[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-1839":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":47,"duplicate_of":9,"upstream":48,"downstream":49,"duplicates":74,"related":75,"reserved_at":9,"published_at":82,"modified_at":83,"state":84,"summary":85,"references_raw":93,"kevs":206,"epss":207,"epss_history":210,"metrics":457,"affected":468},"CVE-2016-1839","The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[24,33],{"_key":25,"name":26,"source":27,"url":28,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":32,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_46C7ACC892106FA7","Exploit Reference (bugzilla.gnome.org)","reference","https://bugzilla.gnome.org/show_bug.cgi?id=758605","unknown",0.2,false,[],{"_key":34,"name":35,"source":36,"url":37,"maturity":38,"reliability_score":39,"verified":40,"type":41,"platforms":42,"requires_auth":9,"exploitdb":44,"metasploit":9},"39491","libxml2 - xmlDictAddString Heap Buffer Overread","exploit-database","https://www.exploit-db.com/exploits/39491","poc",0.8,true,"dos",[43],"linux",{"verified":40,"type":41,"platform":43,"file":45,"codes":46},"exploits/linux/dos/39491.txt",[7],[],[],[50,52,54,56,58,60,62,64,66,68,70,72],{"_key":51},"SUSE-SU-2016:1538-1",{"_key":53},"SUSE-SU-2016:1604-1",{"_key":55},"SUSE-SU-2017:1454-1",{"_key":57},"OPENSUSE-SU-2024:10192-1",{"_key":59},"OPENSUSE-SU-2024:10228-1",{"_key":61},"DLA-503-1",{"_key":63},"DSA-3593-1",{"_key":65},"MGASA-2016-0263",{"_key":67},"UBUNTU-CVE-2016-1839",{"_key":69},"USN-2994-1",{"_key":71},"DEBIAN-CVE-2016-1839",{"_key":73},"RHSA-2016:1292",[],[76,77,78,79,80,81],{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":65},"2016-05-20T10:00:00.000Z","2024-08-05T23:10:39.919Z","Modified",{"cisa_kev":31,"cisa_ransomware":31,"cisa_vendor":9,"epss_severity":86,"epss_score":87,"severity":88,"severity_score":89,"severity_version":90,"severity_source":91,"severity_vector":92,"severity_status":84},"low",0.04546,"medium",5.5,"v3.0","nvd","CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",[94,101,106,112,117,121,125,131,136,141,147,152,156,160,164,168,172,176,180,185,190,194,198,202],{"url":95,"sources":96,"tags":98},"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",[97,91],"cve.org",[99,100],"X Refsource CONFIRM","Third Party Advisory",{"url":102,"sources":103,"tags":104},"https://kc.mcafee.com/corporate/index?page=content&id=SB10170",[97,91],[99,105,100],"Patch",{"url":107,"sources":108,"tags":109},"https://access.redhat.com/errata/RHSA-2016:1292",[97,91],[110,111,100],"Vendor Advisory","X Refsource REDHAT",{"url":28,"sources":113,"tags":114},[97,91],[99,115,116,100],"Exploit","Issue Tracking",{"url":118,"sources":119,"tags":120},"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",[97,91],[99,100],{"url":122,"sources":123,"tags":124},"https://support.apple.com/HT206567",[97,91],[99,110],{"url":126,"sources":127,"tags":128},"http://www.securityfocus.com/bid/90691",[97,91],[129,130,100],"VDB Entry","X Refsource BID",{"url":132,"sources":133,"tags":134},"https://www.debian.org/security/2016/dsa-3593",[97,91],[110,135,100],"X Refsource DEBIAN",{"url":137,"sources":138,"tags":139},"http://xmlsoft.org/news.html",[97,91],[99,140,110],"Release Notes",{"url":142,"sources":143,"tags":144},"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html",[97,91],[110,145,146],"X Refsource APPLE","Mailing List",{"url":148,"sources":149,"tags":150},"http://www.ubuntu.com/usn/USN-2994-1",[97,91],[110,151,100],"X Refsource UBUNTU",{"url":153,"sources":154,"tags":155},"https://support.apple.com/HT206566",[97,91],[99,110],{"url":157,"sources":158,"tags":159},"https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33",[97,91],[99,105,100],{"url":161,"sources":162,"tags":163},"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",[97,91],[99,100],{"url":165,"sources":166,"tags":167},"https://www.tenable.com/security/tns-2016-18",[97,91],[99,100],{"url":169,"sources":170,"tags":171},"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html",[97,91],[110,145,146],{"url":173,"sources":174,"tags":175},"https://support.apple.com/HT206564",[97,91],[99,110],{"url":177,"sources":178,"tags":179},"http://rhn.redhat.com/errata/RHSA-2016-2957.html",[97,91],[110,111,100],{"url":181,"sources":182,"tags":183},"https://security.gentoo.org/glsa/201701-37",[97,91],[110,184,100],"X