[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-4439":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":108,"related":109,"reserved_at":9,"published_at":122,"modified_at":123,"state":124,"summary":125,"references_raw":134,"kevs":179,"epss":180,"epss_history":183,"metrics":438,"affected":449},"CVE-2016-4439","The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106],{"_key":73},"OPENSUSE-SU-2024:10196-1",{"_key":75},"SUSE-SU-2016:1560-1",{"_key":77},"SUSE-SU-2016:1698-1",{"_key":79},"SUSE-SU-2016:1703-1",{"_key":81},"SUSE-SU-2016:1785-1",{"_key":83},"SUSE-SU-2016:2093-1",{"_key":85},"SUSE-SU-2016:2100-1",{"_key":87},"SUSE-SU-2016:2528-1",{"_key":89},"SUSE-SU-2016:2533-1",{"_key":91},"SUSE-SU-2016:2725-1",{"_key":93},"UBUNTU-CVE-2016-4439",{"_key":95},"USN-3047-1",{"_key":97},"OPENSUSE-SU-2024:10233-1",{"_key":99},"OPENSUSE-SU-2024:10285-1",{"_key":101},"DLA-1599-1",{"_key":103},"DLA-573-1",{"_key":105},"DLA-574-1",{"_key":107},"DEBIAN-CVE-2016-4439",[],[110,111,112,113,114,115,116,117,118,119,120,121],{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":97},{"_key":99},"2016-05-20T14:00:00.000Z","2024-08-06T00:32:25.426Z","Modified",{"cisa_kev":126,"cisa_ransomware":126,"cisa_vendor":9,"epss_severity":127,"epss_score":128,"severity":129,"severity_score":130,"severity_version":131,"severity_source":132,"severity_vector":133,"severity_status":124},false,"low",0.00308,"medium",6.7,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",[135,143,149,154,158,165,169,173],{"url":136,"sources":137,"tags":139},"http://www.ubuntu.com/usn/USN-3047-1",[138,132],"cve.org",[140,141,142],"Vendor Advisory","X Refsource UBUNTU","Third Party Advisory",{"url":144,"sources":145,"tags":146},"http://www.securityfocus.com/bid/90760",[138,132],[147,148,142],"VDB Entry","X Refsource BID",{"url":150,"sources":151,"tags":152},"https://security.gentoo.org/glsa/201609-01",[138,132],[140,153,142],"X Refsource GENTOO",{"url":155,"sources":156,"tags":157},"http://www.ubuntu.com/usn/USN-3047-2",[138,132],[140,141,142],{"url":159,"sources":160,"tags":161},"https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03273.html",[138,132],[162,163,164,142],"Mailing List","X Refsource MLIST","Patch",{"url":166,"sources":167,"tags":168},"http://www.openwall.com/lists/oss-security/2016/05/19/3",[138,132],[162,163,164,142],{"url":170,"sources":171,"tags":172},"https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html",[138,132],[162,163,142],{"url":174,"sources":175,"tags":176},"https://bugzilla.redhat.com/show_bug.cgi?id=1337502",[138,132],[177,178,142,147],"X Refsource CONFIRM","Issue Tracking",[],{"date":181,"score":128,"percentile":182},"2026-06-04",0.54263,[184,188,191,194,197,200,202,205,208,211,214,216,219,222,225,228,231,234,236,238,241,244,247,250,253,256,259,262,265,268,271,274,277,280,283,286,289,292,295,298,301,304,306,309,312,315,318,321,324,327,330,333,336,339,343,346,349,352,355,358,361,364,367,370,373,375,378,381,384,386,389,392,394,396,398,400,402,404,407,410,413,415,417,420,423,425,428,431,433,435],{"date":185,"score":186,"percentile":187},"2025-11-04",0.00309,0.53609,{"date":189,"score":186,"percentile":190},"2025-11-05",0.53571,{"date":192,"score":186,"percentile":193},"2025-11-06",0.53586,{"date":195,"score":186,"percentile":196},"2025-11-07",0.5361,