[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-10011":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":75,"aliases":76,"duplicate_of":9,"upstream":77,"downstream":78,"duplicates":107,"related":108,"reserved_at":9,"published_at":117,"modified_at":118,"state":119,"summary":120,"references_raw":129,"kevs":184,"epss":185,"epss_history":188,"metrics":452,"affected":469},"CVE-2016-10011","authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",null,[11,18],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-320","Key Management Errors","Weaknesses in this category are related to errors in the management of cryptographic keys.","category","Obsolete",[],{"_key":19,"id":19,"name":20,"description":21,"type":22,"status":23,"abstraction":24,"likelihood_of_exploit":25,"capec":26},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[27,31,35,39,43,47,51,55,59,63,67,71],{"id":28,"name":29,"techniques":30},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":32,"name":33,"techniques":34},"CAPEC-100","Overflow Buffers",[],{"id":36,"name":37,"techniques":38},"CAPEC-123","Buffer Manipulation",[],{"id":40,"name":41,"techniques":42},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":44,"name":45,"techniques":46},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":48,"name":49,"techniques":50},"CAPEC-42","MIME Conversion",[],{"id":52,"name":53,"techniques":54},"CAPEC-44","Overflow Binary Resource File",[],{"id":56,"name":57,"techniques":58},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":60,"name":61,"techniques":62},"CAPEC-46","Overflow Variables and Tags",[],{"id":64,"name":65,"techniques":66},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":68,"name":69,"techniques":70},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":72,"name":73,"techniques":74},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[79,81,83,85,87,89,91,93,95,97,99,101,103,105],{"_key":80},"ALPINE-CVE-2016-10011",{"_key":82},"SUSE-SU-2017:1661-1",{"_key":84},"SUSE-SU-2017:0264-1",{"_key":86},"SUSE-SU-2017:0603-1",{"_key":88},"SUSE-SU-2017:0606-1",{"_key":90},"SUSE-SU-2017:0607-1",{"_key":92},"SUSE-SU-2017:0607-2",{"_key":94},"SUSE-SU-2017:0607-3",{"_key":96},"OPENSUSE-SU-2024:11124-1",{"_key":98},"DLA-1500-1",{"_key":100},"DEBIAN-CVE-2016-10011",{"_key":102},"RHSA-2017:2029",{"_key":104},"UBUNTU-CVE-2016-10011",{"_key":106},"USN-3538-1",[],[109,110,111,112,113,114,115,116],{"_key":82},{"_key":84},{"_key":86},{"_key":88},{"_key":90},{"_key":92},{"_key":94},{"_key":96},"2017-01-05T00:00:00.000Z","2026-05-29T20:19:06.040Z","Modified",{"cisa_kev":121,"cisa_ransomware":121,"cisa_vendor":9,"epss_severity":122,"epss_score":123,"severity":124,"severity_score":125,"severity_version":126,"severity_source":127,"severity_vector":128,"severity_status":119},false,"low",0.00015,"medium",6.2,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",[130,135,141,146,151,155,159,164,168,172,176,180],{"url":131,"sources":132,"tags":134},"https://security.netapp.com/advisory/ntap-20171130-0002/",[133,127],"cve.org",[],{"url":136,"sources":137,"tags":138},"http://www.openwall.com/lists/oss-security/2016/12/19/2",[133,127],[139,140],"Mailing List","Release Notes",{"url":142,"sources":143,"tags":144},"http://www.securitytracker.com/id/1037490",[133,127],[145],"VDB Entry",{"url":147,"sources":148,"tags":149},"https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9",[133,127],[150],"Patch",{"url":152,"sources":153,"tags":154},"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us",[133,127],[],{"url":156,"sources":157,"tags":158},"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637",[133,127],[],{"url":160,"sources":161,"tags":162},"https://access.redhat.com/errata/RHSA-2017:2029",[133,127],[163],"Vendor