[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-7170":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":26,"downstream":27,"duplicates":50,"related":51,"reserved_at":9,"published_at":57,"modified_at":58,"state":59,"summary":60,"references_raw":69,"kevs":108,"epss":109,"epss_history":112,"metrics":380,"affected":390},"CVE-2016-7170","The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-129","Improper Validation of Array Index","The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.","weakness","Draft","Variant","High",[20],{"id":21,"name":22,"techniques":23},"CAPEC-100","Overflow Buffers",[],[],[],[],[28,30,32,34,36,38,40,42,44,46,48],{"_key":29},"OPENSUSE-SU-2024:11287-1",{"_key":31},"SUSE-SU-2016:2879-1",{"_key":33},"SUSE-SU-2016:2902-1",{"_key":35},"SUSE-SU-2016:2936-1",{"_key":37},"SUSE-SU-2016:2988-1",{"_key":39},"UBUNTU-CVE-2016-7170",{"_key":41},"USN-3125-1",{"_key":43},"DLA-1599-1",{"_key":45},"DLA-652-1",{"_key":47},"DLA-653-1",{"_key":49},"DEBIAN-CVE-2016-7170",[],[52,53,54,55,56],{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},"2016-12-10T00:00:00.000Z","2024-08-06T01:50:47.551Z","Modified",{"cisa_kev":61,"cisa_ransomware":61,"cisa_vendor":9,"epss_severity":62,"epss_score":63,"severity":64,"severity_score":65,"severity_version":66,"severity_source":67,"severity_vector":68,"severity_status":59},false,"low",0.00075,"medium",4.4,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",[70,78,83,90,96,100,104],{"url":71,"sources":72,"tags":74},"http://www.securityfocus.com/bid/92904",[73,67],"cve.org",[75,76,77],"VDB Entry","X Refsource BID","Third Party Advisory",{"url":79,"sources":80,"tags":81},"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=167d97a3def77ee2dbf6e908b0ecbfe2103977db",[73,67],[82],"X Refsource CONFIRM",{"url":84,"sources":85,"tags":86},"http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html",[73,67],[87,88,89,77],"Vendor Advisory","X Refsource SUSE","Mailing List",{"url":91,"sources":92,"tags":93},"https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01764.html",[73,67],[89,94,95,77],"X Refsource MLIST","Patch",{"url":97,"sources":98,"tags":99},"http://www.openwall.com/lists/oss-security/2016/09/09/7",[73,67],[89,94,77],{"url":101,"sources":102,"tags":103},"https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html",[73,67],[89,94,77],{"url":105,"sources":106,"tags":107},"http://www.openwall.com/lists/oss-security/2016/09/09/4",[73,67],[89,94,77],[],{"date":110,"score":63,"percentile":111},"2026-06-04",0.22625,[113,117,120,123,126,129,132,135,138,141,144,147,150,153,156,159,162,165,168,171,174,177,180,183,186,189,192,195,198,201,204,207,209,211,214,217,220,223,226,229,232,235,238,241,244,247,250,253,256,259,262,265,268,271,274,277,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,327,330,333,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378],{"date":114,"score":115,"percentile":116},"2025-11-04",0.00111,0.30163,{"date":118,"score":115,"percentile":119},"2025-11-05",0.3014,{"date":121,"score":115,"percentile":122},"2025-11-06",0.30152,{"date":124,"score":115,"percentile":125},"2025-11-07",0.30159,{"date":127,"score":115,"percentile":128},"2025-11-08",0.30162,{"date":130,"score":115,"percentile":131},"2025-11-09",0.30141,{"date":133,"score":115,"percentile":134},"2025-11-10",0.30119,{"date":136,"score":115,"percentile":137},"2025-11-11",0.30139,{"date":139,"score":115,"percentile":140},"2025-11-12",0.30182,{"date":142,"score":115,"percentile":143},"2025-11-13",0.30199,{"date":145,"score":115,"percentile":146},"2025-11-14",0.30196,{"date":148,"score":115,"percentile":149},"2025-11-15",0.30192,{"date":151,"score":115,"percentile":152},"2025-11-16",0.30164,{"date":154,"score":115,"percentile":155},"2025-11-17",0.30144,{"date":157,"score":115,"percentile":158},"2025-11-18",0.25119,{"date":160,"score":115,"percentile":161},"2025-11-19",0.25145,{"date":163,"score":115,"percentile":164},"2025-11-20",0.25153,{"date":166,"score":115,"percentile":167},"2025-11-21",0.30183,{"date":169,"score":115,"percentile":170},"2025-11-22",0.3019,{"date":172,"score":115,"percentile":173},"2025-11-23",0.30158,{"date":175,"score":115,"percentile":176},"2025-11-24",0.30136,{"date":178,"score":115,"percentile":179},"2025-11-25",0.3013,{"date":181,"score":115,"percentile":182},"2025-11-26",0.30129,{"date":184,"score":115,"percentile":185},"2025-11-27",0.30142,{"date":187,"score":115,"percentile":188},"2025-11-28",0.3012,{"date":190,"score":115,"percentile":191},"2025-11-29",0.3011,{"date":193,"score":115,"percentile":194},"2025-11-30",0.30086,{"date":196,"score":115,"percentile":197},"2025-12-01",0.3016,{"date":199,"score":115,"percentile":200},"2025-12-02",0.30191,{"date":202,"score":115,"percentile":203},"2025-12-03",0.30195,{"date":205,"score":115,"percentile":206},"2025-12-04",0.