{"date":198,"score":186,"percentile":199},"2025-11-08",0.53612,{"date":201,"score":186,"percentile":187},"2025-11-09",{"date":203,"score":186,"percentile":204},"2025-11-10",0.53584,{"date":206,"score":186,"percentile":207},"2025-11-11",0.53597,{"date":209,"score":186,"percentile":210},"2025-11-12",0.53626,{"date":212,"score":186,"percentile":213},"2025-11-13",0.53635,{"date":215,"score":186,"percentile":213},"2025-11-14",{"date":217,"score":186,"percentile":218},"2025-11-15",0.53631,{"date":220,"score":186,"percentile":221},"2025-11-16",0.53611,{"date":223,"score":186,"percentile":224},"2025-11-17",0.53595,{"date":226,"score":186,"percentile":227},"2025-11-18",0.51168,{"date":229,"score":186,"percentile":230},"2025-11-19",0.51181,{"date":232,"score":186,"percentile":233},"2025-11-20",0.51166,{"date":235,"score":186,"percentile":199},"2025-11-21",{"date":237,"score":186,"percentile":221},"2025-11-22",{"date":239,"score":186,"percentile":240},"2025-11-23",0.53569,{"date":242,"score":186,"percentile":243},"2025-11-24",0.53561,{"date":245,"score":186,"percentile":246},"2025-11-25",0.53568,{"date":248,"score":186,"percentile":249},"2025-11-26",0.5357,{"date":251,"score":186,"percentile":252},"2025-11-27",0.53575,{"date":254,"score":186,"percentile":255},"2025-11-28",0.53549,{"date":257,"score":186,"percentile":258},"2025-11-29",0.53533,{"date":260,"score":186,"percentile":261},"2025-11-30",0.53527,{"date":263,"score":186,"percentile":264},"2025-12-01",0.53675,{"date":266,"score":186,"percentile":267},"2025-12-02",0.53694,{"date":269,"score":186,"percentile":270},"2025-12-03",0.53691,{"date":272,"score":186,"percentile":273},"2025-12-04",0.5354,{"date":275,"score":186,"percentile":276},"2025-12-05",0.53559,{"date":278,"score":186,"percentile":279},"2025-12-06",0.53558,{"date":281,"score":186,"percentile":282},"2025-12-07",0.53547,{"date":284,"score":186,"percentile":285},"2025-12-08",0.53546,{"date":287,"score":186,"percentile":288},"2025-12-09",0.53562,{"date":290,"score":186,"percentile":291},"2025-12-10",0.53621,{"date":293,"score":186,"percentile":294},"2025-12-11",0.53643,{"date":296,"score":186,"percentile":297},"2025-12-12",0.5367,{"date":299,"score":186,"percentile":300},"2025-12-13",0.53666,{"date":302,"score":186,"percentile":303},"2025-12-14",0.53655,{"date":305,"score":186,"percentile":294},"2025-12-15",{"date":307,"score":186,"percentile":308},"2025-12-16",0.53656,{"date":310,"score":186,"percentile":311},"2025-12-17",0.53677,{"date":313,"score":186,"percentile":314},"2025-12-18",0.53716,{"date":316,"score":186,"percentile":317},"2025-12-19",0.53718,{"date":319,"score":186,"percentile":320},"2025-12-20",0.53708,{"date":322,"score":186,"percentile":323},"2025-12-21",0.53689,{"date":325,"score":186,"percentile":326},"2025-12-22",0.53667,{"date":328,"score":186,"percentile":329},"2025-12-23",0.53669,{"date":331,"score":186,"percentile":332},"2025-12-24",0.53679,{"date":334,"score":186,"percentile":335},"2025-12-25",0.53726,{"date":337,"score":186,"percentile":338},"2025-12-26",0.5372,{"date":340,"score":341,"percentile":342},"2025-12-27",0.00418,0.61304,{"date":344,"score":186,"percentile":345},"2025-12-28",0.53698,{"date":347,"score":186,"percentile":348},"2025-12-29",0.5368,{"date":350,"score":186,"percentile":351},"2025-12-30",0.53672,{"date":353