Refsource GENTOO",{"url":186,"sources":187,"tags":188},"http://www.securitytracker.com/id/1035890",[97,91],[129,189,100],"X Refsource SECTRACK",{"url":191,"sources":192,"tags":193},"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html",[97,91],[110,145,146],{"url":195,"sources":196,"tags":197},"http://www.securitytracker.com/id/1038623",[97,91],[129,189,100],{"url":199,"sources":200,"tags":201},"https://support.apple.com/HT206568",[97,91],[99,110],{"url":203,"sources":204,"tags":205},"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html",[97,91],[110,145,146],[],{"date":208,"score":87,"percentile":209},"2026-06-04",0.89369,[211,215,217,220,223,225,228,230,233,236,239,242,245,248,250,253,256,259,262,265,268,271,274,276,278,281,284,286,289,292,295,298,301,304,306,309,312,315,318,321,323,326,328,331,334,337,340,342,345,347,350,353,356,359,362,364,367,369,371,374,377,380,383,386,388,391,393,395,398,401,404,407,410,412,415,418,421,424,426,429,432,435,437,439,442,444,447,449,451,454],{"date":212,"score":213,"percentile":214},"2025-11-04",0.10773,0.92998,{"date":216,"score":213,"percentile":214},"2025-11-05",{"date":218,"score":213,"percentile":219},"2025-11-06",0.92999,{"date":221,"score":213,"percentile":222},"2025-11-07",0.93004,{"date":224,"score":213,"percentile":222},"2025-11-08",{"date":226,"score":213,"percentile":227},"2025-11-09",0.93003,{"date":229,"score":213,"percentile":227},"2025-11-10",{"date":231,"score":213,"percentile":232},"2025-11-11",0.93008,{"date":234,"score":213,"percentile":235},"2025-11-12",0.93016,{"date":237,"score":213,"percentile":238},"2025-11-13",0.93019,{"date":240,"score":213,"percentile":241},"2025-11-14",0.93021,{"date":243,"score":213,"percentile":244},"2025-11-15",0.93017,{"date":246,"score":213,"percentile":247},"2025-11-16",0.93022,{"date":249,"score":213,"percentile":238},"2025-11-17",{"date":251,"score":213,"percentile":252},"2025-11-18",0.92603,{"date":254,"score":213,"percentile":255},"2025-11-19",0.92606,{"date":257,"score":213,"percentile":258},"2025-11-20",0.92611,{"date":260,"score":213,"percentile":261},"2025-11-21",0.93036,{"date":263,"score":213,"percentile":264},"2025-11-22",0.93034,{"date":266,"score":213,"percentile":267},"2025-11-23",0.93038,{"date":269,"score":213,"percentile":270},"2025-11-24",0.93039,{"date":272,"score":213,"percentile":273},"2025-11-25",0.9304,{"date":275,"score":213,"percentile":270},"2025-11-26",{"date":277,"score":213,"percentile":267},"2025-11-27",{"date":279,"score":213,"percentile":280},"2025-11-28",0.93032,{"date":282,"score":213,"percentile":283},"2025-11-29",0.93046,{"date":285,"score":213,"percentile":283},"2025-11-30",{"date":287,"score":213,"percentile":288},"2025-12-01",0.93095,{"date":290,"score":213,"percentile":291},"2025-12-02",0.931,{"date":293,"score":213,"percentile":294},"2025-12-03",0.93103,{"date":296,"score":213,"percentile":297},"2025-12-04",0.93055,{"date":299,"score":213,"percentile":300},"2025-12-05",0.93059,{"date":302,"score":213,"percentile":303},"2025-12-06",0.93061,{"date":305,"score":213,"percentile":300},"2025-12-07",{"date":307,"score":213,"percentile":308},"2025-12-08",0.93063,{"date":310,"score":213,"percentile":311},"2025-12-09",0.93066,{"date":313,"score":213,"percentile":314},"2025-12-10",0.93071,{"date":316,"score":213,"percentile":317},"2025-12-11",0.93074,{"date":319,"score":213,"percentile":320},"2025-12-12",0.93078,{"date":322,"score":213,"percentile":320},"2025-12-13",{"date":324,"score":213,"percentile":325},"2025-12-14",0.93075,{"date":327,"score":213,"percentile":320},"2025-12-15",{"date":329,"score":213,"percentile":330},"2025-12-16",0.93081,{"date":332,"score":213,"percentile":333},"2025-12-17",0.93087,{"date":335,"score":213,"percentile":336},"2025-12-18",0.9309,{"date":338,"score":