30098,{"date":208,"score":115,"percentile":137},"2025-12-05",{"date":210,"score":115,"percentile":137},"2025-12-06",{"date":212,"score":115,"percentile":213},"2025-12-07",0.30115,{"date":215,"score":115,"percentile":216},"2025-12-08",0.30121,{"date":218,"score":115,"percentile":219},"2025-12-09",0.30179,{"date":221,"score":115,"percentile":222},"2025-12-10",0.30242,{"date":224,"score":115,"percentile":225},"2025-12-11",0.30272,{"date":227,"score":115,"percentile":228},"2025-12-12",0.30302,{"date":230,"score":115,"percentile":231},"2025-12-13",0.30295,{"date":233,"score":115,"percentile":234},"2025-12-14",0.3027,{"date":236,"score":115,"percentile":237},"2025-12-15",0.3024,{"date":239,"score":115,"percentile":240},"2025-12-16",0.30258,{"date":242,"score":115,"percentile":243},"2025-12-17",0.30299,{"date":245,"score":115,"percentile":246},"2025-12-18",0.30347,{"date":248,"score":115,"percentile":249},"2025-12-19",0.30361,{"date":251,"score":115,"percentile":252},"2025-12-20",0.30338,{"date":254,"score":115,"percentile":255},"2025-12-21",0.30288,{"date":257,"score":115,"percentile":258},"2025-12-22",0.30247,{"date":260,"score":115,"percentile":261},"2025-12-23",0.30221,{"date":263,"score":115,"percentile":264},"2025-12-24",0.30227,{"date":266,"score":115,"percentile":267},"2025-12-25",0.30298,{"date":269,"score":115,"percentile":270},"2025-12-26",0.30297,{"date":272,"score":115,"percentile":273},"2025-12-27",0.303,{"date":275,"score":115,"percentile":276},"2025-12-28",0.30222,{"date":278,"score":115,"percentile":203},"2025-12-29",{"date":280,"score":115,"percentile":281},"2025-12-30",0.30194,{"date":283,"score":115,"percentile":284},"2025-12-31",0.30246,{"date":286,"score":115,"percentile":287},"2026-01-01",0.30376,{"date":289,"score":115,"percentile":290},"2026-01-02",0.30368,{"date":292,"score":115,"percentile":293},"2026-01-03",0.30345,{"date":295,"score":115,"percentile":296},"2026-01-04",0.30219,{"date":298,"score":115,"percentile":299},"2026-01-05",0.30211,{"date":301,"score":115,"percentile":302},"2026-01-06",0.3022,{"date":304,"score":115,"percentile":305},"2026-01-07",0.3025,{"date":307,"score":115,"percentile":308},"2026-01-08",0.30278,{"date":310,"score":115,"percentile":311},"2026-01-09",0.30273,{"date":313,"score":115,"percentile":314},"2026-01-10",0.30268,{"date":316,"score":115,"percentile":317},"2026-01-11",0.30238,{"date":319,"score":115,"percentile":320},"2026-01-12",0.3018,{"date":322,"score":115,"percentile":323},"2026-01-13",0.30155,{"date":325,"score":63,"percentile":326},"2026-01-14",0.22877,{"date":328,"score":63,"percentile":329},"2026-01-15",0.22873,{"date":331,"score":63,"percentile":332},"2026-01-16",0.22903,{"date":334,"score":63,"percentile":335},"2026-01-17",0.22899,{"date":337,"score":63,"percentile":338},"2026-01-18",0.22845,{"date":340,"score":63,"percentile":341},"2026-01-19",0.22798,{"date":343,"score":63,"percentile":344},"2026-01-20",0.22768,{"date":346,"score":63,"percentile":347},"2026-01-21",0.2273,{"date":349,"score":63,"percentile":350},"2026-01-22",0.2271,{"date":352,"score":63,"percentile":353},"2026-01-23",0.22797,{"date":355,"score":63,"percentile":356},"2026-01-24",0.22817,{"date":358,"score":63,"percentile":359},"2026-01-25",0.22735,{"date":361,"score":63,"percentile":362},"2026-01-26",0.22631,{"date":364,"score":63,"percentile":365},"2026-01-27",0.2262,{"date":367,"score":63,"percentile":368},"2026-01-28",0.22624,{"date":370,"score":63,"percentile":371},"2026-01-29",0.22577,{"date":373,"score":63,"percentile":374},"2026-01-30",0.22574,{"date":376,"score":63,"percentile":377},"2026-01-31",0.22575,{"date":379,"score":63,"percentile":368},"2026-02-01",[381],{"source":67,"cvss_v2_0":382,"cvss_v3_0":9,"cvss_v3_1":387,"cvss_v4_0":9},{"baseScore":383,"baseSeverity":9,"vectorString":384,"impactScore":385,"exploitabilityScore":386},2.1,"AV:L/AC:L/Au:N/C:N/I:N/A:P",2.9,3.9,{"baseScore":65,"baseSeverity":388,"vectorString":68,"impactScore":389,"exploitabilityScore":383},"MEDIUM",6,[391,400,406],{"ecosystem":9,"name":392,"vendor":393,"product":394,"cpe_part":395,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":396},"debian linux","debian","debian_linux","o",[397],{"version":398,"is_range":61,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"ecosystem":9,"name":401,"vendor":402,"product":401,"cpe_part":395,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":403},"leap","opensuse",[404],{"version":405,"is_range":61,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.2",{"ecosystem":9,"name":407,"vendor":407,"product":407,"cpe_part":408,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":409},"qemu","a",[410],{"version":411,"is_range":412,"range_type":399,"version_start":9,"version_start_type":9,"version_end":413,"version_end_type":414,"fixed_in":9},"lte2.7.1",true,"2.7.1","including"]