,"score":186,"percentile":354},"2025-12-31",0.5369,{"date":356,"score":186,"percentile":357},"2026-01-01",0.53856,{"date":359,"score":186,"percentile":360},"2026-01-02",0.53834,{"date":362,"score":186,"percentile":363},"2026-01-03",0.53827,{"date":365,"score":186,"percentile":366},"2026-01-04",0.5366,{"date":368,"score":186,"percentile":369},"2026-01-05",0.53646,{"date":371,"score":186,"percentile":372},"2026-01-06",0.53653,{"date":374,"score":186,"percentile":311},"2026-01-07",{"date":376,"score":186,"percentile":377},"2026-01-08",0.53699,{"date":379,"score":186,"percentile":380},"2026-01-09",0.53693,{"date":382,"score":186,"percentile":383},"2026-01-10",0.53692,{"date":385,"score":186,"percentile":351},"2026-01-11",{"date":387,"score":186,"percentile":388},"2026-01-12",0.53624,{"date":390,"score":186,"percentile":391},"2026-01-13",0.53602,{"date":393,"score":186,"percentile":294},"2026-01-14",{"date":395,"score":186,"percentile":369},"2026-01-15",{"date":397,"score":186,"percentile":329},"2026-01-16",{"date":399,"score":186,"percentile":308},"2026-01-17",{"date":401,"score":186,"percentile":294},"2026-01-18",{"date":403,"score":186,"percentile":213},"2026-01-19",{"date":405,"score":186,"percentile":406},"2026-01-20",0.53638,{"date":408,"score":186,"percentile":409},"2026-01-21",0.53645,{"date":411,"score":186,"percentile":412},"2026-01-22",0.53652,{"date":414,"score":186,"percentile":267},"2026-01-23",{"date":416,"score":186,"percentile":267},"2026-01-24",{"date":418,"score":186,"percentile":419},"2026-01-25",0.53651,{"date":421,"score":186,"percentile":422},"2026-01-26",0.53636,{"date":424,"score":186,"percentile":369},"2026-01-27",{"date":426,"score":186,"percentile":427},"2026-01-28",0.53663,{"date":429,"score":186,"percentile":430},"2026-01-29",0.53659,{"date":432,"score":186,"percentile":427},"2026-01-30",{"date":434,"score":186,"percentile":297},"2026-01-31",{"date":436,"score":186,"percentile":437},"2026-02-01",0.53808,[439],{"source":132,"cvss_v2_0":440,"cvss_v3_0":9,"cvss_v3_1":445,"cvss_v4_0":9},{"baseScore":441,"baseSeverity":9,"vectorString":442,"impactScore":443,"exploitabilityScore":444},4.6,"AV:L/AC:L/Au:N/C:P/I:P/A:P",6.4,3.9,{"baseScore":130,"baseSeverity":446,"vectorString":133,"impactScore":447,"exploitabilityScore":448},"MEDIUM",9.8,2.1,[450,463,470],{"ecosystem":9,"name":451,"vendor":452,"product":453,"cpe_part":454,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":455},"ubuntu linux","canonical","ubuntu_linux","o",[456,459,461],{"version":457,"is_range":126,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":460,"is_range":126,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":462,"is_range":126,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"ecosystem":9,"name":464,"vendor":465,"product":466,"cpe_part":454,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":467},"debian linux","debian","debian_linux",[468],{"version":469,"is_range":126,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"ecosystem":9,"name":471,"vendor":471,"product":471,"cpe_part":472,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":473},"qemu","a",[474],{"version":475,"is_range":476,"range_type":458,"version_start":9,"version_start_type":9,"version_end":477,"version_end_type":478,"fixed_in":9},"lte2.6.0",true,"2.6.0","including"]