[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2015-5154":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":116,"related":117,"reserved_at":9,"published_at":133,"modified_at":134,"state":135,"summary":136,"references_raw":145,"kevs":243,"epss":244,"epss_history":247,"metrics":509,"affected":514},"CVE-2015-5154","Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114],{"_key":73},"SUSE-SU-2015:1479-1",{"_key":75},"OPENSUSE-SU-2024:10196-1",{"_key":77},"SUSE-SU-2015:1299-1",{"_key":79},"SUSE-SU-2015:1302-1",{"_key":81},"SUSE-SU-2015:1408-1",{"_key":83},"SUSE-SU-2015:1409-1",{"_key":85},"SUSE-SU-2015:1421-1",{"_key":87},"SUSE-SU-2015:1426-1",{"_key":89},"SUSE-SU-2015:1455-1",{"_key":91},"SUSE-SU-2015:1472-1",{"_key":93},"SUSE-SU-2015:1479-2",{"_key":95},"SUSE-SU-2015:1782-1",{"_key":97},"SUSE-SU-2015:2324-1",{"_key":99},"USN-2692-1",{"_key":101},"DSA-3348-1",{"_key":103},"RHSA-2015:1507",{"_key":105},"RHSA-2015:1508",{"_key":107},"RHSA-2015:1512",{"_key":109},"MGASA-2015-0310",{"_key":111},"MGASA-2016-0098",{"_key":113},"UBUNTU-CVE-2015-5154",{"_key":115},"DEBIAN-CVE-2015-5154",[],[118,119,120,121,122,123,124,125,126,127,128,129,130,131,132],{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},{"_key":95},{"_key":97},{"_key":109},{"_key":111},"2015-08-12T14:00:00.000Z","2024-08-06T06:32:32.900Z","Modified",{"cisa_kev":137,"cisa_ransomware":137,"cisa_vendor":9,"epss_severity":138,"epss_score":139,"severity":140,"severity_score":141,"severity_version":142,"severity_source":143,"severity_vector":144,"severity_status":135},false,"low",0.00388,"high",7.2,"v2.0","nvd","AV:L/AC:L/Au:N/C:C/I:C/A:C",[146,153,160,165,171,176,181,185,190,194,199,203,207,211,215,219,223,227,231,235,239],{"url":147,"sources":148,"tags":150},"http://www.securityfocus.com/bid/76048",[149,143],"cve.org",[151,152],"VDB Entry","X Refsource BID",{"url":154,"sources":155,"tags":156},"http://xenbits.xen.org/xsa/advisory-138.html",[149,143],[157,158,159],"X Refsource CONFIRM","Patch","Vendor Advisory",{"url":161,"sources":162,"tags":163},"http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html",[149,143],[159,164],"X Refsource SUSE",{"url":166,"sources":167,"tags":168},"https://security.gentoo.org/glsa/201510-02",[149,143],[159,169,170],"X Refsource GENTOO","Third Party Advisory",{"url":172,"sources":173,"tags":174},"http://www.securitytracker.com/id/1033074",[149,143],[151,175],"X Refsource SECTRACK",{"url":177,"sources":178,"tags":179},"http://www.debian.org/security/2015/dsa-3348",[149,143],[159,180],"X Refsource DEBIAN",{"url":182,"sources":183,"tags":184},"http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html",[149,143],[159,164],{"url":186,"sources":187,"tags":188},"http://rhn.redhat.com/errata/RHSA-2015-1508.html",[149,143],[159,189],"X Refsource REDHAT",{"url":191,"sources":192,"tags":193},"http://rhn.redhat.com/errata/RHSA-2015-1507.html",[149,143],[159,189],{"url":195,"sources":196,"tags":197},"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163681.html",[149,143],[159,198,170],"X Refsource FEDORA",{"url":200,"sources":201,"tags":202},"http://rhn.redhat.com/errata/RHSA-2015-1512.html",[149,143],[159,189],{"url":204,"sources":205,"tags":206},"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00022.html",[149,143],[159,164],{"url":208,"sources":209,"tags":210},"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00041.html",[149,143],[159,164,170],{"url":212,"sources":213,"tags":214},"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00020.html",[149,143],[159,164],{"url":216,"sources":217,"tags":218},"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163658.html",[149,143],[159,198,170],{"url":220,"sources":221,"tags":222},"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html",[149,143],[159,164],{"url":224,"sources":225,"tags":226},"https://security.gentoo.org/glsa/201604-03",[149,143],[159,169],{"url":228,"sources":229,"tags":230},"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00042.html",[149,143],[159,164,170],{"url":232,"sources":233,"tags":234},"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00017.html",[149,143],[159,164],{"url":236,"sources":237,"tags":238},"http://support.citrix.com/article/CTX201593",[149,143],[157,170],{"url":240,"sources":241,"tags":242},"http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163472.html",[149,143],[159,198,