[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-12617":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":46,"duplicate_of":9,"upstream":47,"downstream":48,"duplicates":83,"related":84,"reserved_at":9,"published_at":97,"modified_at":98,"state":99,"summary":100,"references_raw":108,"kevs":154,"epss":155,"epss_history":158,"metrics":416,"affected":426},"CVE-2018-12617","qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],[25,34],{"_key":26,"name":27,"source":28,"url":29,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":33,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_FAKHRIZULKIFLI_C7740D28EFA07DAFEE66D4DA5D857EF6","C7740D28Efa07Dafee66D4Da5D857Ef6","github","https://gist.github.com/fakhrizulkifli/c7740d28efa07dafee66d4da5d857ef6","poc",0.3,false,[],{"_key":35,"name":36,"source":37,"url":38,"maturity":30,"reliability_score":39,"verified":32,"type":40,"platforms":41,"requires_auth":9,"exploitdb":43,"metasploit":9},"44925","QEMU Guest Agent 2.12.50 - Denial of Service","exploit-database","https://www.exploit-db.com/exploits/44925",0.5,"dos",[42],"linux",{"verified":32,"type":40,"platform":42,"file":44,"codes":45},"exploits/linux/dos/44925.txt",[7],[],[],[49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81],{"_key":50},"SUSE-SU-2018:2037-1",{"_key":52},"SUSE-SU-2018:2056-1",{"_key":54},"SUSE-SU-2018:2069-1",{"_key":56},"SUSE-SU-2018:2528-1",{"_key":58},"SUSE-SU-2018:2556-1",{"_key":60},"SUSE-SU-2018:2565-1",{"_key":62},"SUSE-SU-2018:2615-1",{"_key":64},"SUSE-SU-2018:2650-1",{"_key":66},"SUSE-SU-2018:2679-1",{"_key":68},"SUSE-SU-2018:2973-1",{"_key":70},"SUSE-SU-2018:2973-2",{"_key":72},"SUSE-SU-2018:3555-1",{"_key":74},"UBUNTU-CVE-2018-12617",{"_key":76},"DLA-1694-1",{"_key":78},"DSA-4454-1",{"_key":80},"DEBIAN-CVE-2018-12617",{"_key":82},"USN-3826-1",[],[85,86,87,88,89,90,91,92,93,94,95,96],{"_key":50},{"_key":52},{"_key":54},{"_key":56},{"_key":58},{"_key":60},{"_key":62},{"_key":64},{"_key":66},{"_key":68},{"_key":70},{"_key":72},"2018-06-21T18:00:00.000Z","2024-08-05T08:38:06.342Z","Modified",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":101,"epss_score":102,"severity":103,"severity_score":104,"severity_version":105,"severity_source":106,"severity_vector":107,"severity_status":99},"medium",0.11739,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[109,117,122,128,133,139,144,149],{"url":110,"sources":111,"tags":113},"https://lists.debian.org/debian-lts-announce/2019/02/msg00041.html",[112,106],"cve.org",[114,115,116],"Mailing List","X Refsource MLIST","Third Party Advisory",{"url":29,"sources":118,"tags":119},[112,106],[120,121,116],"X Refsource MISC","Exploit",{"url":123,"sources":124,"tags":125},"https://usn.ubuntu.com/3826-1/",[112,106],[126,127,116],"Vendor Advisory","X Refsource UBUNTU",{"url":129,"sources":130,"tags":131},"https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg03385.html",[112,106],[120,114,132,116],"Patch",{"url":134,"sources":135,"tags":136},"http://www.securityfocus.com/bid/104531",[112,106],[137,138,116],"VDB Entry","X Refsource BID",{"url":140,"sources":141,"tags":142},"https://www.exploit-db.com/exploits/44925/",[112,106],[121,143,116,137],"X Refsource EXPLOIT DB",{"url":145,"sources":146,"tags":147},"https://www.debian.org/security/2019/dsa-4454",[112,106],[126,148,116],"X Refsource DEBIAN",{"url":150,"sources":151,"tags":152},"https://seclists.org/bugtraq/2019/May/76",[112,106],[114,153,116],"X Refsource