[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-2794":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":112,"related":113,"reserved_at":9,"published_at":124,"modified_at":125,"state":126,"summary":127,"references_raw":136,"kevs":253,"epss":254,"epss_history":257,"metrics":521,"affected":532},"CVE-2016-2794","The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110],{"_key":73},"RHSA-2016:0373",{"_key":75},"RHSA-2016:0460",{"_key":77},"OPENSUSE-SU-2024:10071-1",{"_key":79},"SUSE-SU-2016:0727-1",{"_key":81},"SUSE-SU-2016:0777-1",{"_key":83},"SUSE-SU-2016:0909-1",{"_key":85},"OPENSUSE-SU-2016:1769-1",{"_key":87},"OPENSUSE-SU-2016:1778-1",{"_key":89},"OPENSUSE-SU-2024:10230-1",{"_key":91},"DSA-3510-1",{"_key":93},"DSA-3515-1",{"_key":95},"DSA-3520-1",{"_key":97},"MGASA-2016-0097",{"_key":99},"MGASA-2016-0105",{"_key":101},"MGASA-2016-0115",{"_key":103},"UBUNTU-CVE-2016-2794",{"_key":105},"USN-2917-1",{"_key":107},"USN-2927-1",{"_key":109},"USN-2934-1",{"_key":111},"DEBIAN-CVE-2016-2794",[],[114,115,116,117,118,119,120,121,122,123],{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":97},{"_key":99},{"_key":101},"2016-03-13T18:00:00.000Z","2024-08-05T23:32:21.200Z","Modified",{"cisa_kev":128,"cisa_ransomware":128,"cisa_vendor":9,"epss_severity":129,"epss_score":130,"severity":131,"severity_score":132,"severity_version":133,"severity_source":134,"severity_vector":135,"severity_status":126},false,"low",0.00875,"high",9.3,"v2.0","nvd","AV:N/AC:M/Au:N/C:C/I:C/A:C",[137,145,151,155,159,165,169,173,177,181,185,190,194,199,203,207,211,215,219,224,228,233,237,241,245,249],{"url":138,"sources":139,"tags":141},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html",[140,134],"cve.org",[142,143,144],"Vendor Advisory","X Refsource SUSE","Third Party Advisory",{"url":146,"sources":147,"tags":148},"http://www.securityfocus.com/bid/84222",[140,134],[149,150],"VDB Entry","X Refsource BID",{"url":152,"sources":153,"tags":154},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html",[140,134],[142,143],{"url":156,"sources":157,"tags":158},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html",[140,134],[142,143,144],{"url":160,"sources":161,"tags":162},"https://bugzilla.mozilla.org/show_bug.cgi?id=1243526",[140,134],[163,164],"X Refsource CONFIRM","Issue Tracking",{"url":166,"sources":167,"tags":168},"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",[140,134],[163,144],{"url":170,"sources":171,"tags":172},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html",[140,134],[142,143],{"url":174,"sources":175,"tags":176},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html",[140,134],[142,143],{"url":178,"sources":179,"tags":180},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html",[140,134],[142,143,144],{"url":182,"sources":183,"tags":184},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html",[140,134],[142,143],{"url":186,"sources":187,"tags":188},"http://www.ubuntu.com/usn/USN-2917-1",[140,134],[142,189],"X Refsource UBUNTU",{"url":191,"sources":192,"tags":193},"http://www.ubuntu.com/usn/USN-2927-1",[140,134],[142,189],{"url":195,"sources":196,"tags":197},"http://www.debian.org/security/2016/dsa-3520",[140,134],[142,198],"X Refsource DEBIAN",{"url":200,"sources":201,"tags":202},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html",[140,134],[142,143,144],{"url":204,"sources":205,"tags":206},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html",[140,134],[142,143],{"url":208,"sources":209,"tags":210},"http://www.debian.org/security/2016/dsa-3510",[140,134],[142,198],{"url":212,"sources":213,"tags":214},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html",[140,134],[142,143],{"url":216,"sources":217,"tags":218},"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html",[140,134],[163,142],{"url":220,"sources":221,"tags":222},"http://www.securitytracker.com/id/1035215",[140,134],[149,223],"X Refsource SECTRACK",{"url":225,"sources":226,"tags":227},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html",[140,134],[142,143],{"url":229,"sources":230,"tags":231},"https://security.gentoo.org/glsa/201605-06",[140,134],[142,232],"X Refsource