Advisory",{"url":165,"sources":166,"tags":167},"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html",[133,127],[139],{"url":169,"sources":170,"tags":171},"http://www.securityfocus.com/bid/94977",[133,127],[145],{"url":173,"sources":174,"tags":175},"https://www.openssh.com/txt/release-7.4",[133,127],[],{"url":177,"sources":178,"tags":179},"https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf",[133,127],[],{"url":181,"sources":182,"tags":183},"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",[133,127],[],[],{"date":186,"score":123,"percentile":187},"2026-06-04",0.03033,[189,193,196,199,202,205,208,211,214,217,220,223,226,228,231,234,237,240,243,246,249,252,255,258,261,263,266,269,273,276,279,281,284,287,290,292,295,298,301,304,307,310,313,316,319,322,325,327,330,333,336,339,342,345,349,352,354,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402,404,407,409,412,415,418,421,424,427,429,432,435,438,441,444,447,449],{"date":190,"score":191,"percentile":192},"2025-11-04",0.00017,0.02771,{"date":194,"score":191,"percentile":195},"2025-11-05",0.02798,{"date":197,"score":191,"percentile":198},"2025-11-06",0.02825,{"date":200,"score":191,"percentile":201},"2025-11-07",0.02835,{"date":203,"score":191,"percentile":204},"2025-11-08",0.02844,{"date":206,"score":191,"percentile":207},"2025-11-09",0.02847,{"date":209,"score":191,"percentile":210},"2025-11-10",0.02826,{"date":212,"score":191,"percentile":213},"2025-11-11",0.02848,{"date":215,"score":191,"percentile":216},"2025-11-12",0.02862,{"date":218,"score":191,"percentile":219},"2025-11-13",0.02891,{"date":221,"score":191,"percentile":222},"2025-11-14",0.02911,{"date":224,"score":191,"percentile":225},"2025-11-15",0.0294,{"date":227,"score":191,"percentile":225},"2025-11-16",{"date":229,"score":191,"percentile":230},"2025-11-17",0.02925,{"date":232,"score":191,"percentile":233},"2025-11-18",0.01877,{"date":235,"score":191,"percentile":236},"2025-11-19",0.01898,{"date":238,"score":191,"percentile":239},"2025-11-20",0.01924,{"date":241,"score":191,"percentile":242},"2025-11-21",0.03013,{"date":244,"score":191,"percentile":245},"2025-11-22",0.0301,{"date":247,"score":191,"percentile":248},"2025-11-23",0.03003,{"date":250,"score":191,"percentile":251},"2025-11-24",0.02993,{"date":253,"score":191,"percentile":254},"2025-11-25",0.02974,{"date":256,"score":191,"percentile":257},"2025-11-26",0.02953,{"date":259,"score":191,"percentile":260},"2025-11-27",0.02952,{"date":262,"score":191,"percentile":257},"2025-11-28",{"date":264,"score":191,"percentile":265},"2025-11-29",0.03004,{"date":267,"score":191,"percentile":268},"2025-11-30",0.03005,{"date":270,"score":271,"percentile":272},"2025-12-01",0.00018,0.03785,{"date":274,"score":271,"percentile":275},"2025-12-02",0.03798,{"date":277,"score":271,"percentile":278},"2025-12-03",0.03811,{"date":280,"score":191,"percentile":265},"2025-12-04",{"date":282,"score":191,"percentile":283},"2025-12-05",0.03024,{"date":285,"score":191,"percentile":286},"2025-12-06",0.03044,{"date":288,"score":191,"percentile":289},"2025-12-07",0.03048,{"date":291,"score":191,"percentile":286},"2025-12-08",{"date":293,"score":191,"percentile":294},"2025-12-09",0.03062,{"date":296,"score":191,"percentile":297},"2025-12-10",0.03101,{"date":299,"score":191,"percentile":300},"2025-12-11",0.03102,{"date":302,"score":191,"percentile":303},"2025-12-12",0.03113,{"date":305,"score":191,"percentile":306},"2025-12-13",0.03086,{"date":308,"score":191,"percentile":309},"2025-12-14",0.0309,{"date":311,"score":191,"percentile":312},"2025-12-15",0.03081,{"date":314,"score":191,"percentile":315},"2025-12-16",0.03079,{"date":317,"score":191,"percentile":318},"2025-12-17",0.03096,{"date":320,"score":191,"percentile":321},"2025-12-18",0.03105,{"date":323,"score":191,"percentile":324