[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-18501":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":118,"related":119,"reserved_at":9,"published_at":131,"modified_at":132,"state":133,"summary":134,"references_raw":143,"kevs":225,"epss":226,"epss_history":229,"metrics":485,"affected":494},"CVE-2018-18501","Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003C 60.5, Firefox ESR \u003C 60.5, and Firefox \u003C 65.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116],{"_key":73},"OPENSUSE-SU-2019:0249-1",{"_key":75},"RHSA-2019:0218",{"_key":77},"RHSA-2019:0219",{"_key":79},"OPENSUSE-SU-2024:10601-1",{"_key":81},"SUSE-SU-2019:0273-1",{"_key":83},"SUSE-SU-2019:0336-1",{"_key":85},"SUSE-SU-2019:0336-2",{"_key":87},"SUSE-SU-2019:0338-1",{"_key":89},"OPENSUSE-SU-2019:1758-1",{"_key":91},"OPENSUSE-SU-2024:10600-1",{"_key":93},"OPENSUSE-SU-2024:14572-1",{"_key":95},"DLA-1648-1",{"_key":97},"DLA-1678-1",{"_key":99},"DSA-4376-1",{"_key":101},"DSA-4392-1",{"_key":103},"MGASA-2019-0060",{"_key":105},"MGASA-2019-0069",{"_key":107},"UBUNTU-CVE-2018-18501",{"_key":109},"USN-3874-1",{"_key":111},"USN-3897-1",{"_key":113},"DEBIAN-CVE-2018-18501",{"_key":115},"RHSA-2019:0269",{"_key":117},"RHSA-2019:0270",[],[120,121,122,123,124,125,126,127,128,129,130],{"_key":73},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},{"_key":103},{"_key":105},"2019-02-05T21:00:00.000Z","2024-08-05T11:08:22.019Z","Modified",{"cisa_kev":135,"cisa_ransomware":135,"cisa_vendor":9,"epss_severity":136,"epss_score":137,"severity":138,"severity_score":139,"severity_version":140,"severity_source":141,"severity_vector":142,"severity_status":133},false,"low",0.05486,"critical",9.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[144,152,157,162,168,173,177,181,185,189,194,200,204,208,212,216,220],{"url":145,"sources":146,"tags":148},"https://access.redhat.com/errata/RHSA-2019:0219",[147,141],"cve.org",[149,150,151],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory",{"url":153,"sources":154,"tags":155},"https://www.mozilla.org/security/advisories/mfsa2019-01/",[147,141],[156,149],"X Refsource CONFIRM",{"url":158,"sources":159,"tags":160},"https://usn.ubuntu.com/3897-1/",[147,141],[149,161,151],"X Refsource UBUNTU",{"url":163,"sources":164,"tags":165},"http://www.securityfocus.com/bid/106781",[147,141],[166,167,151],"VDB Entry","X Refsource BID",{"url":169,"sources":170,"tags":171},"https://security.gentoo.org/glsa/201903-04",[147,141],[149,172,151],"X Refsource GENTOO",{"url":174,"sources":175,"tags":176},"https://usn.ubuntu.com/3874-1/",[147,141],[149,161,151],{"url":178,"sources":179,"tags":180},"https://access.redhat.com/errata/RHSA-2019:0269",[147,141],[149,150,151],{"url":182,"sources":183,"tags":184},"https://access.redhat.com/errata/RHSA-2019:0218",[147,141],[149,150,151],{"url":186,"sources":187,"tags":188},"https://www.mozilla.org/security/advisories/mfsa2019-02/",[147,141],[156,149],{"url":190,"sources":191,"tags":192},"https://www.debian.org/security/2019/dsa-4376",[147,141],[149,193,151],"X Refsource DEBIAN",{"url":195,"sources":196,"tags":197},"https://lists.debian.org/debian-lts-announce/2019/02/msg00024.html",[147,141],[198,199,151],"Mailing List","X Refsource MLIST",{"url":201,"sources":202,"tags":203},"https://lists.debian.org/debian-lts-announce/2019/01/msg00025.html",[147,141],[198,199,151],{"url":205,"sources":206,"tags":207},"https://www.mozilla.org/security/advisories/mfsa2019-03/",[147,141],[156,149],{"url":209,"sources":210,"tags":211},"https://www.debian.org/security/2019/dsa-4392",[147,141],[149,193,151],{"url":213,"sources":214,"tags":215},"https://access.redhat.com/errata/RHSA-2019:0270",[147,141],[149,150,151],{"url":217,"sources":218,"tags":219},"https://security.gentoo.org/glsa/201904-07",[147,141],[149,172],{"url":221,"sources":222,"tags":223},"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00021.html",[147,141],[149,224],"X Refsource SUSE",[],{"date":227,"score":137,"percentile":228},"2026-06-05",0.9039,[230,234,237,240,242,245,248,252,255,258,261,264,267,270,273,277,280,283,287,290,293,295,298,301,303,306,309,312,315,318,321,324,326,329,331,333,336,339,342,345,348,350,352,354,356,359,362,364,367,370,372,374,377,380,384,387,389,392,395,398,401,404,407,410,414,417,420,423,426,429,432,435,437,439,442,445,448,450,453,455,458,461,463,466,469,471,474,477,480,482],{"date":231,"score":232,"percentile":233},"2025-11-04",0.04733,0.88902,{"date":235,"score":232,"percentile":236},"2025-11-05",0.889,{"date":238,"score":232,"percentile":239},"2025-11-06",0.88893,{"date":241,"score":232,"percentile":236},"2025-11-07",{"date":243,"score":232,"percentile":