BUGTRAQ",[],{"date":156,"score":102,"percentile":157},"2026-06-04",0.93828,[159,163,165,168,171,173,176,178,181,184,187,190,192,195,198,202,205,208,211,213,216,219,222,224,227,230,232,235,238,242,245,248,251,253,257,260,263,266,269,272,275,278,281,284,287,290,293,295,298,301,303,306,309,312,316,319,321,324,327,330,333,336,338,341,345,347,350,353,356,358,360,363,366,368,371,374,377,379,381,384,387,390,393,396,399,402,405,407,410,413],{"date":160,"score":161,"percentile":162},"2025-11-04",0.12692,0.93676,{"date":164,"score":161,"percentile":162},"2025-11-05",{"date":166,"score":161,"percentile":167},"2025-11-06",0.93679,{"date":169,"score":161,"percentile":170},"2025-11-07",0.93683,{"date":172,"score":161,"percentile":170},"2025-11-08",{"date":174,"score":161,"percentile":175},"2025-11-09",0.93682,{"date":177,"score":161,"percentile":170},"2025-11-10",{"date":179,"score":161,"percentile":180},"2025-11-11",0.93685,{"date":182,"score":161,"percentile":183},"2025-11-12",0.93691,{"date":185,"score":161,"percentile":186},"2025-11-13",0.93692,{"date":188,"score":161,"percentile":189},"2025-11-14",0.93695,{"date":191,"score":161,"percentile":186},"2025-11-15",{"date":193,"score":161,"percentile":194},"2025-11-16",0.93696,{"date":196,"score":161,"percentile":197},"2025-11-17",0.93694,{"date":199,"score":200,"percentile":201},"2025-11-18",0.4315,0.9734,{"date":203,"score":200,"percentile":204},"2025-11-19",0.97341,{"date":206,"score":200,"percentile":207},"2025-11-20",0.97342,{"date":209,"score":161,"percentile":210},"2025-11-21",0.93704,{"date":212,"score":161,"percentile":210},"2025-11-22",{"date":214,"score":161,"percentile":215},"2025-11-23",0.93709,{"date":217,"score":161,"percentile":218},"2025-11-24",0.93712,{"date":220,"score":161,"percentile":221},"2025-11-25",0.93713,{"date":223,"score":161,"percentile":218},"2025-11-26",{"date":225,"score":161,"percentile":226},"2025-11-27",0.93714,{"date":228,"score":161,"percentile":229},"2025-11-28",0.93708,{"date":231,"score":161,"percentile":218},"2025-11-29",{"date":233,"score":161,"percentile":234},"2025-11-30",0.93711,{"date":236,"score":161,"percentile":237},"2025-12-01",0.93752,{"date":239,"score":240,"percentile":241},"2025-12-02",0.18132,0.94963,{"date":243,"score":240,"percentile":244},"2025-12-03",0.94964,{"date":246,"score":240,"percentile":247},"2025-12-04",0.94917,{"date":249,"score":240,"percentile":250},"2025-12-05",0.94921,{"date":252,"score":240,"percentile":250},"2025-12-06",{"date":254,"score":255,"percentile":256},"2025-12-07",0.14194,0.94112,{"date":258,"score":255,"percentile":259},"2025-12-08",0.94114,{"date":261,"score":255,"percentile":262},"2025-12-09",0.94121,{"date":264,"score":255,"percentile":265},"2025-12-10",0.94129,{"date":267,"score":255,"percentile":268},"2025-12-11",0.9413,{"date":270,"score":255,"percentile":271},"2025-12-12",0.94133,{"date":273,"score":255,"percentile":274},"2025-12-13",0.94132,{"date":276,"score":255,"percentile":277},"2025-12-14",0.94131,{"date":279,"score":255,"percentile":280},"2025-12-15",0.94134,{"date":282,"score":255,"percentile":283},"2025-12-16",0.94138,{"date":285,"score":255,"percentile":286},"2025-12-17",0.9414,{"date":288,"score":255,"percentile":289},"2025-12-18",0.94146,{"date":291,"score":255,"percentile":292},"2025-12-19",0.94147,{"date":294,"score":255,"percentile":292},"2025-12-20",{"date":296,"score":255,"percentile":297},"2025-12-21",0.9415,{"date":299,"score":255,"percentile":300},"2025-12-22",0.94149,{"date":302,"score":255,"percentile":300},"2025-12-23",{"date":304,"score":255,"percentile":305},"2025-12-24",0.94153,{"date":307,"score":255,"percentile":308},"2025-12-25",0.94159,{"date":310,"score":255,"percentile":311},"2025-12-26",0.94158,{"date":313,"score":314,"percentile":315},"2025-12-27",0.15811,0.94542,{"date":317,"score":255,"percentile