[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-18849":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":69,"related":70,"reserved_at":9,"published_at":87,"modified_at":88,"state":89,"summary":90,"references_raw":99,"kevs":157,"epss":158,"epss_history":161,"metrics":433,"affected":444},"CVE-2018-18849","In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67],{"_key":28},"SUSE-SU-2018:3912-1",{"_key":30},"SUSE-SU-2018:3973-2",{"_key":32},"SUSE-SU-2018:3927-1",{"_key":34},"SUSE-SU-2018:3973-1",{"_key":36},"SUSE-SU-2018:3975-1",{"_key":38},"SUSE-SU-2018:3987-1",{"_key":40},"SUSE-SU-2018:4070-1",{"_key":42},"SUSE-SU-2018:4129-1",{"_key":44},"SUSE-SU-2018:4185-1",{"_key":46},"SUSE-SU-2018:4237-1",{"_key":48},"SUSE-SU-2019:0003-1",{"_key":50},"SUSE-SU-2019:0020-1",{"_key":52},"SUSE-SU-2019:0825-1",{"_key":54},"SUSE-SU-2019:0827-1",{"_key":56},"SUSE-SU-2019:13921-1",{"_key":58},"SUSE-SU-2019:14011-1",{"_key":60},"UBUNTU-CVE-2018-18849",{"_key":62},"DLA-1781-1",{"_key":64},"DSA-4454-1",{"_key":66},"DEBIAN-CVE-2018-18849",{"_key":68},"USN-3826-1",[],[71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86],{"_key":28},{"_key":30},{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":48},{"_key":50},{"_key":52},{"_key":54},{"_key":56},{"_key":58},"2019-03-17T19:56:41.000Z","2024-08-05T11:23:08.494Z","Modified",{"cisa_kev":91,"cisa_ransomware":91,"cisa_vendor":9,"epss_severity":92,"epss_score":93,"severity":94,"severity_score":95,"severity_version":96,"severity_source":97,"severity_vector":98,"severity_status":89},false,"low",0.00051,"medium",5.5,"v3.0","nvd","CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[100,108,113,118,122,126,133,137,142,147,152],{"url":101,"sources":102,"tags":104},"https://usn.ubuntu.com/3826-1/",[103,97],"cve.org",[105,106,107],"Vendor Advisory","X Refsource UBUNTU","Third Party Advisory",{"url":109,"sources":110,"tags":111},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQIBTGNRDQEXGAAYHE4JIWFAYFNHZ6QP/",[103,97],[105,112],"X Refsource FEDORA",{"url":114,"sources":115,"tags":116},"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00028.html",[103,97],[105,117,107],"X Refsource SUSE",{"url":119,"sources":120,"tags":121},"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00043.html",[103,97],[105,117,107],{"url":123,"sources":124,"tags":125},"http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00004.html",[103,97],[105,117,107],{"url":127,"sources":128,"tags":129},"http://www.openwall.com/lists/oss-security/2018/11/01/1",[103,97],[130,131,132,107],"X Refsource MISC","Mailing List","Patch",{"url":134,"sources":135,"tags":136},"https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg06401.html",[103,97],[130,132,107],{"url":138,"sources":139,"tags":140},"https://security.netapp.com/advisory/ntap-20190411-0006/",[103,97],[141,107],"X Refsource CONFIRM",{"url":143,"sources":144,"tags":145},"https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html",[103,97],[131,146],"X Refsource MLIST",{"url":148,"sources":149,"tags":150},"https://www.debian.org/security/2019/dsa-4454",[103,97],[105,151],"X Refsource DEBIAN",{"url":153,"sources":154,"tags":155},"https://seclists.org/bugtraq/2019/May/76",[103,97],[131,156],"X Refsource