244},"2025-11-08",0.88904,{"date":246,"score":232,"percentile":247},"2025-11-09",0.88901,{"date":249,"score":250,"percentile":251},"2025-11-10",0.04794,0.88975,{"date":253,"score":250,"percentile":254},"2025-11-11",0.88977,{"date":256,"score":250,"percentile":257},"2025-11-12",0.88983,{"date":259,"score":250,"percentile":260},"2025-11-13",0.88989,{"date":262,"score":250,"percentile":263},"2025-11-14",0.88991,{"date":265,"score":250,"percentile":266},"2025-11-15",0.88987,{"date":268,"score":250,"percentile":269},"2025-11-16",0.8899,{"date":271,"score":250,"percentile":272},"2025-11-17",0.88988,{"date":274,"score":275,"percentile":276},"2025-11-18",0.10616,0.92532,{"date":278,"score":275,"percentile":279},"2025-11-19",0.92535,{"date":281,"score":275,"percentile":282},"2025-11-20",0.92539,{"date":284,"score":285,"percentile":286},"2025-11-21",0.04707,0.88889,{"date":288,"score":285,"percentile":289},"2025-11-22",0.8889,{"date":291,"score":285,"percentile":292},"2025-11-23",0.88887,{"date":294,"score":285,"percentile":286},"2025-11-24",{"date":296,"score":285,"percentile":297},"2025-11-25",0.88892,{"date":299,"score":285,"percentile":300},"2025-11-26",0.88891,{"date":302,"score":285,"percentile":239},"2025-11-27",{"date":304,"score":285,"percentile":305},"2025-11-28",0.88886,{"date":307,"score":285,"percentile":308},"2025-11-29",0.88957,{"date":310,"score":285,"percentile":311},"2025-11-30",0.88953,{"date":313,"score":285,"percentile":314},"2025-12-01",0.89011,{"date":316,"score":285,"percentile":317},"2025-12-02",0.89012,{"date":319,"score":285,"percentile":320},"2025-12-03",0.8901,{"date":322,"score":285,"percentile":323},"2025-12-04",0.88952,{"date":325,"score":285,"percentile":323},"2025-12-05",{"date":327,"score":285,"percentile":328},"2025-12-06",0.88951,{"date":330,"score":285,"percentile":328},"2025-12-07",{"date":332,"score":285,"percentile":328},"2025-12-08",{"date":334,"score":285,"percentile":335},"2025-12-09",0.88958,{"date":337,"score":285,"percentile":338},"2025-12-10",0.88974,{"date":340,"score":285,"percentile":341},"2025-12-11",0.88976,{"date":343,"score":285,"percentile":344},"2025-12-12",0.88979,{"date":346,"score":285,"percentile":347},"2025-12-13",0.88981,{"date":349,"score":285,"percentile":347},"2025-12-14",{"date":351,"score":285,"percentile":257},"2025-12-15",{"date":353,"score":285,"percentile":257},"2025-12-16",{"date":355,"score":285,"percentile":266},"2025-12-17",{"date":357,"score":285,"percentile":358},"2025-12-18",0.88995,{"date":360,"score":285,"percentile":361},"2025-12-19",0.88998,{"date":363,"score":285,"percentile":358},"2025-12-20",{"date":365,"score":285,"percentile":366},"2025-12-21",0.89003,{"date":368,"score":285,"percentile":369},"2025-12-22",0.89002,{"date":371,"score":285,"percentile":366},"2025-12-23",{"date":373,"score":285,"percentile":320},"2025-12-24",{"date":375,"score":285,"percentile":376},"2025-12-25",0.89022,{"date":378,"score":285,"percentile":379},"2025-12-26",0.8902,{"date":381,"score":382,"percentile":383},"2025-12-27",0.02578,0.85196,{"date":385,"score":285,"percentile":386},"2025-12-28",0.89016,{"date":388,"score":285,"percentile":317},"2025-12-29",{"date":390,"score":285,"percentile":391},"2025-12-30",0.89018,{"date":393,"score":285,"percentile":394},"2025-12-31",0.89027,{"date":396,"score":285,"percentile":397},"2026-01-01",0.89092,{"date":399,"score":285,"percentile":400},"2026-01-02",0.89087,{"date":402,"score":285,"percentile":403},"2026-01-03",0.89084,{"date":405,"score":285,"percentile":406},"2026-01-04",0.89023,{"date":408,"score":285,"percentile":409},"2026-01-05",0.89021,{"date":411,"score":412,"percentile":413},"2026-01-06",0.04635,0.88939,{"date":415,"score":412,"percentile":416},"2026-01-07",0.88941,{"date":418,"score":412,"percentile":419},"2026-01-08",0.88948,{"date":421,"score":412,"percentile":422},"2026-01-09",0.88954,{"date":424,"score":412,"percentile":425},"2026-01-10",0.88955,{"date":427,"score":412,"percentile":428},"2026-01-11",0.88949,{"date":430,"score":412,"percentile":431},"2026-01-12",0.88946,{"date":433,"score":412,"percentile":434},"2026-01-13",0.88942,{"date":436,"score":412,"percentile":425},"2026-01-14",{"date":438,"score":412,"percentile":422},"2026-01-15",{"date":440,"score":412,"percentile":441},"2026-01-16",0.88961,{"date":443,"score":412,"percentile":444},"2026-01-17",0.88965,{"date":446,"score":412,"percentile":447},"2026-01-18",0.88962,{"date":449,"score":412,"percentile":335},"2026-01-19",{"date":451,"score":412,"percentile":452},"2026-01-20",0.8896,{"date":454,"score":412,"percentile":444},"2026-01-21",{"date":456,"score":412,"percentile":457},"2026-01-22",0.8897,{