GENTOO",{"url":234,"sources":235,"tags":236},"http://www.debian.org/security/2016/dsa-3515",[140,134],[142,198],{"url":238,"sources":239,"tags":240},"http://www.ubuntu.com/usn/USN-2934-1",[140,134],[142,189],{"url":242,"sources":243,"tags":244},"https://security.gentoo.org/glsa/201701-63",[140,134],[142,232],{"url":246,"sources":247,"tags":248},"http://www.ubuntu.com/usn/USN-2917-2",[140,134],[142,189],{"url":250,"sources":251,"tags":252},"http://www.ubuntu.com/usn/USN-2917-3",[140,134],[142,189],[],{"date":255,"score":130,"percentile":256},"2026-06-04",0.75641,[258,262,265,268,271,274,277,280,283,286,289,292,295,297,300,303,306,309,312,315,317,320,322,325,328,331,333,335,338,341,344,347,350,353,356,359,362,365,368,370,373,376,379,382,385,388,391,393,396,399,402,405,408,412,415,418,421,424,427,430,433,436,439,442,445,448,451,454,457,459,462,465,468,471,474,477,480,483,486,489,492,495,498,501,504,506,509,512,515,518],{"date":259,"score":260,"percentile":261},"2025-11-04",0.01801,0.82182,{"date":263,"score":260,"percentile":264},"2025-11-05",0.82184,{"date":266,"score":260,"percentile":267},"2025-11-06",0.82187,{"date":269,"score":260,"percentile":270},"2025-11-07",0.82197,{"date":272,"score":260,"percentile":273},"2025-11-08",0.82204,{"date":275,"score":260,"percentile":276},"2025-11-09",0.822,{"date":278,"score":260,"percentile":279},"2025-11-10",0.82193,{"date":281,"score":260,"percentile":282},"2025-11-11",0.82201,{"date":284,"score":260,"percentile":285},"2025-11-12",0.82211,{"date":287,"score":260,"percentile":288},"2025-11-13",0.82215,{"date":290,"score":260,"percentile":291},"2025-11-14",0.82219,{"date":293,"score":260,"percentile":294},"2025-11-15",0.82213,{"date":296,"score":260,"percentile":288},"2025-11-16",{"date":298,"score":260,"percentile":299},"2025-11-17",0.82212,{"date":301,"score":260,"percentile":302},"2025-11-18",0.81308,{"date":304,"score":260,"percentile":305},"2025-11-19",0.81309,{"date":307,"score":260,"percentile":308},"2025-11-20",0.81312,{"date":310,"score":260,"percentile":311},"2025-11-21",0.82223,{"date":313,"score":260,"percentile":314},"2025-11-22",0.82226,{"date":316,"score":260,"percentile":291},"2025-11-23",{"date":318,"score":260,"percentile":319},"2025-11-24",0.82218,{"date":321,"score":260,"percentile":288},"2025-11-25",{"date":323,"score":260,"percentile":324},"2025-11-26",0.82216,{"date":326,"score":260,"percentile":327},"2025-11-27",0.82221,{"date":329,"score":260,"percentile":330},"2025-11-28",0.82209,{"date":332,"score":260,"percentile":319},"2025-11-29",{"date":334,"score":260,"percentile":311},"2025-11-30",{"date":336,"score":260,"percentile":337},"2025-12-01",0.82295,{"date":339,"score":260,"percentile":340},"2025-12-02",0.82297,{"date":342,"score":260,"percentile":343},"2025-12-03",0.82296,{"date":345,"score":260,"percentile":346},"2025-12-04",0.8222,{"date":348,"score":260,"percentile":349},"2025-12-05",0.82229,{"date":351,"score":260,"percentile":352},"2025-12-06",0.82225,{"date":354,"score":260,"percentile":355},"2025-12-07",0.82224,{"date":357,"score":260,"percentile":358},"2025-12-08",0.82227,{"date":360,"score":260,"percentile":361},"2025-12-09",0.82243,{"date":363,"score":260,"percentile":364},"2025-12-10",0.82268,{"date":366,"score":260,"percentile":367},"2025-12-11",0.82285,{"date":369,"score":260,"percentile":337},"2025-12-12",{"date":371,"score":260,"percentile":372},"2025-12-13",0.82294,{"date":374,"score":260,"percentile":375},"2025-12-14",0.8229,{"date":377,"score":260,"percentile":378},"2025-12-15",0.82288,{"date":380,"score":260,"percentile":381},"2025-12-16",0.82299,{"date":383,"score":260,"percentile":384},"2025-12-17",0.82306,{"date":386,"score":260,"percentile":387},"2025-12-18",0.82316,{"date":389,"score":260,"percentile":390},"2025-12-19",0.8232,{"date":392,"score":260,"percentile":387},"2025-12-20",{"date":394,"score":260,"percentile":395},"2025-12-21",0.82313,{"date":397,"score":260,"percentile":398},"2025-12-22",0.82317,{"date":400,"score":260,"percentile":401},"2025-12-23",0.82321,{"date":403,"score":260,"percentile":404},"2025-12-24",0.82331,{"date":406,"score":260,"percentile":407},"2025-12-25",0.82346,{"date":409,"score":410,"percentile":411},"2025-12-26",0.01576,0.81121,{"date":413,"score":410,"percentile":414},"2025-12-27",0.81154,{"date":416,"score":410,"percentile":417},"2025-12-28",0.81108,{"date":419,"score":410,"percentile":420},"2025-12-29",0.81105,{"date":422,"score":410,"percentile":423},"2025-12-30",0.81111,{"date":425,"score":410,"percentile":426},"2025-12-31",0.81125,{"date":428,"score":410,"percentile":429},"2026-01-01",0.81202,{"date":431,"score":410,"percentile":432},"2026-01-02",0.81197,{"date":434,"score":410,"percentile":435},"2026-01-03",0.81192,{"date":437,"score":410,"percentile":438},"2026-01-04",0.81103,{"date":440,"score":410,"percentile":441},"2026-01-05",0.81098,{"date":443,"score":410,"percentile":444},"2026-01-06",0.81101,{"date":446,"score":410,"percentile":447},"2026-01-07",0.81104,{"date":449,"score":410,"percentile":450},"2026-01-08",0.81113,{"date":452,"score":410,"percentile":453},"2026-01-09",0.81114,{"date":455,"score":410