170],[],{"date":245,"score":139,"percentile":246},"2026-06-04",0.60187,[248,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,297,300,303,305,308,311,314,317,320,323,326,329,332,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,383,386,389,391,394,396,398,401,404,407,410,413,416,419,422,425,428,431,434,437,440,443,446,449,452,455,458,460,463,466,469,472,475,478,480,482,485,488,491,493,496,498,501,503,506],{"date":249,"score":250,"percentile":251},"2025-11-04",0.00202,0.42514,{"date":253,"score":250,"percentile":254},"2025-11-05",0.42507,{"date":256,"score":250,"percentile":257},"2025-11-06",0.42519,{"date":259,"score":250,"percentile":260},"2025-11-07",0.42544,{"date":262,"score":250,"percentile":263},"2025-11-08",0.42539,{"date":265,"score":250,"percentile":266},"2025-11-09",0.42516,{"date":268,"score":250,"percentile":269},"2025-11-10",0.42482,{"date":271,"score":250,"percentile":272},"2025-11-11",0.42502,{"date":274,"score":250,"percentile":275},"2025-11-12",0.42535,{"date":277,"score":250,"percentile":278},"2025-11-13",0.42549,{"date":280,"score":250,"percentile":281},"2025-11-14",0.42558,{"date":283,"score":250,"percentile":284},"2025-11-15",0.42555,{"date":286,"score":250,"percentile":287},"2025-11-16",0.42538,{"date":289,"score":250,"percentile":290},"2025-11-17",0.42509,{"date":292,"score":250,"percentile":293},"2025-11-18",0.37936,{"date":295,"score":250,"percentile":296},"2025-11-19",0.37946,{"date":298,"score":250,"percentile":299},"2025-11-20",0.37939,{"date":301,"score":250,"percentile":302},"2025-11-21",0.42498,{"date":304,"score":250,"percentile":302},"2025-11-22",{"date":306,"score":250,"percentile":307},"2025-11-23",0.42469,{"date":309,"score":250,"percentile":310},"2025-11-24",0.42461,{"date":312,"score":250,"percentile":313},"2025-11-25",0.42475,{"date":315,"score":250,"percentile":316},"2025-11-26",0.4247,{"date":318,"score":250,"percentile":319},"2025-11-27",0.42474,{"date":321,"score":250,"percentile":322},"2025-11-28",0.42444,{"date":324,"score":250,"percentile":325},"2025-11-29",0.42422,{"date":327,"score":250,"percentile":328},"2025-11-30",0.42403,{"date":330,"score":139,"percentile":331},"2025-12-01",0.59258,{"date":333,"score":139,"percentile":334},"2025-12-02",0.59271,{"date":336,"score":139,"percentile":337},"2025-12-03",0.59275,{"date":339,"score":139,"percentile":340},"2025-12-04",0.59108,{"date":342,"score":139,"percentile":343},"2025-12-05",0.59116,{"date":345,"score":139,"percentile":346},"2025-12-06",0.59107,{"date":348,"score":139,"percentile":349},"2025-12-07",0.59098,{"date":351,"score":139,"percentile":352},"2025-12-08",0.591,{"date":354,"score":139,"percentile":355},"2025-12-09",0.59131,{"date":357,"score":139,"percentile":358},"2025-12-10",0.59183,{"date":360,"score":139,"percentile":361},"2025-12-11",0.59204,{"date":363,"score":139,"percentile":364},"2025-12-12",0.5922,{"date":366,"score":139,"percentile":367},"2025-12-13",0.59221,{"date":369,"score":139,"percentile":370},"2025-12-14",0.59214,{"date":372,"score":139,"percentile":373},"2025-12-15",0.59191,{"date":375,"score":139,"percentile":376},"2025-12-16",0.59215,{"date":378,"score":139,"percentile":379},"2025-12-17",0.59232,{"date":381,"score":139,"percentile":382},"2025-12-18",0.59268,{"date":384,"score":139,"percentile":385},"2025-12-19",0.59282,{"date":387,"score":139,"percentile":388},"2025-12-20",0.59284,{"date":390,"score":139,"percentile":337},"2025-12-21",{"date":392,"score":139,"percentile":393},"2025-12-22",0.59264,{"date":395,"score":139,"percentile":337},"2025-12-23",{"date":397,"score":139,"percentile":388},"2025-12-24",{"date":399,"score":139,"percentile":400},"2025-12-25",0.59321,{"date":402,"score":139,"percentile":403},"2025-12-26",0.59316,{"date":405,"score":139,"percentile":406},"2025-12-27",0.59364,{"date":408,"score":139,"percentile":409},"2025-12-28",0.59292,{"date":411,"score":139,"percentile":412},"2025-12-29",0.5928,{"date":414,"score":139,"percentile":415},"2025-12-30",0.59294,{"date":417,"score":139,"percentile":418},"2025-12-31",0.5932,{"date":420,"score":139,"percentile":421},"2026-01-01",0.59492,{"date":423,"score":139,"percentile":424},"2026-01-02",0.59477,{"date":426,"score":139,"percentile":427},"2026-01-03",0.59474,{"date":429,"score":139,"percentile":430},"2026-01-04",0.59299,{"date":432,"score":139,"percentile":433},"2026-01-05",0.59286,{"date":435