213,"percentile":339},"2025-12-19",0.93091,{"date":341,"score":213,"percentile":333},"2025-12-20",{"date":343,"score":213,"percentile":344},"2025-12-21",0.93088,{"date":346,"score":213,"percentile":336},"2025-12-22",{"date":348,"score":213,"percentile":349},"2025-12-23",0.93086,{"date":351,"score":213,"percentile":352},"2025-12-24",0.93092,{"date":354,"score":213,"percentile":355},"2025-12-25",0.93101,{"date":357,"score":213,"percentile":358},"2025-12-26",0.93099,{"date":360,"score":213,"percentile":361},"2025-12-27",0.93138,{"date":363,"score":213,"percentile":288},"2025-12-28",{"date":365,"score":213,"percentile":366},"2025-12-29",0.93093,{"date":368,"score":213,"percentile":288},"2025-12-30",{"date":370,"score":213,"percentile":355},"2025-12-31",{"date":372,"score":213,"percentile":373},"2026-01-01",0.93146,{"date":375,"score":213,"percentile":376},"2026-01-02",0.93141,{"date":378,"score":213,"percentile":379},"2026-01-03",0.9314,{"date":381,"score":213,"percentile":382},"2026-01-04",0.93097,{"date":384,"score":213,"percentile":385},"2026-01-05",0.93094,{"date":387,"score":213,"percentile":382},"2026-01-06",{"date":389,"score":213,"percentile":390},"2026-01-07",0.93096,{"date":392,"score":213,"percentile":358},"2026-01-08",{"date":394,"score":213,"percentile":294},"2026-01-09",{"date":396,"score":213,"percentile":397},"2026-01-10",0.93111,{"date":399,"score":213,"percentile":400},"2026-01-11",0.93109,{"date":402,"score":213,"percentile":403},"2026-01-12",0.93108,{"date":405,"score":213,"percentile":406},"2026-01-13",0.93107,{"date":408,"score":213,"percentile":409},"2026-01-14",0.93117,{"date":411,"score":213,"percentile":409},"2026-01-15",{"date":413,"score":213,"percentile":414},"2026-01-16",0.9312,{"date":416,"score":213,"percentile":417},"2026-01-17",0.93123,{"date":419,"score":213,"percentile":420},"2026-01-18",0.93118,{"date":422,"score":213,"percentile":423},"2026-01-19",0.93119,{"date":425,"score":213,"percentile":414},"2026-01-20",{"date":427,"score":213,"percentile":428},"2026-01-21",0.93126,{"date":430,"score":213,"percentile":431},"2026-01-22",0.93128,{"date":433,"score":213,"percentile":434},"2026-01-23",0.93134,{"date":436,"score":213,"percentile":361},"2026-01-24",{"date":438,"score":213,"percentile":376},"2026-01-25",{"date":440,"score":213,"percentile":441},"2026-01-26",0.93142,{"date":443,"score":213,"percentile":373},"2026-01-27",{"date":445,"score":213,"percentile":446},"2026-01-28",0.9315,{"date":448,"score":213,"percentile":446},"2026-01-29",{"date":450,"score":213,"percentile":446},"2026-01-30",{"date":452,"score":213,"percentile":453},"2026-01-31",0.93152,{"date":455,"score":213,"percentile":456},"2026-02-01",0.93188,[458],{"source":91,"cvss_v2_0":459,"cvss_v3_0":464,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":460,"baseSeverity":9,"vectorString":461,"impactScore":462,"exploitabilityScore":463},4.3,"AV:N/AC:M/Au:N/C:N/I:N/A:P",2.9,8.6,{"baseScore":89,"baseSeverity":465,"vectorString":92,"impactScore":466,"exploitabilityScore":467},"MEDIUM",6,4.6,[469,480,487,495,502,515,522,536,545,551,563,573,580,586],{"ecosystem":9,"name":470,"vendor":471,"product":472,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":474},"iphone os","apple","iphone_os","o",[475],{"version":476,"is_range":40,"range_type":477,"version_start":9,"version_start_type":9,"version_end":478,"version_end_type":479,"fixed_in":9},"lt9.3.2","cpe","9.3.2","excluding",{"ecosystem":9,"name":481,"vendor":471,"product":482,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":483},"mac os x","mac_os_x",[484],{"version":485,"is_range":40,"range_type":477,"version_start":9,"version_start_type":9,"version_end":486,"version_end_type":479,"fixed_in":9},"lt10.11.5","10.11.5",{"ecosystem":9,"name":488,"vendor":471,"product":489,"cpe_part":490,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":491},"tvOS","tvos","a",[492],{"version":493,"is_range":40,"range_type":477,"version_start":9,"version_start_type":9,"version_end":494,"version_end_type":479,"fixed_in":9},"lt9.2.1","9.2.1",{"ecosystem":9,"name":496,"vendor":471,"product":497,"cpe_part":490,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":498},"watchOS","watchos",[499],{"version":500,"is_range":40,"range_type":477,"version_start":9,"version_start_type":9,"version_end":501,"version_end_type":479,"fixed_in":9},"lt2.2.1","2.2.1",{"ecosystem":9,"name":503,"vendor":504,"product":505,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":506},"ubuntu