[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-10012":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":98,"related":99,"reserved_at":9,"published_at":107,"modified_at":108,"state":109,"summary":110,"references_raw":119,"kevs":174,"epss":175,"epss_history":178,"metrics":438,"affected":453},"CVE-2016-10012","The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96],{"_key":73},"ALPINE-CVE-2016-10012",{"_key":75},"SUSE-SU-2018:2685-1",{"_key":77},"SUSE-SU-2017:0264-1",{"_key":79},"SUSE-SU-2018:2275-1",{"_key":81},"SUSE-SU-2018:2719-1",{"_key":83},"SUSE-SU-2018:3540-1",{"_key":85},"OPENSUSE-SU-2024:11124-1",{"_key":87},"DLA-1500-1",{"_key":89},"MGASA-2018-0006",{"_key":91},"DEBIAN-CVE-2016-10012",{"_key":93},"RHSA-2017:2029",{"_key":95},"UBUNTU-CVE-2016-10012",{"_key":97},"USN-3538-1",[],[100,101,102,103,104,105,106],{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":89},"2017-01-05T00:00:00.000Z","2026-05-29T20:48:17.999Z","Modified",{"cisa_kev":111,"cisa_ransomware":111,"cisa_vendor":9,"epss_severity":112,"epss_score":113,"severity":114,"severity_score":115,"severity_version":116,"severity_source":117,"severity_vector":118,"severity_status":109},false,"low",0.00022,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[120,125,131,136,140,144,149,153,157,161,166,170],{"url":121,"sources":122,"tags":124},"https://security.netapp.com/advisory/ntap-20171130-0002/",[123,117],"cve.org",[],{"url":126,"sources":127,"tags":128},"http://www.openwall.com/lists/oss-security/2016/12/19/2",[123,117],[129,130],"Mailing List","Release Notes",{"url":132,"sources":133,"tags":134},"http://www.securitytracker.com/id/1037490",[123,117],[135],"VDB Entry",{"url":137,"sources":138,"tags":139},"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us",[123,117],[],{"url":141,"sources":142,"tags":143},"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637",[123,117],[],{"url":145,"sources":146,"tags":147},"https://access.redhat.com/errata/RHSA-2017:2029",[123,117],[148],"Vendor Advisory",{"url":150,"sources":151,"tags":152},"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html",[123,117],[129],{"url":154,"sources":155,"tags":156},"https://www.openssh.com/txt/release-7.4",[123,117],[],{"url":158,"sources":159,"tags":160},"http://www.securityfocus.com/bid/94975",[123,117],[135],{"url":162,"sources":163,"tags":164},"https://github.com/openbsd/src/commit/3095060f479b86288e31c79ecbc5131a66bcd2f9",[123,117],[165,148],"Patch",{"url":167,"sources":168,"tags":169},"https://support.f5.com/csp/article/K62201745?utm_source=f5support&amp%3Butm_medium=RSS",[123,117],[],{"url":171,"sources":172,"tags":173},"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",[123,117],[],[],{"date":176,"score":113,"percentile":177},"2026-06-04",0.06446,[179,183,186,189,192,195,198,201,204,207,210,213,216,218,221,224,227,230,233,236,239,242,245,248,251,254,256,259,263,266,269,272,275,278,281,284,287,290,293,296,299,302,305,308,311,314,317,320,323,326,328,330,333,336,340,343,345,347,350,353,356,359,361,363,366,368,371,374,377,380,383,386,388,391,393,396,399,402,405,408,411,413,415,418,421,424,426,429,432,435],{"date":180,"score":181,"percentile":182},"2025-11-04",0.00016,0.02399,{"date":184,"score":181,"percentile":185},"2025-11-05",0.02426,{"date":187,"score":181,"percentile":188},"2025-11-06",0.02451,{"date":190,"score":181,"percentile":191},"2025-11-07",0.02464,{"date":193,"score":181,"percentile":194},"2025-11-08",0.02471,{"date":196,"score":181,"percentile":197},"2025-11-09",0.02472,{"date":199,"score":181,"percentile":200},"2025-11-10",0.02444,{"date":202,"score":181,"percentile":203},"2025-11-11",0.02458,{"date":205,"score":181,"percentile":206},"2025-11-12",0.0247,{"date":208,"score":181,"percentile":209},"2025-11-13",0.02518,{"date":211,"score":181,"percentile":212},"2025-11-14",0.02536,{"date":214,"score":181,"percentile":215},"2025-11-15",0.02567,{"date":217,"score":181,"percentile":215},"2025-11-16",{"date":219,"score":181,"percentile":220},"2025-11-17",0.02555,{"date":222,"score":181,"percentile":223},"2025-11-18",0.01595,{"date":225,"score":181,"percentile":226},"2025-11-19",0.01615,{"date":228,"score":181,"percentile":229},"2025-11-20",0.01639,{"date":231,"score":181,"percentile":232},"2025-11-21",0.02638,{"date":234,"score":181,"percentile":235},"2025-11-22",0.02636,{"date":237,"score":181,"percentile":238},"2025-11-23",0.02629,{"date":240,"score":181,"percentile":241},"2025-11-24",0.02618,{"date":243,"score":181,"percentile":244},"2025-11-25",0.02597,{"date":246,"score":181,"percentile":247},"2025-11-26",0.02576,{"date":249,"score":181,"percentile":250},"2025-11-27",0.02568,{"date":252,"score":181,"percentile":253},"2025-11-28",0.02577,{"date":255,"score":181,"percentile":238},"2025-11-29",{"date":257,"score":181,"percentile":258},"2025-11-30",0.02632,{"date":260,"score":261,"percentile":262},"2