,"score":139,"percentile":436},"2026-01-06",0.59293,{"date":438,"score":139,"percentile":439},"2026-01-07",0.59322,{"date":441,"score":139,"percentile":442},"2026-01-08",0.59347,{"date":444,"score":139,"percentile":445},"2026-01-09",0.59351,{"date":447,"score":139,"percentile":448},"2026-01-10",0.59346,{"date":450,"score":139,"percentile":451},"2026-01-11",0.59327,{"date":453,"score":139,"percentile":454},"2026-01-12",0.593,{"date":456,"score":139,"percentile":457},"2026-01-13",0.59274,{"date":459,"score":139,"percentile":403},"2026-01-14",{"date":461,"score":139,"percentile":462},"2026-01-15",0.59318,{"date":464,"score":139,"percentile":465},"2026-01-16",0.5934,{"date":467,"score":139,"percentile":468},"2026-01-17",0.59334,{"date":470,"score":139,"percentile":471},"2026-01-18",0.5933,{"date":473,"score":139,"percentile":474},"2026-01-19",0.59312,{"date":476,"score":139,"percentile":477},"2026-01-20",0.59317,{"date":479,"score":139,"percentile":462},"2026-01-21",{"date":481,"score":139,"percentile":400},"2026-01-22",{"date":483,"score":139,"percentile":484},"2026-01-23",0.59365,{"date":486,"score":139,"percentile":487},"2026-01-24",0.59373,{"date":489,"score":139,"percentile":490},"2026-01-25",0.59338,{"date":492,"score":139,"percentile":451},"2026-01-26",{"date":494,"score":139,"percentile":495},"2026-01-27",0.59336,{"date":497,"score":139,"percentile":448},"2026-01-28",{"date":499,"score":139,"percentile":500},"2026-01-29",0.59344,{"date":502,"score":139,"percentile":500},"2026-01-30",{"date":504,"score":139,"percentile":505},"2026-01-31",0.5935,{"date":507,"score":139,"percentile":508},"2026-02-01",0.59489,[510],{"source":143,"cvss_v2_0":511,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":141,"baseSeverity":9,"vectorString":144,"impactScore":512,"exploitabilityScore":513},10,3.9,[515,527,536,543,550,555,561,566],{"ecosystem":9,"name":516,"vendor":517,"product":516,"cpe_part":518,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":519},"fedora","fedoraproject","o",[520,523,525],{"version":521,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"21","cpe",{"version":524,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"22",{"version":526,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"23",{"ecosystem":9,"name":528,"vendor":528,"product":528,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":530},"qemu","a",[531],{"version":532,"is_range":533,"range_type":522,"version_start":9,"version_start_type":9,"version_end":534,"version_end_type":535,"fixed_in":9},"lte2.3.0",true,"2.3.0","including",{"ecosystem":9,"name":537,"vendor":538,"product":539,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":540},"linux enterprise debuginfo","suse","linux_enterprise_debuginfo",[541],{"version":542,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11:sp4",{"ecosystem":9,"name":544,"vendor":538,"product":545,"cpe_part":518,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":546},"linux enterprise desktop","linux_enterprise_desktop",[547,548],{"version":542,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":549,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12",{"ecosystem":9,"name":551,"vendor":538,"product":552,"cpe_part":518,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":553},"linux enterprise server","linux_enterprise_server",[554],{"version":542,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":556,"vendor":538,"product":557,"cpe_part":518,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":558},"linux enterprise software development kit","linux_enterprise_software_development_kit",[559,560],{"version":542,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":549,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":562,"vendor":538,"product":563,"cpe_part":518,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":564},"suse linux enterprise server","suse_linux_enterprise_server",[565],{"version":549,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":567,"vendor":567,"product":567,"cpe_part":518,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":568},"xen",[569,572],{"version":570,"is_range":533,"range_type":522,"version_start":9,"version_start_type":9,"version_end":571,"version_end_type":535,"fixed_in":9},"lte4.5.0","4.5.0",{"version":573,"is_range":137,"range_type":522,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.5.1"]