":318},"2025-12-28",0.94156,{"date":320,"score":255,"percentile":318},"2025-12-29",{"date":322,"score":255,"percentile":323},"2025-12-30",0.94157,{"date":325,"score":255,"percentile":326},"2025-12-31",0.94163,{"date":328,"score":255,"percentile":329},"2026-01-01",0.94205,{"date":331,"score":255,"percentile":332},"2026-01-02",0.94202,{"date":334,"score":255,"percentile":335},"2026-01-03",0.94197,{"date":337,"score":255,"percentile":311},"2026-01-04",{"date":339,"score":255,"percentile":340},"2026-01-05",0.94154,{"date":342,"score":343,"percentile":344},"2026-01-06",0.10988,0.9318,{"date":346,"score":343,"percentile":344},"2026-01-07",{"date":348,"score":343,"percentile":349},"2026-01-08",0.93183,{"date":351,"score":343,"percentile":352},"2026-01-09",0.93188,{"date":354,"score":343,"percentile":355},"2026-01-10",0.93189,{"date":357,"score":343,"percentile":355},"2026-01-11",{"date":359,"score":343,"percentile":352},"2026-01-12",{"date":361,"score":343,"percentile":362},"2026-01-13",0.93187,{"date":364,"score":343,"percentile":365},"2026-01-14",0.93196,{"date":367,"score":343,"percentile":365},"2026-01-15",{"date":369,"score":343,"percentile":370},"2026-01-16",0.932,{"date":372,"score":343,"percentile":373},"2026-01-17",0.93204,{"date":375,"score":343,"percentile":376},"2026-01-18",0.93199,{"date":378,"score":343,"percentile":370},"2026-01-19",{"date":380,"score":343,"percentile":370},"2026-01-20",{"date":382,"score":343,"percentile":383},"2026-01-21",0.93206,{"date":385,"score":343,"percentile":386},"2026-01-22",0.93208,{"date":388,"score":343,"percentile":389},"2026-01-23",0.93213,{"date":391,"score":343,"percentile":392},"2026-01-24",0.93218,{"date":394,"score":343,"percentile":395},"2026-01-25",0.9322,{"date":397,"score":343,"percentile":398},"2026-01-26",0.93222,{"date":400,"score":343,"percentile":401},"2026-01-27",0.93224,{"date":403,"score":343,"percentile":404},"2026-01-28",0.93229,{"date":406,"score":343,"percentile":404},"2026-01-29",{"date":408,"score":343,"percentile":409},"2026-01-30",0.93228,{"date":411,"score":343,"percentile":412},"2026-01-31",0.9323,{"date":414,"score":343,"percentile":415},"2026-02-01",0.93266,[417],{"source":106,"cvss_v2_0":418,"cvss_v3_0":9,"cvss_v3_1":423,"cvss_v4_0":9},{"baseScore":419,"baseSeverity":9,"vectorString":420,"impactScore":421,"exploitabilityScore":422},5,"AV:N/AC:L/Au:N/C:N/I:N/A:P",2.9,10,{"baseScore":104,"baseSeverity":424,"vectorString":107,"impactScore":425,"exploitabilityScore":422},"HIGH",6,[427,442,451],{"ecosystem":9,"name":428,"vendor":429,"product":430,"cpe_part":431,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":432},"ubuntu linux","canonical","ubuntu_linux","o",[433,436,438,440],{"version":434,"is_range":32,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":437,"is_range":32,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":439,"is_range":32,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":441,"is_range":32,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":443,"vendor":444,"product":445,"cpe_part":431,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":446},"debian linux","debian","debian_linux",[447,449],{"version":448,"is_range":32,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":450,"is_range":32,"range_type":435,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":452,"vendor":452,"product":452,"cpe_part":453,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":454},"qemu","a",[455],{"version":456,"is_range":457,"range_type":435,"version_start":9,"version_start_type":9,"version_end":458,"version_end_type":459,"fixed_in":9},"lte2.12.50",true,"2.12.50","including"]