linux","canonical","ubuntu_linux",[507,509,511,513],{"version":508,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04",{"version":510,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":512,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.10",{"version":514,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"ecosystem":9,"name":516,"vendor":517,"product":518,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":519},"debian linux","debian","debian_linux",[520],{"version":521,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"ecosystem":9,"name":523,"vendor":524,"product":525,"cpe_part":490,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":526},"web gateway","mcafee","web_gateway",[527,532],{"version":528,"is_range":40,"range_type":477,"version_start":529,"version_start_type":530,"version_end":531,"version_end_type":530,"fixed_in":9},"gte7.5.0.0_lte7.5.2.10","7.5.0.0","including","7.5.2.10",{"version":533,"is_range":40,"range_type":477,"version_start":534,"version_start_type":530,"version_end":535,"version_end_type":530,"fixed_in":9},"gte7.6.0.0_lte7.6.2.3","7.6.0.0","7.6.2.3",{"ecosystem":9,"name":537,"vendor":538,"product":539,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":540},"enterprise linux desktop","redhat","enterprise_linux_desktop",[541,543],{"version":542,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":544,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":546,"vendor":538,"product":547,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":548},"enterprise linux server","enterprise_linux_server",[549,550],{"version":542,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":544,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":552,"vendor":538,"product":553,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":554},"enterprise linux server aus","enterprise_linux_server_aus",[555,557,559,561],{"version":556,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.2",{"version":558,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.3",{"version":560,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.4",{"version":562,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.6",{"ecosystem":9,"name":564,"vendor":538,"product":565,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":566},"enterprise linux server eus","enterprise_linux_server_eus",[567,568,569,570,572],{"version":556,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":558,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":560,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":571,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.5",{"version":562,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":574,"vendor":538,"product":575,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":576},"enterprise linux server tus","enterprise_linux_server_tus",[577,578,579],{"version":556,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":558,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":562,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":581,"vendor":538,"product":582,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":583},"enterprise linux workstation","enterprise_linux_workstation",[584,585],{"version":542,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":544,"is_range":31,"range_type":477,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":587,"vendor":588,"product":587,"cpe_part":490,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":589},"libxml2","xmlsoft",[590],{"version":591,"is_range":40,"range_type":477,"version_start":9,"version_start_type":9,"version_end":592,"version_end_type":479,"fixed_in":9},"lt2.9.4","2.9.4"]