[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-5290":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":112,"related":113,"reserved_at":9,"published_at":124,"modified_at":125,"state":126,"summary":127,"references_raw":136,"kevs":187,"epss":188,"epss_history":191,"metrics":447,"affected":456},"CVE-2016-5290","Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003C 45.5, Firefox ESR \u003C 45.5, and Firefox \u003C 50.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110],{"_key":73},"RHSA-2016:2780",{"_key":75},"RHSA-2016:2825",{"_key":77},"OPENSUSE-SU-2024:10071-1",{"_key":79},"SUSE-SU-2016:3014-1",{"_key":81},"SUSE-SU-2016:3080-1",{"_key":83},"SUSE-SU-2016:3105-1",{"_key":85},"OPENSUSE-SU-2016:3019-1",{"_key":87},"OPENSUSE-SU-2024:10230-1",{"_key":89},"OPENSUSE-SU-2024:14572-1",{"_key":91},"DLA-730-1",{"_key":93},"DLA-752-1",{"_key":95},"DSA-3716-1",{"_key":97},"DSA-3730-1",{"_key":99},"MGASA-2016-0379",{"_key":101},"MGASA-2016-0409",{"_key":103},"MGASA-2017-0323",{"_key":105},"UBUNTU-CVE-2016-5290",{"_key":107},"USN-3124-1",{"_key":109},"USN-3141-1",{"_key":111},"DEBIAN-CVE-2016-5290",[],[114,115,116,117,118,119,120,121,122,123],{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":99},{"_key":101},{"_key":103},"2018-06-11T21:00:00.000Z","2024-08-06T00:53:48.950Z","Modified",{"cisa_kev":128,"cisa_ransomware":128,"cisa_vendor":9,"epss_severity":129,"epss_score":130,"severity":131,"severity_score":132,"severity_version":133,"severity_source":134,"severity_vector":135,"severity_status":126},false,"low",0.01874,"critical",9.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[137,145,150,155,161,166,171,175,179,183],{"url":138,"sources":139,"tags":141},"https://www.debian.org/security/2016/dsa-3730",[140,134],"cve.org",[142,143,144],"Vendor Advisory","X Refsource DEBIAN","Third Party Advisory",{"url":146,"sources":147,"tags":148},"http://rhn.redhat.com/errata/RHSA-2016-2825.html",[140,134],[142,149,144],"X Refsource REDHAT",{"url":151,"sources":152,"tags":153},"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169",[140,134],[154,142],"X Refsource CONFIRM",{"url":156,"sources":157,"tags":158},"http://www.securityfocus.com/bid/94335",[140,134],[159,160,144],"VDB Entry","X Refsource BID",{"url":162,"sources":163,"tags":164},"http://www.securitytracker.com/id/1037298",[140,134],[159,165,144],"X Refsource SECTRACK",{"url":167,"sources":168,"tags":169},"https://security.gentoo.org/glsa/201701-15",[140,134],[142,170,144],"X Refsource GENTOO",{"url":172,"sources":173,"tags":174},"https://www.mozilla.org/security/advisories/mfsa2016-93/",[140,134],[154,142],{"url":176,"sources":177,"tags":178},"http://rhn.redhat.com/errata/RHSA-2016-2780.html",[140,134],[142,149,144],{"url":180,"sources":181,"tags":182},"https://www.mozilla.org/security/advisories/mfsa2016-89/",[140,134],[154,142],{"url":184,"sources":185,"tags":186},"https://www.mozilla.org/security/advisories/mfsa2016-90/",[140,134],[154,142],[],{"date":189,"score":130,"percentile":190},"2026-06-04",0.83467,[192,196,199,202,205,208,211,214,217,220,223,226,229,232,234,237,239,242,245,248,251,254,257,259,261,263,265,268,271,274,277,280,283,286,288,290,293,296,299,302,305,308,311,314,317,320,323,326,329,331,334,337,340,343,346,349,352,355,358,361,364,367,370,373,376,378,381,384,386,389,392,394,397,400,403,405,407,410,413,416,419,422,425,428,431,434,437,439,441,444],{"date":193,"score":194,"percentile":195},"2025-11-04",0.01973,0.82949,{"date":197,"score":194,"percentile":198},"2025-11-05",0.82953,{"date":200,"score":194,"percentile":201},"2025-11-06",0.82956,{"date":203,"score":194,"percentile":204},"2025-11-07",0.82966,{"date":206,"score":194,"percentile