,"percentile":456},"2026-01-10",0.81115,{"date":458,"score":410,"percentile":417},"2026-01-11",{"date":460,"score":410,"percentile":461},"2026-01-12",0.81099,{"date":463,"score":410,"percentile":464},"2026-01-13",0.81097,{"date":466,"score":410,"percentile":467},"2026-01-14",0.81117,{"date":469,"score":410,"percentile":470},"2026-01-15",0.8112,{"date":472,"score":410,"percentile":473},"2026-01-16",0.8113,{"date":475,"score":410,"percentile":476},"2026-01-17",0.81136,{"date":478,"score":410,"percentile":479},"2026-01-18",0.81127,{"date":481,"score":130,"percentile":482},"2026-01-19",0.74782,{"date":484,"score":130,"percentile":485},"2026-01-20",0.74786,{"date":487,"score":130,"percentile":488},"2026-01-21",0.74792,{"date":490,"score":130,"percentile":491},"2026-01-22",0.74797,{"date":493,"score":130,"percentile":494},"2026-01-23",0.74824,{"date":496,"score":130,"percentile":497},"2026-01-24",0.74832,{"date":499,"score":130,"percentile":500},"2026-01-25",0.74816,{"date":502,"score":130,"percentile":503},"2026-01-26",0.74815,{"date":505,"score":130,"percentile":494},"2026-01-27",{"date":507,"score":130,"percentile":508},"2026-01-28",0.7483,{"date":510,"score":130,"percentile":511},"2026-01-29",0.74826,{"date":513,"score":130,"percentile":514},"2026-01-30",0.74828,{"date":516,"score":130,"percentile":517},"2026-01-31",0.74834,{"date":519,"score":130,"percentile":520},"2026-02-01",0.74951,[522],{"source":134,"cvss_v2_0":523,"cvss_v3_0":526,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":132,"baseSeverity":9,"vectorString":135,"impactScore":524,"exploitabilityScore":525},10,8.6,{"baseScore":527,"baseSeverity":528,"vectorString":529,"impactScore":530,"exploitabilityScore":531},8.8,"HIGH","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",9.8,7.2,[533,570,577,583,593,600],{"ecosystem":9,"name":534,"vendor":535,"product":534,"cpe_part":536,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":537},"firefox","mozilla","a",[538,544,546,548,550,552,554,556,558,560,562,564,566,568],{"version":539,"is_range":540,"range_type":541,"version_start":9,"version_start_type":9,"version_end":542,"version_end_type":543,"fixed_in":9},"lte44.0.2",true,"cpe","44.0.2","including",{"version":545,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0",{"version":547,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0.1",{"version":549,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0.5",{"version":551,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.1.0",{"version":553,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.1.1",{"version":555,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.2.0",{"version":557,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.2.1",{"version":559,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.3.0",{"version":561,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.4.0",{"version":563,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.5.0",{"version":565,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.5.1",{"version":567,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.6.0",{"version":569,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.6.1",{"ecosystem":9,"name":571,"vendor":572,"product":571,"cpe_part":573,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":574},"leap","opensuse","o",[575],{"version":576,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.1",{"ecosystem":9,"name":572,"vendor":572,"product":572,"cpe_part":573,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":578},[579,581],{"version":580,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.1",{"version":582,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.2",{"ecosystem":9,"name":584,"vendor":585,"product":584,"cpe_part":573,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":586},"linux","oracle",[587,589,591],{"version":588,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0",{"version":590,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6",{"version":592,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7",{"ecosystem":9,"name":594,"vendor":595,"product":594,"cpe_part":536,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":596},"graphite2","sil",[597],{"version":598,"is_range":540,"range_type":541,"version_start":9,"version_start_type":9,"version_end":599,"version_end_type":543,"fixed_in":9},"lte1.3.5","1.3.5",{"ecosystem":9,"name":601,"vendor":602,"product":603,"cpe_part":573,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":604},"linux enterprise","suse","linux_enterprise",[605],{"version":606,"is_range":128,"range_type":541,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0"]