[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-15034":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":72,"aliases":73,"duplicate_of":9,"upstream":74,"downstream":75,"duplicates":90,"related":91,"reserved_at":9,"published_at":95,"modified_at":96,"state":97,"summary":98,"references_raw":107,"kevs":133,"epss":134,"epss_history":137,"metrics":393,"affected":404},"CVE-2019-15034","hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-120","Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.","weakness","Incomplete","Base","High",[20,24,28,32,36,40,44,48,52,56,60,64,68],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":33,"name":34,"techniques":35},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-42","MIME Conversion",[],{"id":41,"name":42,"techniques":43},"CAPEC-44","Overflow Binary Resource File",[],{"id":45,"name":46,"techniques":47},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":49,"name":50,"techniques":51},"CAPEC-46","Overflow Variables and Tags",[],{"id":53,"name":54,"techniques":55},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":57,"name":58,"techniques":59},"CAPEC-67","String Format Overflow in syslog()",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"id":69,"name":70,"techniques":71},"CAPEC-92","Forced Integer Overflow",[],[],[],[],[76,78,80,82,84,86,88],{"_key":77},"SUSE-SU-2020:0844-1",{"_key":79},"SUSE-SU-2020:0845-1",{"_key":81},"UBUNTU-CVE-2019-15034",{"_key":83},"OPENSUSE-SU-2020:0468-1",{"_key":85},"DSA-4665-1",{"_key":87},"USN-4372-1",{"_key":89},"DEBIAN-CVE-2019-15034",[],[92,93,94],{"_key":77},{"_key":79},{"_key":83},"2020-03-10T17:19:02.000Z","2024-08-05T00:34:53.171Z","Modified",{"cisa_kev":99,"cisa_ransomware":99,"cisa_vendor":9,"epss_severity":100,"epss_score":101,"severity":102,"severity_score":103,"severity_version":104,"severity_source":105,"severity_vector":106,"severity_status":97},false,"low",0.00191,"medium",5.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",[108,117,123,128],{"url":109,"sources":110,"tags":112},"https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01959.html",[111,105],"cve.org",[113,114,115,116],"X Refsource MISC","Mailing List","Patch","Third Party Advisory",{"url":118,"sources":119,"tags":120},"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html",[111,105],[121,122],"Vendor Advisory","X Refsource SUSE",{"url":124,"sources":125,"tags":126},"https://www.debian.org/security/2020/dsa-4665",[111,105],[121,127],"X Refsource DEBIAN",{"url":129,"sources":130,"tags":131},"https://usn.ubuntu.com/4372-1/",[111,105],[121,132],"X Refsource UBUNTU",[],{"date":135,"score":101,"percentile":136},"2026-06-04",0.40819,[138,141,144,147,150,153,156,159,162,165,168,170,173,175,178,182,185,188,191,193,196,199,202,205,207,210,213,216,218,221,224,227,230,233,236,239,242,244,247,250,253,256,259,261,264,267,270,273,276,278,281,284,287,290,292,294,297,300,303,306,309,312,315,318,321,324,327,330,333,335,338,341,344,347,349,352,355,358,361,363,366,369,371,374,377,379,382,385,388,391],{"date":139,"score":101,"percentile":140},"2025-11-04",0.41246,{"date":142,"score":101,"percentile":143},"2025-11-05",0.41235,{"date":145,"score":101,"percentile":146},"2025-11-06",0.41242,{"date":148,"score":101,"percentile":149},"2025-11-07",0.41269,{"date":151,"score":101,"percentile":152},"2025-11-08",0.41262,{"date":154,"score":101,"percentile":155},"2025-11-09",0.41241,{"date":157,"score":101,"percentile":158},"2025-11-10",0.41208,{"date":160,"score":101,"percentile":161},"2025-11-11",0.41224,{"date":163,"score":101,"percentile":164},"2025-11-12",0.41252,{"date":166,"score":101,"percentile":167},"2025-11-13",0.41266,{"date":169,"score":101,"percentile":167},"2025-11-14",{"date":171,"score":101,"percentile":172},"2025-11-15",0.41264,{"date":174,"score":101,"percentile":164},"2025-11-16",{"date":176