":207},"2025-11-08",0.82972,{"date":209,"score":194,"percentile":210},"2025-11-09",0.82967,{"date":212,"score":194,"percentile":213},"2025-11-10",0.8296,{"date":215,"score":194,"percentile":216},"2025-11-11",0.82969,{"date":218,"score":194,"percentile":219},"2025-11-12",0.82979,{"date":221,"score":194,"percentile":222},"2025-11-13",0.82985,{"date":224,"score":194,"percentile":225},"2025-11-14",0.82988,{"date":227,"score":194,"percentile":228},"2025-11-15",0.8298,{"date":230,"score":194,"percentile":231},"2025-11-16",0.82982,{"date":233,"score":194,"percentile":219},"2025-11-17",{"date":235,"score":194,"percentile":236},"2025-11-18",0.82094,{"date":238,"score":194,"percentile":236},"2025-11-19",{"date":240,"score":194,"percentile":241},"2025-11-20",0.82098,{"date":243,"score":194,"percentile":244},"2025-11-21",0.82994,{"date":246,"score":194,"percentile":247},"2025-11-22",0.82995,{"date":249,"score":194,"percentile":250},"2025-11-23",0.8299,{"date":252,"score":194,"percentile":253},"2025-11-24",0.82989,{"date":255,"score":194,"percentile":256},"2025-11-25",0.82993,{"date":258,"score":194,"percentile":244},"2025-11-26",{"date":260,"score":194,"percentile":256},"2025-11-27",{"date":262,"score":194,"percentile":231},"2025-11-28",{"date":264,"score":194,"percentile":247},"2025-11-29",{"date":266,"score":194,"percentile":267},"2025-11-30",0.82999,{"date":269,"score":194,"percentile":270},"2025-12-01",0.8307,{"date":272,"score":194,"percentile":273},"2025-12-02",0.83074,{"date":275,"score":194,"percentile":276},"2025-12-03",0.83075,{"date":278,"score":194,"percentile":279},"2025-12-04",0.82997,{"date":281,"score":194,"percentile":282},"2025-12-05",0.83003,{"date":284,"score":194,"percentile":285},"2025-12-06",0.83,{"date":287,"score":194,"percentile":279},"2025-12-07",{"date":289,"score":194,"percentile":285},"2025-12-08",{"date":291,"score":194,"percentile":292},"2025-12-09",0.83015,{"date":294,"score":194,"percentile":295},"2025-12-10",0.83039,{"date":297,"score":194,"percentile":298},"2025-12-11",0.83054,{"date":300,"score":194,"percentile":301},"2025-12-12",0.83063,{"date":303,"score":194,"percentile":304},"2025-12-13",0.8306,{"date":306,"score":194,"percentile":307},"2025-12-14",0.83057,{"date":309,"score":194,"percentile":310},"2025-12-15",0.83058,{"date":312,"score":194,"percentile":313},"2025-12-16",0.83069,{"date":315,"score":194,"percentile":316},"2025-12-17",0.83078,{"date":318,"score":194,"percentile":319},"2025-12-18",0.83085,{"date":321,"score":194,"percentile":322},"2025-12-19",0.83089,{"date":324,"score":194,"percentile":325},"2025-12-20",0.83082,{"date":327,"score":194,"percentile":328},"2025-12-21",0.8308,{"date":330,"score":194,"percentile":328},"2025-12-22",{"date":332,"score":194,"percentile":333},"2025-12-23",0.83088,{"date":335,"score":194,"percentile":336},"2025-12-24",0.83095,{"date":338,"score":194,"percentile":339},"2025-12-25",0.83108,{"date":341,"score":130,"percentile":342},"2025-12-26",0.82665,{"date":344,"score":130,"percentile":345},"2025-12-27",0.82703,{"date":347,"score":130,"percentile":348},"2025-12-28",0.82652,{"date":350,"score":130,"percentile":351},"2025-12-29",0.82647,{"date":353,"score":130,"percentile":354},"2025-12-30",0.82655,{"date":356,"score":130,"percentile":357},"2025-12-31",0.82668,{"date":359,"score":130,"percentile":360},"2026-01-01",0.82738,{"date":362,"score":130,"percentile":363},"2026-01-02",0.82734,{"date":365,"score":130,"percentile":366},"2026-01-03",0.82727,{"date":368,"score":130,"percentile":369},"2026-01-04",0.82645,{"date":371,"score":130,"percentile":372},"2026-01-05",0.8264,{"date":374,"score":130,"percentile":375},"2026-01-06",0.82646,{"date":377,"score":