"date":459,"score":412,"percentile":460},"2026-01-23",0.88984,{"date":462,"score":412,"percentile":269},"2026-01-24",{"date":464,"score":412,"percentile":465},"2026-01-25",0.88992,{"date":467,"score":412,"percentile":468},"2026-01-26",0.88993,{"date":470,"score":412,"percentile":468},"2026-01-27",{"date":472,"score":412,"percentile":473},"2026-01-28",0.88996,{"date":475,"score":412,"percentile":476},"2026-01-29",0.88999,{"date":478,"score":412,"percentile":479},"2026-01-30",0.89001,{"date":481,"score":412,"percentile":361},"2026-01-31",{"date":483,"score":412,"percentile":484},"2026-02-01",0.89064,[486],{"source":141,"cvss_v2_0":487,"cvss_v3_0":492,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":488,"baseSeverity":9,"vectorString":489,"impactScore":490,"exploitabilityScore":491},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":139,"baseSeverity":493,"vectorString":142,"impactScore":139,"exploitabilityScore":491},"CRITICAL",[495,510,519,532,543,549,558,564,570,575],{"ecosystem":9,"name":496,"vendor":497,"product":498,"cpe_part":499,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":500},"ubuntu linux","canonical","ubuntu_linux","o",[501,504,506,508],{"version":502,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":505,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":507,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":509,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":511,"vendor":512,"product":513,"cpe_part":499,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":514},"debian linux","debian","debian_linux",[515,517],{"version":516,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":518,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":520,"vendor":9,"product":520,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":521},"Firefox",[522,527],{"version":523,"is_range":524,"range_type":503,"version_start":9,"version_start_type":9,"version_end":525,"version_end_type":526,"fixed_in":9},"lt65.0",true,"65.0","excluding",{"version":528,"is_range":524,"range_type":147,"version_start":529,"version_start_type":530,"version_end":531,"version_end_type":526,"fixed_in":9},">= unspecified, \u003C 65","unspecified","including","65",{"ecosystem":9,"name":533,"vendor":534,"product":535,"cpe_part":536,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":537},"firefox esr","mozilla","firefox_esr","a",[538,541],{"version":539,"is_range":524,"range_type":503,"version_start":9,"version_start_type":9,"version_end":540,"version_end_type":526,"fixed_in":9},"lt60.5","60.5",{"version":542,"is_range":524,"range_type":147,"version_start":529,"version_start_type":530,"version_end":540,"version_end_type":526,"fixed_in":9},">= unspecified, \u003C 60.5",{"ecosystem":9,"name":544,"vendor":534,"product":545,"cpe_part":536,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":546},"Thunderbird","thunderbird",[547,548],{"version":539,"is_range":524,"range_type":503,"version_start":9,"version_start_type":9,"version_end":540,"version_end_type":526,"fixed_in":9},{"version":542,"is_range":524,"range_type":147,"version_start":529,"version_start_type":530,"version_end":540,"version_end_type":526,"fixed_in":9},{"ecosystem":9,"name":550,"vendor":551,"product":552,"cpe_part":499,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":553},"enterprise linux desktop","redhat","enterprise_linux_desktop",[554,556],{"version":555,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":557,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":559,"vendor":551,"product":560,"cpe_part":499,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":561},"enterprise linux server","enterprise_linux_server",[562,563],{"version":555,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":557,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":565,"vendor":551,"product":566,"cpe_part":499,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":567},"enterprise linux server aus","enterprise_linux_server_aus",[568],{"version":569,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.6",{"ecosystem":9,"name":571,"vendor":551,"product":572,"cpe_part":499,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":573},"enterprise linux server eus","enterprise_linux_server_eus",[574],{"version":569,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":576,"vendor":551,"product":577,"cpe_part":499,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":578},"enterprise linux workstation","enterprise_linux_workstation",[579,580],{"version":555,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":557,"is_range":135,"range_type":503,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]