BUGTRAQ",[],{"date":159,"score":93,"percentile":160},"2026-06-04",0.16282,[162,166,169,172,174,177,180,183,186,189,191,194,197,200,203,207,210,213,216,218,221,224,227,230,233,236,239,242,245,249,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,320,324,327,330,333,337,340,343,346,349,352,356,359,362,365,368,371,374,377,380,383,386,389,392,395,398,401,404,406,409,412,415,418,421,424,427,430],{"date":163,"score":164,"percentile":165},"2025-11-04",0.00095,0.27117,{"date":167,"score":164,"percentile":168},"2025-11-05",0.27104,{"date":170,"score":164,"percentile":171},"2025-11-06",0.27116,{"date":173,"score":164,"percentile":171},"2025-11-07",{"date":175,"score":164,"percentile":176},"2025-11-08",0.2711,{"date":178,"score":164,"percentile":179},"2025-11-09",0.27067,{"date":181,"score":164,"percentile":182},"2025-11-10",0.27033,{"date":184,"score":164,"percentile":185},"2025-11-11",0.27057,{"date":187,"score":164,"percentile":188},"2025-11-12",0.27103,{"date":190,"score":164,"percentile":176},"2025-11-13",{"date":192,"score":164,"percentile":193},"2025-11-14",0.27096,{"date":195,"score":164,"percentile":196},"2025-11-15",0.27084,{"date":198,"score":164,"percentile":199},"2025-11-16",0.2704,{"date":201,"score":164,"percentile":202},"2025-11-17",0.27007,{"date":204,"score":205,"percentile":206},"2025-11-18",0.00057,0.13361,{"date":208,"score":205,"percentile":209},"2025-11-19",0.13378,{"date":211,"score":205,"percentile":212},"2025-11-20",0.13395,{"date":214,"score":164,"percentile":215},"2025-11-21",0.27012,{"date":217,"score":164,"percentile":215},"2025-11-22",{"date":219,"score":164,"percentile":220},"2025-11-23",0.2697,{"date":222,"score":164,"percentile":223},"2025-11-24",0.26939,{"date":225,"score":164,"percentile":226},"2025-11-25",0.2693,{"date":228,"score":164,"percentile":229},"2025-11-26",0.2692,{"date":231,"score":164,"percentile":232},"2025-11-27",0.26929,{"date":234,"score":164,"percentile":235},"2025-11-28",0.26898,{"date":237,"score":164,"percentile":238},"2025-11-29",0.26882,{"date":240,"score":164,"percentile":241},"2025-11-30",0.26857,{"date":243,"score":164,"percentile":244},"2025-12-01",0.26912,{"date":246,"score":247,"percentile":248},"2025-12-02",0.00114,0.30774,{"date":250,"score":247,"percentile":251},"2025-12-03",0.30777,{"date":253,"score":247,"percentile":254},"2025-12-04",0.3068,{"date":256,"score":247,"percentile":257},"2025-12-05",0.3072,{"date":259,"score":247,"percentile":260},"2025-12-06",0.30721,{"date":262,"score":247,"percentile":263},"2025-12-07",0.30701,{"date":265,"score":247,"percentile":266},"2025-12-08",0.30711,{"date":268,"score":247,"percentile":269},"2025-12-09",0.30765,{"date":271,"score":247,"percentile":272},"2025-12-10",0.30827,{"date":274,"score":247,"percentile":275},"2025-12-11",0.30855,{"date":277,"score":247,"percentile":278},"2025-12-12",0.30883,{"date":280,"score":247,"percentile":281},"2025-12-13",0.30874,{"date":283,"score":247,"percentile":284},"2025-12-14",0.30848,{"date":286,"score":247,"percentile":287},"2025-12-15",0.30815,{"date":289,"score":247,"percentile":290},"2025-12-16",0.30837,{"date":292,"score":247,"percentile":293},"2025-12-17",0.30882,{"date":295,"score":247,"percentile":296},"2025-12-18",0.30929,{"date":298,"score":247,"percentile":299},"2025-12-19",0.30945,{"date":301,"score":247,"percentile":302},"2025-12-20",0.30924,{"date":304,"score":247,"percentile":305},"2025-12-21",0.30876,{"date":307,"score":247,"percentile":308},"2025-12-22",0.30838,{"date":310,"score":247,"percentile":311},"2025-12-23",0.30812,{"date":313,"score":247,"percentile":314},"2025-12-24",0.30811,{"date":316,"score":247,"percentile":317},"2025-12-25",0.30877,{"date":319,"score":247,"percentile":281},"2025-12-26",{"date":321,"score":322,"percentile":323},"2025-12-27",0.00125,0.32548,{"date":325,"score":247,"percentile":326},"2025-12-28",0.30801,{"date":328,"score":247,"percentile":329},"2025-12-29",0.30771,{"date":331,"score":247,"percentile":332},"2025-12-30",0.30768,{"date":334,"score":335,"percentile":336},"2025-12-31",0.00112,0.30467,{"date":338,"score":335,"percentile":339},"2026-01-01",0.30594,{"date":341,"score