[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-2620":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":29,"aliases":30,"duplicate_of":9,"upstream":31,"downstream":32,"duplicates":97,"related":98,"reserved_at":9,"published_at":111,"modified_at":112,"state":113,"summary":114,"references_raw":123,"kevs":229,"epss":230,"epss_history":233,"metrics":491,"affected":508},"CVE-2017-2620","Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.",null,[11,23],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],{"_key":24,"id":24,"name":25,"description":26,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":27,"capec":28},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","High",[],[],[],[],[33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87,89,91,93,95],{"_key":34},"ALPINE-CVE-2017-2620",{"_key":36},"RHSA-2017:0328",{"_key":38},"RHSA-2017:0329",{"_key":40},"RHSA-2017:0330",{"_key":42},"RHSA-2017:0331",{"_key":44},"RHSA-2017:0332",{"_key":46},"RHSA-2017:0333",{"_key":48},"RHSA-2017:0334",{"_key":50},"RHSA-2017:0350",{"_key":52},"RHSA-2017:0351",{"_key":54},"RHSA-2017:0352",{"_key":56},"RHSA-2017:0396",{"_key":58},"RHSA-2017:0454",{"_key":60},"OPENSUSE-SU-2024:11287-1",{"_key":62},"OPENSUSE-SU-2024:11520-1",{"_key":64},"SUSE-SU-2017:0570-1",{"_key":66},"SUSE-SU-2017:0571-1",{"_key":68},"SUSE-SU-2017:0582-1",{"_key":70},"SUSE-SU-2017:0625-1",{"_key":72},"SUSE-SU-2017:0647-1",{"_key":74},"SUSE-SU-2017:0661-1",{"_key":76},"SUSE-SU-2017:0718-1",{"_key":78},"SUSE-SU-2017:1135-1",{"_key":80},"SUSE-SU-2017:1241-1",{"_key":82},"SUSE-SU-2017:3084-1",{"_key":84},"USN-3261-1",{"_key":86},"DLA-1270-1",{"_key":88},"DLA-1497-1",{"_key":90},"DLA-842-1",{"_key":92},"DLA-845-1",{"_key":94},"UBUNTU-CVE-2017-2620",{"_key":96},"DEBIAN-CVE-2017-2620",[],[99,100,101,102,103,104,105,106,107,108,109,110],{"_key":60},{"_key":62},{"_key":64},{"_key":66},{"_key":68},{"_key":70},{"_key":72},{"_key":74},{"_key":76},{"_key":78},{"_key":80},{"_key":82},"2018-07-27T19:00:00.000Z","2024-08-05T14:02:07.311Z","Modified",{"cisa_kev":115,"cisa_ransomware":115,"cisa_vendor":9,"epss_severity":116,"epss_score":117,"severity":118,"severity_score":119,"severity_version":120,"severity_source":121,"severity_vector":122,"severity_status":113},false,"low",0.0241,"critical",9.9,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",[124,132,136,142,146,152,156,160,164,169,173,178,182,186,190,194,199,204,208,212,216,221,225],{"url":125,"sources":126,"tags":128},"http://rhn.redhat.com/errata/RHSA-2017-0329.html",[127,121],"cve.org",[129,130,131],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory",{"url":133,"sources":134,"tags":135},"http://rhn.redhat.com/errata/RHSA-2017-0334.html",[127,121],[129,130,131],{"url":137,"sources":138,"tags":139},"http://www.securitytracker.com/id/1037870",[127,121],[140,141,131],"VDB Entry","X Refsource SECTRACK",{"url":143,"sources":144,"tags":145},"http://rhn.redhat.com/errata/RHSA-2017-0328.html",[127,121],[129,130,131],{"url":147,"sources":148,"tags":149},"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html",[127,121],[150,151],"Mailing List","X Refsource MLIST",{"url":153,"sources":154,"tags":155},"http://rhn.redhat.com/errata/RHSA-2017-0333.html",[127,121],[129,130,131],{"url":157,"sources":158,"tags":159},"http://rhn.redhat.com/errata/RHSA-2017-0351.html",[127,121],[129,130,131],{"url":161,"sources":162,"tags":163},"http://rhn.redhat.com/errata/RHSA-2017-0454.html",[127,121],[129,130,131],{"url":165,"sources":166,"tags":167},"https://xenbits.xen.org/xsa/advisory-209.html",[127,121],[168,131],"X Refsource CONFIRM",{"url":170,"sources":171,"tags":172},"http://rhn.redhat.com/errata/RHSA-2017-0331.html",[127,121],[129,130,131],{"url":174,"sources":175,"tags":176},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2620",[127,121],[168,177,131],"Issue