},"2025-12-19",0.03106,{"date":326,"score":191,"percentile":297},"2025-12-20",{"date":328,"score":191,"percentile":329},"2025-12-21",0.03111,{"date":331,"score":191,"percentile":332},"2025-12-22",0.03107,{"date":334,"score":191,"percentile":335},"2025-12-23",0.03117,{"date":337,"score":191,"percentile":338},"2025-12-24",0.03119,{"date":340,"score":191,"percentile":341},"2025-12-25",0.03124,{"date":343,"score":191,"percentile":344},"2025-12-26",0.03122,{"date":346,"score":347,"percentile":348},"2025-12-27",0.00025,0.06213,{"date":350,"score":191,"percentile":351},"2025-12-28",0.03112,{"date":353,"score":191,"percentile":321},"2025-12-29",{"date":355,"score":191,"percentile":356},"2025-12-30",0.03103,{"date":358,"score":191,"percentile":359},"2025-12-31",0.03095,{"date":361,"score":271,"percentile":362},"2026-01-01",0.04032,{"date":364,"score":271,"percentile":365},"2026-01-02",0.0403,{"date":367,"score":271,"percentile":368},"2026-01-03",0.04018,{"date":370,"score":191,"percentile":371},"2026-01-04",0.03082,{"date":373,"score":191,"percentile":374},"2026-01-05",0.03083,{"date":376,"score":191,"percentile":377},"2026-01-06",0.0308,{"date":379,"score":191,"percentile":380},"2026-01-07",0.03104,{"date":382,"score":191,"percentile":383},"2026-01-08",0.03131,{"date":385,"score":191,"percentile":386},"2026-01-09",0.03144,{"date":388,"score":191,"percentile":389},"2026-01-10",0.03148,{"date":391,"score":191,"percentile":392},"2026-01-11",0.03134,{"date":394,"score":191,"percentile":395},"2026-01-12",0.03097,{"date":397,"score":191,"percentile":398},"2026-01-13",0.03088,{"date":400,"score":191,"percentile":401},"2026-01-14",0.03098,{"date":403,"score":191,"percentile":398},"2026-01-15",{"date":405,"score":191,"percentile":406},"2026-01-16",0.03089,{"date":408,"score":191,"percentile":406},"2026-01-17",{"date":410,"score":191,"percentile":411},"2026-01-18",0.03287,{"date":413,"score":191,"percentile":414},"2026-01-19",0.03267,{"date":416,"score":191,"percentile":417},"2026-01-20",0.03261,{"date":419,"score":191,"percentile":420},"2026-01-21",0.03245,{"date":422,"score":191,"percentile":423},"2026-01-22",0.03249,{"date":425,"score":191,"percentile":426},"2026-01-23",0.03069,{"date":428,"score":191,"percentile":374},"2026-01-24",{"date":430,"score":191,"percentile":431},"2026-01-25",0.03071,{"date":433,"score":191,"percentile":434},"2026-01-26",0.03057,{"date":436,"score":191,"percentile":437},"2026-01-27",0.03056,{"date":439,"score":191,"percentile":440},"2026-01-28",0.03059,{"date":442,"score":191,"percentile":443},"2026-01-29",0.03084,{"date":445,"score":191,"percentile":446},"2026-01-30",0.03085,{"date":448,"score":191,"percentile":324},"2026-01-31",{"date":450,"score":271,"percentile":451},"2026-02-01",0.03861,[453,467],{"source":127,"cvss_v2_0":454,"cvss_v3_0":459,"cvss_v3_1":465,"cvss_v4_0":9},{"baseScore":455,"baseSeverity":9,"vectorString":456,"impactScore":457,"exploitabilityScore":458},2.1,"AV:L/AC:L/Au:N/C:P/I:N/A:N",2.9,3.9,{"baseScore":460,"baseSeverity":461,"vectorString":462,"impactScore":463,"exploitabilityScore":464},5.5,"MEDIUM","CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",6,4.6,{"baseScore":125,"baseSeverity":461,"vectorString":128,"impactScore":463,"exploitabilityScore":466},6.4,{"source":133,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":468,"cvss_v4_0":9},{"baseScore":125,"baseSeverity":461,"vectorString":128,"impactScore":463,"exploitabilityScore":466},[470],{"ecosystem":9,"name":471,"vendor":472,"product":471,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":474},"openssh","openbsd","a",[475],{"version":476,"is_range":477,"range_type":478,"version_start":9,"version_start_type":9,"version_end":479,"version_end_type":480,"fixed_in":9},"lte7.3",true,"cpe","7.3","including"]