",[482,484],{"version":483,"is_range":88,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0",{"version":485,"is_range":88,"range_type":474,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0",{"ecosystem":9,"name":487,"vendor":488,"product":487,"cpe_part":489,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":490},"kvm","kvm_qumranet","a",[491],{"version":492,"is_range":493,"range_type":474,"version_start":9,"version_start_type":9,"version_end":494,"version_end_type":495,"fixed_in":9},"lte81",true,"81","including",{"ecosystem":9,"name":497,"vendor":497,"product":497,"cpe_part":489,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":498},"qemu",[499],{"version":500,"is_range":493,"range_type":474,"version_start":9,"version_start_type":9,"version_end":501,"version_end_type":502,"fixed_in":9},"lt0.10.0","0.10.0","excluding"]