[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-10028":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":39,"related":40,"reserved_at":9,"published_at":44,"modified_at":45,"state":46,"summary":47,"references_raw":56,"kevs":96,"epss":97,"epss_history":100,"metrics":366,"affected":377},"CVE-2016-10028","The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37],{"_key":28},"OPENSUSE-SU-2024:11287-1",{"_key":30},"SUSE-SU-2017:0625-1",{"_key":32},"SUSE-SU-2017:1774-1",{"_key":34},"UBUNTU-CVE-2016-10028",{"_key":36},"USN-3261-1",{"_key":38},"DEBIAN-CVE-2016-10028",[],[41,42,43],{"_key":28},{"_key":30},{"_key":32},"2017-02-27T22:00:00.000Z","2024-08-06T03:07:31.983Z","Modified",{"cisa_kev":48,"cisa_ransomware":48,"cisa_vendor":9,"epss_severity":49,"epss_score":50,"severity":51,"severity_score":52,"severity_version":53,"severity_source":54,"severity_vector":55,"severity_status":46},false,"low",0.00087,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[57,63,70,75,81,88,92],{"url":58,"sources":59,"tags":61},"http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=abd7f08b2353f43274b785db8c7224f082ef4d31",[60,54],"cve.org",[62],"X Refsource CONFIRM",{"url":64,"sources":65,"tags":66},"http://www.securitytracker.com/id/1037525",[60,54],[67,68,69],"VDB Entry","X Refsource SECTRACK","Third Party Advisory",{"url":71,"sources":72,"tags":73},"http://www.securityfocus.com/bid/94981",[60,54],[67,74,69],"X Refsource BID",{"url":76,"sources":77,"tags":78},"https://security.gentoo.org/glsa/201701-49",[60,54],[79,80,69],"Vendor Advisory","X Refsource GENTOO",{"url":82,"sources":83,"tags":84},"https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg01903.html",[60,54],[85,86,87,79],"Mailing List","X Refsource MLIST","Patch",{"url":89,"sources":90,"tags":91},"http://www.openwall.com/lists/oss-security/2016/12/20/1",[60,54],[85,86,87,69],{"url":93,"sources":94,"tags":95},"http://www.openwall.com/lists/oss-security/2016/12/22/14",[60,54],[85,86,87,69],[],{"date":98,"score":50,"percentile":99},"2026-06-04",0.24929,[101,104,107,110,113,116,119,122,125,128,131,133,136,139,142,145,148,151,154,157,160,163,166,169,172,175,178,181,184,186,189,192,195,198,201,204,207,210,213,216,219,222,225,228,231,234,237,240,243,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,320,323,325,328,331,334,337,340,343,345,348,351,354,357,360,363],{"date":102,"score":50,"percentile":103},"2025-11-04",0.25742,{"date":105,"score":50,"percentile":106},"2025-11-05",0.25721,{"date":108,"score":50,"percentile":109},"2025-11-06",0.25728,{"date":111,"score":50,"percentile":112},"2025-11-07",0.25729,{"date":114,"score":50,"percentile":115},"2025-11-08",0.25724,{"date":117,"score":50,"percentile":118},"2025-11-09",0.25683,{"date":120,"score":50,"percentile":121},"2025-11-10",0.25646,{"date":123,"score":50,"percentile":124},"2025-11-11",0.25656,{"date":126,"score":50,"percentile":127},"2025-11-12",0.25685,{"date":129,"score":50,"percentile":130},"2025-11-13",0.25687,{"date":132,"score":50,"percentile":118},"2025-11-14",{"date":134,"score":50,"percentile":135},"2025-11-15",0.25677,{"date":137,"score":50,"percentile":138},"2025-11-16",0.25631,{"date":140,"score":50,"percentile":141},"2025-11-17",0.25587,{"date":143,"score":50,"percentile":144},"2025-11-18",0.21057,{"date":146,"score":50,"percentile":147},"2025-11-19",0.21066,{"date":149,"score":50,"percentile":150},"2025-11-20",0.21038,{"date":152,"score":50,"percentile":153},"2025-11-21",0.25514,{"date":155,"score":50,"percentile":156},"2025-11-22",0.25513,{"date":158,"score":50,"percentile":159},"2025-11-23",0.25461,{"date":161,"score":50,"percentile":162},"2025-11-24",0.25438,{"date":164,"score":50,"percentile":165},"2025-11-25",0.25424,{"date":167,"score":50,"percentile":168},"2025-11-26",0.2541,{"date":170,"score":50,"percentile":171},"2025-11-27",0.25413,{"date":173,"score":50,"percentile":174},"2025-11-28",0.25388,{"date":176,"score":50,"percentile":177},"2025-11-29",0.25377,{"date":179,"score":50,"percentile":180},"2025-11-30",0.2535,{"date":182,"score":50,"percentile":183},"2025-12-01",0.25385,{"date":185,"score":50,"percentile":168},"2025-12-02",{"date":187,"score":50,"percentile":188},"2025-12-03",0.25418,{"date":190,"score":50,"percentile":191},"2025-12-04",0.25351,{"date":193,"score