025-12-01",0.00021,0.04638,{"date":264,"score":261,"percentile":265},"2025-12-02",0.04653,{"date":267,"score":261,"percentile":268},"2025-12-03",0.04675,{"date":270,"score":181,"percentile":271},"2025-12-04",0.02625,{"date":273,"score":181,"percentile":274},"2025-12-05",0.02635,{"date":276,"score":181,"percentile":277},"2025-12-06",0.02649,{"date":279,"score":181,"percentile":280},"2025-12-07",0.02659,{"date":282,"score":181,"percentile":283},"2025-12-08",0.02655,{"date":285,"score":181,"percentile":286},"2025-12-09",0.02675,{"date":288,"score":181,"percentile":289},"2025-12-10",0.02703,{"date":291,"score":181,"percentile":292},"2025-12-11",0.02707,{"date":294,"score":181,"percentile":295},"2025-12-12",0.0272,{"date":297,"score":181,"percentile":298},"2025-12-13",0.02687,{"date":300,"score":181,"percentile":301},"2025-12-14",0.02688,{"date":303,"score":181,"percentile":304},"2025-12-15",0.02682,{"date":306,"score":181,"percentile":307},"2025-12-16",0.02679,{"date":309,"score":181,"percentile":310},"2025-12-17",0.02694,{"date":312,"score":181,"percentile":313},"2025-12-18",0.02698,{"date":315,"score":181,"percentile":316},"2025-12-19",0.02704,{"date":318,"score":181,"percentile":319},"2025-12-20",0.02699,{"date":321,"score":181,"percentile":322},"2025-12-21",0.02701,{"date":324,"score":181,"percentile":325},"2025-12-22",0.02702,{"date":327,"score":181,"percentile":316},"2025-12-23",{"date":329,"score":181,"percentile":292},"2025-12-24",{"date":331,"score":181,"percentile":332},"2025-12-25",0.02714,{"date":334,"score":181,"percentile":335},"2025-12-26",0.02717,{"date":337,"score":338,"percentile":339},"2025-12-27",0.00032,0.08717,{"date":341,"score":181,"percentile":342},"2025-12-28",0.02711,{"date":344,"score":181,"percentile":322},"2025-12-29",{"date":346,"score":181,"percentile":319},"2025-12-30",{"date":348,"score":181,"percentile":349},"2025-12-31",0.02693,{"date":351,"score":261,"percentile":352},"2026-01-01",0.04921,{"date":354,"score":261,"percentile":355},"2026-01-02",0.04918,{"date":357,"score":261,"percentile":358},"2026-01-03",0.04903,{"date":360,"score":181,"percentile":304},"2026-01-04",{"date":362,"score":181,"percentile":298},"2026-01-05",{"date":364,"score":181,"percentile":365},"2026-01-06",0.02683,{"date":367,"score":181,"percentile":325},"2026-01-07",{"date":369,"score":181,"percentile":370},"2026-01-08",0.02731,{"date":372,"score":181,"percentile":373},"2026-01-09",0.02744,{"date":375,"score":181,"percentile":376},"2026-01-10",0.02743,{"date":378,"score":181,"percentile":379},"2026-01-11",0.02728,{"date":381,"score":181,"percentile":382},"2026-01-12",0.02685,{"date":384,"score":181,"percentile":385},"2026-01-13",0.02678,{"date":387,"score":181,"percentile":304},"2026-01-14",{"date":389,"score":181,"percentile":390},"2026-01-15",0.02673,{"date":392,"score":181,"percentile":390},"2026-01-16",{"date":394,"score":181,"percentile":395},"2026-01-17",0.02674,{"date":397,"score":181,"percentile":398},"2026-01-18",0.02834,{"date":400,"score":181,"percentile":401},"2026-01-19",0.02824,{"date":403,"score":181,"percentile":404},"2026-01-20",0.02813,{"date":406,"score":181,"percentile":407},"2026-01-21",0.02806,{"date":409,"score":181,"percentile":410},"2026-01-22",0.02803,{"date":412,"score":181,"percentile":283},"2026-01-23",{"date":414,"score":181,"percentile":286},"2026-01-24",{"date":416,"score":181,"percentile":417},"2026-01-25",0.02672,{"date":419,"score":181,"percentile":420},"2026-01-26",0.02668,{"date":422,"score":181,"percentile":423},"2026-01-27",0.02667,{"date":425,"score":181,"percentile":417},"2026-01-28",{"date":427,"score":181,"percentile":428},"2026-01-29",0.02695,{"date":430,"score":181,"percentile":431},"2026-01-30",0.027,{"date":433,"score":181,"percentile":434},"2026-01-31",0.02721,{"date":436,"score":261,"percentile":437},"2026-02-01",0.04736,[439,451],{"source":117,"cvss_v2_0":440,"cvss_v3_0":445,"cvss_v3_1":450,"cvss_v4_0":9},{"baseScore":441,"baseSeverity":9,"vectorString":442,"impactScore":443,"exploitabilityScore":444},7.2,"AV:L/AC:L/Au:N/C:C/I:C/A:C",10,3.9,{"baseScore":115,"baseSeverity":446,"vectorString":447,"impactScore":448,"exploitabilityScore":449},"HIGH","CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",9.8,4.6,{"baseScore":115,"baseSeverity":446,"vectorString":118,"impactScore":448,"exploitabilityScore":449},{"source":123,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":452,"cvss_v4_0":9},{"baseScore":115,"baseSeverity":446,"vectorString":118,"impactScore":448,"exploitabilityScore":449},[454],{"ecosystem":9,"name":455,"vendor":456,"product":455,"cpe_part":457,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":458},"openssh","openbsd","a",[459],{"version":460,"is_range":461,"range_type":462,"version_start":9,"version_start_type":9,"version_end":463,"version_end_type":464,"fixed_in":9},"lte7.3",true,"cpe","7.3","including"]