":335,"percentile":342},"2026-01-02",0.30586,{"date":344,"score":335,"percentile":345},"2026-01-03",0.30566,{"date":347,"score":335,"percentile":348},"2026-01-04",0.30436,{"date":350,"score":335,"percentile":351},"2026-01-05",0.30428,{"date":353,"score":354,"percentile":355},"2026-01-06",0.00047,0.14532,{"date":357,"score":354,"percentile":358},"2026-01-07",0.14568,{"date":360,"score":354,"percentile":361},"2026-01-08",0.14631,{"date":363,"score":354,"percentile":364},"2026-01-09",0.1464,{"date":366,"score":354,"percentile":367},"2026-01-10",0.1466,{"date":369,"score":354,"percentile":370},"2026-01-11",0.14572,{"date":372,"score":354,"percentile":373},"2026-01-12",0.14539,{"date":375,"score":354,"percentile":376},"2026-01-13",0.14523,{"date":378,"score":354,"percentile":379},"2026-01-14",0.14583,{"date":381,"score":354,"percentile":382},"2026-01-15",0.14578,{"date":384,"score":354,"percentile":385},"2026-01-16",0.14605,{"date":387,"score":354,"percentile":388},"2026-01-17",0.14622,{"date":390,"score":354,"percentile":391},"2026-01-18",0.14565,{"date":393,"score":354,"percentile":394},"2026-01-19",0.14496,{"date":396,"score":354,"percentile":397},"2026-01-20",0.14477,{"date":399,"score":354,"percentile":400},"2026-01-21",0.14466,{"date":402,"score":354,"percentile":403},"2026-01-22",0.1439,{"date":405,"score":354,"percentile":400},"2026-01-23",{"date":407,"score":354,"percentile":408},"2026-01-24",0.14504,{"date":410,"score":354,"percentile":411},"2026-01-25",0.14438,{"date":413,"score":354,"percentile":414},"2026-01-26",0.14355,{"date":416,"score":354,"percentile":417},"2026-01-27",0.14351,{"date":419,"score":354,"percentile":420},"2026-01-28",0.1436,{"date":422,"score":354,"percentile":423},"2026-01-29",0.14328,{"date":425,"score":354,"percentile":426},"2026-01-30",0.14333,{"date":428,"score":354,"percentile":429},"2026-01-31",0.14348,{"date":431,"score":354,"percentile":432},"2026-02-01",0.14362,[434],{"source":97,"cvss_v2_0":435,"cvss_v3_0":440,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":436,"baseSeverity":9,"vectorString":437,"impactScore":438,"exploitabilityScore":439},2.1,"AV:L/AC:L/Au:N/C:N/I:N/A:P",2.9,3.9,{"baseScore":95,"baseSeverity":441,"vectorString":98,"impactScore":442,"exploitabilityScore":443},"MEDIUM",6,4.6,[445,460,466,474],{"ecosystem":9,"name":446,"vendor":447,"product":448,"cpe_part":449,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":450},"ubuntu linux","canonical","ubuntu_linux","o",[451,454,456,458],{"version":452,"is_range":91,"range_type":453,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":455,"is_range":91,"range_type":453,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":457,"is_range":91,"range_type":453,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":459,"is_range":91,"range_type":453,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":461,"vendor":462,"product":461,"cpe_part":449,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":463},"fedora","fedoraproject",[464],{"version":465,"is_range":91,"range_type":453,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"29",{"ecosystem":9,"name":467,"vendor":468,"product":467,"cpe_part":449,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":469},"leap","opensuse",[470,472],{"version":471,"is_range":91,"range_type":453,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"version":473,"is_range":91,"range_type":453,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":475,"vendor":475,"product":475,"cpe_part":476,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":477},"qemu","a",[478],{"version":479,"is_range":91,"range_type":453,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.0.0"]