Tracking",{"url":179,"sources":180,"tags":181},"http://www.openwall.com/lists/oss-security/2017/02/21/1",[127,121],[150,151,131],{"url":183,"sources":184,"tags":185},"http://rhn.redhat.com/errata/RHSA-2017-0350.html",[127,121],[129,130,131],{"url":187,"sources":188,"tags":189},"https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html",[127,121],[150,151,131],{"url":191,"sources":192,"tags":193},"http://rhn.redhat.com/errata/RHSA-2017-0396.html",[127,121],[129,130,131],{"url":195,"sources":196,"tags":197},"https://security.gentoo.org/glsa/201704-01",[127,121],[129,198,131],"X Refsource GENTOO",{"url":200,"sources":201,"tags":202},"https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html",[127,121],[150,151,203,131],"Patch",{"url":205,"sources":206,"tags":207},"http://rhn.redhat.com/errata/RHSA-2017-0352.html",[127,121],[129,130,131],{"url":209,"sources":210,"tags":211},"http://rhn.redhat.com/errata/RHSA-2017-0330.html",[127,121],[129,130,131],{"url":213,"sources":214,"tags":215},"http://rhn.redhat.com/errata/RHSA-2017-0332.html",[127,121],[129,130,131],{"url":217,"sources":218,"tags":219},"http://www.securityfocus.com/bid/96378",[127,121],[140,220,131],"X Refsource BID",{"url":222,"sources":223,"tags":224},"https://support.citrix.com/article/CTX220771",[127,121],[168,131],{"url":226,"sources":227,"tags":228},"https://security.gentoo.org/glsa/201703-07",[127,121],[129,198,131],[],{"date":231,"score":117,"percentile":232},"2026-06-04",0.85375,[234,238,241,244,246,249,252,255,258,261,264,267,270,273,275,278,281,284,287,290,293,295,297,300,303,306,308,311,314,317,320,323,326,328,331,334,337,340,343,346,349,353,356,359,362,365,368,371,374,376,379,382,385,388,391,394,397,400,403,406,408,411,414,417,419,421,424,427,429,432,434,437,440,443,446,449,452,454,457,460,463,466,469,472,474,476,479,482,485,488],{"date":235,"score":236,"percentile":237},"2025-11-04",0.00774,0.72814,{"date":239,"score":236,"percentile":240},"2025-11-05",0.72799,{"date":242,"score":236,"percentile":243},"2025-11-06",0.72797,{"date":245,"score":236,"percentile":237},"2025-11-07",{"date":247,"score":236,"percentile":248},"2025-11-08",0.72813,{"date":250,"score":236,"percentile":251},"2025-11-09",0.72805,{"date":253,"score":236,"percentile":254},"2025-11-10",0.72796,{"date":256,"score":236,"percentile":257},"2025-11-11",0.72801,{"date":259,"score":236,"percentile":260},"2025-11-12",0.72819,{"date":262,"score":236,"percentile":263},"2025-11-13",0.72824,{"date":265,"score":236,"percentile":266},"2025-11-14",0.72831,{"date":268,"score":236,"percentile":269},"2025-11-15",0.72829,{"date":271,"score":236,"percentile":272},"2025-11-16",0.72825,{"date":274,"score":236,"percentile":260},"2025-11-17",{"date":276,"score":236,"percentile":277},"2025-11-18",0.7147,{"date":279,"score":236,"percentile":280},"2025-11-19",0.71478,{"date":282,"score":236,"percentile":283},"2025-11-20",0.71485,{"date":285,"score":236,"percentile":286},"2025-11-21",0.72841,{"date":288,"score":236,"percentile":289},"2025-11-22",0.72837,{"date":291,"score":236,"percentile":292},"2025-11-23",0.7282,{"date":294,"score":236,"percentile":248},"2025-11-24",{"date":296,"score":236,"percentile":248},"2025-11-25",{"date":298,"score":236,"percentile":299},"2025-11-26",0.72818,{"date":301,"score":236,"percentile":302},"2025-11-27",0.72822,{"date":304,"score":236,"percentile":305},"2025-11-28",0.72815,{"date":307,"score":236,"percentile":251},"2025-11-29",{"date":309,"score":236,"percentile":310},"2025-11-30",0.728,{"date":312,"score":236,"percentile":313},"2025-12-01",0.72932,{"date":315,"score":236,"percentile":316},"2025-12-02",0.72944,{"date":318,"score":236,"percentile":319},"2025-12-03",0.72942,{"date":321,"score":236,"percentile":322},"2025-12-04",0.72811,{"date":324,"score":236,"percentile":325},"2025-12-05",0.72821,{"date":327,"score":236,"percentile":292},"2025-12-06",{"date":329,"score":236,"percentile":330},"2025-12-07",0.72823,{"date":332,"score":236,"percentile":333},"2025-12-08",0.72827,{"date":335,"score":236,"percentile":336},"2025-12-09",0.72857,{"date":338,"score":236,"percentile":339},"2025-12-10",0.7289,{"date":341,"score":236,"percentile":342},"2025-12-11",0.72909,{"date":344,"score":236,"percentile":345},"2025-12-12",0.72931,{"date":347,"score":236,"percentile":348},"2025-12-13",0.72937,{"date":350