130,"percentile":351},"2026-01-07",{"date":379,"score":130,"percentile":380},"2026-01-08",0.82651,{"date":382,"score":130,"percentile":383},"2026-01-09",0.82653,{"date":385,"score":130,"percentile":383},"2026-01-10",{"date":387,"score":130,"percentile":388},"2026-01-11",0.82649,{"date":390,"score":130,"percentile":391},"2026-01-12",0.82643,{"date":393,"score":130,"percentile":372},"2026-01-13",{"date":395,"score":130,"percentile":396},"2026-01-14",0.82659,{"date":398,"score":130,"percentile":399},"2026-01-15",0.82657,{"date":401,"score":130,"percentile":402},"2026-01-16",0.82666,{"date":404,"score":130,"percentile":357},"2026-01-17",{"date":406,"score":130,"percentile":402},"2026-01-18",{"date":408,"score":130,"percentile":409},"2026-01-19",0.82662,{"date":411,"score":130,"percentile":412},"2026-01-20",0.82664,{"date":414,"score":130,"percentile":415},"2026-01-21",0.82669,{"date":417,"score":130,"percentile":418},"2026-01-22",0.82677,{"date":420,"score":130,"percentile":421},"2026-01-23",0.82697,{"date":423,"score":130,"percentile":424},"2026-01-24",0.82704,{"date":426,"score":130,"percentile":427},"2026-01-25",0.82698,{"date":429,"score":130,"percentile":430},"2026-01-26",0.82696,{"date":432,"score":130,"percentile":433},"2026-01-27",0.82693,{"date":435,"score":130,"percentile":436},"2026-01-28",0.82695,{"date":438,"score":130,"percentile":421},"2026-01-29",{"date":440,"score":130,"percentile":345},"2026-01-30",{"date":442,"score":130,"percentile":443},"2026-01-31",0.82708,{"date":445,"score":130,"percentile":446},"2026-02-01",0.82784,[448],{"source":134,"cvss_v2_0":449,"cvss_v3_0":454,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":450,"baseSeverity":9,"vectorString":451,"impactScore":452,"exploitabilityScore":453},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":132,"baseSeverity":455,"vectorString":135,"impactScore":132,"exploitabilityScore":453},"CRITICAL",[457,466,484,491],{"ecosystem":9,"name":458,"vendor":459,"product":460,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":462},"debian linux","debian","debian_linux","o",[463],{"version":464,"is_range":128,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"ecosystem":9,"name":467,"vendor":468,"product":467,"cpe_part":469,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":470},"firefox","mozilla","a",[471,476,479],{"version":472,"is_range":473,"range_type":465,"version_start":9,"version_start_type":9,"version_end":474,"version_end_type":475,"fixed_in":9},"lt45.5.0",true,"45.5.0","excluding",{"version":477,"is_range":473,"range_type":465,"version_start":9,"version_start_type":9,"version_end":478,"version_end_type":475,"fixed_in":9},"lt50.0","50.0",{"version":480,"is_range":473,"range_type":140,"version_start":481,"version_start_type":482,"version_end":483,"version_end_type":475,"fixed_in":9},">= unspecified, \u003C 50","unspecified","including","50",{"ecosystem":9,"name":485,"vendor":468,"product":486,"cpe_part":469,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":487},"firefox esr","firefox_esr",[488],{"version":489,"is_range":473,"range_type":140,"version_start":481,"version_start_type":482,"version_end":490,"version_end_type":475,"fixed_in":9},">= unspecified, \u003C 45.5","45.5",{"ecosystem":9,"name":492,"vendor":468,"product":493,"cpe_part":469,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":494},"Thunderbird","thunderbird",[495,496],{"version":472,"is_range":473,"range_type":465,"version_start":9,"version_start_type":9,"version_end":474,"version_end_type":475,"fixed_in":9},{"version":489,"is_range":473,"range_type":140,"version_start":481,"version_start_type":482,"version_end":490,"version_end_type":475,"fixed_in":9}]