":50,"percentile":194},"2025-12-05",0.25405,{"date":196,"score":50,"percentile":197},"2025-12-06",0.25406,{"date":199,"score":50,"percentile":200},"2025-12-07",0.2537,{"date":202,"score":50,"percentile":203},"2025-12-08",0.25372,{"date":205,"score":50,"percentile":206},"2025-12-09",0.25421,{"date":208,"score":50,"percentile":209},"2025-12-10",0.25485,{"date":211,"score":50,"percentile":212},"2025-12-11",0.25502,{"date":214,"score":50,"percentile":215},"2025-12-12",0.25516,{"date":217,"score":50,"percentile":218},"2025-12-13",0.25521,{"date":220,"score":50,"percentile":221},"2025-12-14",0.25492,{"date":223,"score":50,"percentile":224},"2025-12-15",0.25462,{"date":226,"score":50,"percentile":227},"2025-12-16",0.25477,{"date":229,"score":50,"percentile":230},"2025-12-17",0.25552,{"date":232,"score":50,"percentile":233},"2025-12-18",0.2561,{"date":235,"score":50,"percentile":236},"2025-12-19",0.25626,{"date":238,"score":50,"percentile":239},"2025-12-20",0.25595,{"date":241,"score":50,"percentile":242},"2025-12-21",0.25542,{"date":244,"score":50,"percentile":245},"2025-12-22",0.25501,{"date":247,"score":50,"percentile":248},"2025-12-23",0.2547,{"date":250,"score":50,"percentile":251},"2025-12-24",0.2548,{"date":253,"score":50,"percentile":254},"2025-12-25",0.25554,{"date":256,"score":50,"percentile":257},"2025-12-26",0.25543,{"date":259,"score":50,"percentile":260},"2025-12-27",0.25541,{"date":262,"score":50,"percentile":263},"2025-12-28",0.25414,{"date":265,"score":50,"percentile":266},"2025-12-29",0.25387,{"date":268,"score":50,"percentile":269},"2025-12-30",0.25384,{"date":271,"score":50,"percentile":272},"2025-12-31",0.25446,{"date":274,"score":50,"percentile":275},"2026-01-01",0.25546,{"date":277,"score":50,"percentile":278},"2026-01-02",0.25539,{"date":280,"score":50,"percentile":281},"2026-01-03",0.25525,{"date":283,"score":50,"percentile":284},"2026-01-04",0.25428,{"date":286,"score":50,"percentile":287},"2026-01-05",0.25408,{"date":289,"score":50,"percentile":290},"2026-01-06",0.25416,{"date":292,"score":50,"percentile":293},"2026-01-07",0.25443,{"date":295,"score":50,"percentile":296},"2026-01-08",0.25488,{"date":298,"score":50,"percentile":299},"2026-01-09",0.25466,{"date":301,"score":50,"percentile":302},"2026-01-10",0.25445,{"date":304,"score":50,"percentile":305},"2026-01-11",0.25423,{"date":307,"score":50,"percentile":308},"2026-01-12",0.25379,{"date":310,"score":50,"percentile":311},"2026-01-13",0.25355,{"date":313,"score":50,"percentile":314},"2026-01-14",0.25404,{"date":316,"score":50,"percentile":317},"2026-01-15",0.25394,{"date":319,"score":50,"percentile":284},"2026-01-16",{"date":321,"score":50,"percentile":322},"2026-01-17",0.25435,{"date":324,"score":50,"percentile":266},"2026-01-18",{"date":326,"score":50,"percentile":327},"2026-01-19",0.25339,{"date":329,"score":50,"percentile":330},"2026-01-20",0.25318,{"date":332,"score":50,"percentile":333},"2026-01-21",0.25263,{"date":335,"score":50,"percentile":336},"2026-01-22",0.25244,{"date":338,"score":50,"percentile":339},"2026-01-23",0.25323,{"date":341,"score":50,"percentile":342},"2026-01-24",0.2533,{"date":344,"score":50,"percentile":336},"2026-01-25",{"date":346,"score":50,"percentile":347},"2026-01-26",0.2515,{"date":349,"score":50,"percentile":350},"2026-01-27",0.25133,{"date":352,"score":50,"percentile":353},"2026-01-28",0.2513,{"date":355,"score":50,"percentile":356},"2026-01-29",0.25092,{"date":358,"score":50,"percentile":359},"2026-01-30",0.25075,{"date":361,"score":50,"percentile":362},"2026-01-31",0.25068,{"date":364,"score":50,"percentile":365},"2026-02-01",0.25117,[367],{"source":54,"cvss_v2_0":368,"cvss_v3_0":9,"cvss_v3_1":373,"cvss_v4_0":9},{"baseScore":369,"baseSeverity":9,"vectorString":370,"impactScore":371,"exploitabilityScore":372},2.1,"AV:L/AC:L/Au:N/C:N/I:N/A:P",2.9,3.9,{"baseScore":52,"baseSeverity":374,"vectorString":55,"impactScore":375,"exploitabilityScore":376},"MEDIUM",6,4.6,[378],{"ecosystem":9,"name":379,"vendor":379,"product":379,"cpe_part":380,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":381},"qemu","a",[382],{"version":383,"is_range":384,"range_type":385,"version_start":9,"version_start_type":9,"version_end":386,"version_end_type":387,"fixed_in":9},"lte2.8.1.1",true,"cpe","2.8.1.1","including"]