,"score":351,"percentile":352},"2025-12-14",0.02536,0.84988,{"date":354,"score":351,"percentile":355},"2025-12-15",0.84989,{"date":357,"score":351,"percentile":358},"2025-12-16",0.84998,{"date":360,"score":351,"percentile":361},"2025-12-17",0.85002,{"date":363,"score":351,"percentile":364},"2025-12-18",0.85006,{"date":366,"score":351,"percentile":367},"2025-12-19",0.8501,{"date":369,"score":351,"percentile":370},"2025-12-20",0.84999,{"date":372,"score":351,"percentile":373},"2025-12-21",0.85007,{"date":375,"score":351,"percentile":373},"2025-12-22",{"date":377,"score":351,"percentile":378},"2025-12-23",0.85015,{"date":380,"score":351,"percentile":381},"2025-12-24",0.85019,{"date":383,"score":351,"percentile":384},"2025-12-25",0.85036,{"date":386,"score":351,"percentile":387},"2025-12-26",0.85038,{"date":389,"score":351,"percentile":390},"2025-12-27",0.85095,{"date":392,"score":351,"percentile":393},"2025-12-28",0.85028,{"date":395,"score":351,"percentile":396},"2025-12-29",0.85024,{"date":398,"score":351,"percentile":399},"2025-12-30",0.8503,{"date":401,"score":351,"percentile":402},"2025-12-31",0.8504,{"date":404,"score":351,"percentile":405},"2026-01-01",0.85105,{"date":407,"score":351,"percentile":405},"2026-01-02",{"date":409,"score":351,"percentile":410},"2026-01-03",0.85102,{"date":412,"score":351,"percentile":413},"2026-01-04",0.85031,{"date":415,"score":351,"percentile":416},"2026-01-05",0.85021,{"date":418,"score":351,"percentile":393},"2026-01-06",{"date":420,"score":351,"percentile":393},"2026-01-07",{"date":422,"score":351,"percentile":423},"2026-01-08",0.85037,{"date":425,"score":351,"percentile":426},"2026-01-09",0.85041,{"date":428,"score":351,"percentile":423},"2026-01-10",{"date":430,"score":351,"percentile":431},"2026-01-11",0.85034,{"date":433,"score":351,"percentile":393},"2026-01-12",{"date":435,"score":351,"percentile":436},"2026-01-13",0.85025,{"date":438,"score":351,"percentile":439},"2026-01-14",0.85044,{"date":441,"score":351,"percentile":442},"2026-01-15",0.85042,{"date":444,"score":351,"percentile":445},"2026-01-16",0.85048,{"date":447,"score":351,"percentile":448},"2026-01-17",0.85055,{"date":450,"score":351,"percentile":451},"2026-01-18",0.8505,{"date":453,"score":351,"percentile":439},"2026-01-19",{"date":455,"score":351,"percentile":456},"2026-01-20",0.85047,{"date":458,"score":351,"percentile":459},"2026-01-21",0.85051,{"date":461,"score":351,"percentile":462},"2026-01-22",0.85056,{"date":464,"score":351,"percentile":465},"2026-01-23",0.85066,{"date":467,"score":351,"percentile":468},"2026-01-24",0.85076,{"date":470,"score":351,"percentile":471},"2026-01-25",0.85072,{"date":473,"score":351,"percentile":471},"2026-01-26",{"date":475,"score":351,"percentile":468},"2026-01-27",{"date":477,"score":351,"percentile":478},"2026-01-28",0.85081,{"date":480,"score":351,"percentile":481},"2026-01-29",0.85082,{"date":483,"score":351,"percentile":484},"2026-01-30",0.85084,{"date":486,"score":351,"percentile":487},"2026-01-31",0.85085,{"date":489,"score":351,"percentile":490},"2026-02-01",0.85157,[492,499],{"source":127,"cvss_v2_0":9,"cvss_v3_0":493,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":494,"baseSeverity":495,"vectorString":496,"impactScore":497,"exploitabilityScore":498},5.5,"MEDIUM","CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",6.2,3.3,{"source":121,"cvss_v2_0":500,"cvss_v3_0":505,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":501,"baseSeverity":9,"vectorString":502,"impactScore":503,"exploitabilityScore":504},9,"AV:N/AC:L/Au:S/C:C/I:C/A:C",10,8,{"baseScore":119,"baseSeverity":506,"vectorString":122,"impactScore":503,"exploitabilityScore":507},"CRITICAL",7.9,[509,525,532,540,547,555,561,569,577,583,596],{"ecosystem":9,"name":510,"vendor":511,"product":510,"cpe_part":512,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":513},"xenserver","citrix","a",[514,517,519,521,523],{"version":515,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.2","cpe",{"version":518,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.2.0:sp1",{"version":520,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:sp1",{"version":522,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"version":524,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1",{"ecosystem":9,"name":526,"vendor":527,"product":528,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":530},"debian linux","debian","debian_linux","o",[531],{"version":522,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":533,"vendor":533,"product":533,"cpe_part":512,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":534},"qemu",[535],{"version":536,"is_range":537,"range_type":516,"version_start":9,"version_start_type":9,"version_end":538,"version_end_type":539,"fixed_in":9},"lt2.8.0",true,"2.8.0","excluding",{"ecosystem":9,"name":541,"vendor":533,"product":542,"cpe_part":512,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":543},"Qemu:","qemu:",[544],{"version":545,"is_range":115,"range_type":127,"version_start":545,"version_start_type":546,"version_end":545,"version_end_type":546,"fixed_in":9},"2.8","including",{"ecosystem":9,"name":548,"vendor":549,"product":550,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":551},"enterprise linux desktop","redhat","enterprise_linux_desktop",[552,554],{"version":553,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":522,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":556,"vendor":549,"product":557,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":558},"enterprise linux server","enterprise_linux_server",[559,560],{"version":553,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":522,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":562,"vendor":549,"product":563,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":564},"enterprise linux server aus","enterprise_linux_server_aus",[565,567],{"version":566,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.3",{"version":568,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.4",{"ecosystem":9,"name":570,"vendor":549,"product":571,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":572},"enterprise linux server eus","enterprise_linux_server_eus",[573,574,575],{"version":566,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":568,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":576,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.5",{"ecosystem":9,"name":578,"vendor":549,"product":579,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":580},"enterprise linux workstation","enterprise_linux_workstation",[581,582],{"version":553,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":522,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":584,"vendor":549,"product":584,"cpe_part":512,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":585},"openstack",[586,588,589,590,592,594],{"version":587,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0",{"version":553,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":522,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":591,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8",{"version":593,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9",{"version":595,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10",{"ecosystem":9,"name":597,"vendor":597,"product":597,"cpe_part":529,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":598},"xen",[599,602,604,606,608,610,612,614],{"version":600,"is_range":537,"range_type":516,"version_start":9,"version_start_type":9,"version_end":601,"version_end_type":546,"fixed_in":9},"lte4.7.1","4.7.1",{"version":603,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.7.1:r1",{"version":605,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.7.1:r2",{"version":607,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.7.1:r3",{"version":609,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.7.1:r4",{"version":611,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.7.1:r5",{"version":613,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.7.1:r6",{"version":615,"is_range":115,"range_type":516,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.7.1:r7"]