,"score":101,"percentile":177},"2025-11-17",0.41222,{"date":179,"score":180,"percentile":181},"2025-11-18",0.00093,0.22428,{"date":183,"score":180,"percentile":184},"2025-11-19",0.2244,{"date":186,"score":180,"percentile":187},"2025-11-20",0.22447,{"date":189,"score":101,"percentile":190},"2025-11-21",0.41219,{"date":192,"score":101,"percentile":177},"2025-11-22",{"date":194,"score":101,"percentile":195},"2025-11-23",0.41197,{"date":197,"score":101,"percentile":198},"2025-11-24",0.41186,{"date":200,"score":101,"percentile":201},"2025-11-25",0.41199,{"date":203,"score":101,"percentile":204},"2025-11-26",0.41193,{"date":206,"score":101,"percentile":201},"2025-11-27",{"date":208,"score":101,"percentile":209},"2025-11-28",0.41174,{"date":211,"score":101,"percentile":212},"2025-11-29",0.41153,{"date":214,"score":101,"percentile":215},"2025-11-30",0.41127,{"date":217,"score":101,"percentile":140},"2025-12-01",{"date":219,"score":101,"percentile":220},"2025-12-02",0.41253,{"date":222,"score":101,"percentile":223},"2025-12-03",0.41255,{"date":225,"score":101,"percentile":226},"2025-12-04",0.41121,{"date":228,"score":101,"percentile":229},"2025-12-05",0.41147,{"date":231,"score":101,"percentile":232},"2025-12-06",0.41141,{"date":234,"score":101,"percentile":235},"2025-12-07",0.4112,{"date":237,"score":101,"percentile":238},"2025-12-08",0.41125,{"date":240,"score":101,"percentile":241},"2025-12-09",0.41163,{"date":243,"score":101,"percentile":190},"2025-12-10",{"date":245,"score":101,"percentile":246},"2025-12-11",0.41249,{"date":248,"score":101,"percentile":249},"2025-12-12",0.41279,{"date":251,"score":101,"percentile":252},"2025-12-13",0.4126,{"date":254,"score":101,"percentile":255},"2025-12-14",0.4122,{"date":257,"score":101,"percentile":258},"2025-12-15",0.41204,{"date":260,"score":101,"percentile":143},"2025-12-16",{"date":262,"score":101,"percentile":263},"2025-12-17",0.41277,{"date":265,"score":101,"percentile":266},"2025-12-18",0.41323,{"date":268,"score":101,"percentile":269},"2025-12-19",0.41338,{"date":271,"score":101,"percentile":272},"2025-12-20",0.41317,{"date":274,"score":101,"percentile":275},"2025-12-21",0.41276,{"date":277,"score":101,"percentile":220},"2025-12-22",{"date":279,"score":101,"percentile":280},"2025-12-23",0.41254,{"date":282,"score":101,"percentile":283},"2025-12-24",0.41273,{"date":285,"score":101,"percentile":286},"2025-12-25",0.41319,{"date":288,"score":101,"percentile":289},"2025-12-26",0.41298,{"date":291,"score":101,"percentile":286},"2025-12-27",{"date":293,"score":101,"percentile":190},"2025-12-28",{"date":295,"score":101,"percentile":296},"2025-12-29",0.41198,{"date":298,"score":101,"percentile":299},"2025-12-30",0.41189,{"date":301,"score":101,"percentile":302},"2025-12-31",0.41236,{"date":304,"score":101,"percentile":305},"2026-01-01",0.41373,{"date":307,"score":101,"percentile":308},"2026-01-02",0.41349,{"date":310,"score":101,"percentile":311},"2026-01-03",0.41339,{"date":313,"score":101,"percentile":314},"2026-01-04",0.4118,{"date":316,"score":101,"percentile":317},"2026-01-05",0.41157,{"date":319,"score":101,"percentile":320},"2026-01-06",0.41159,{"date":322,"score":101,"percentile":323},"2026-01-07",0.41182,{"date":325,"score":101,"percentile":326},"2026-01-08",0.41209,{"date":328,"score":101,"percentile":329},"2026-01-09",0.4119,{"date":331,"score":101,"percentile":332},"2026-01-10",0.41191,{"date":334,"score":101,"percentile":241},"2026-01-11",{"date":336,"score":101,"percentile":337},"2026-01-12",0.41116,{"date":339,"score":101,"percentile":340},"2026-01-13",0.41094,{"date":342,"score":101,"percentile":343},"2026-01-14",0.41143,{"date":345,"score":101,"percentile":346},"2026-01-15",0.41133,{"date":348,"score":101,"percentile":212},"2026-01-16",{"date":350,"score":101,"percentile":351},"2026-01-17",0.41132,{"date":353,"score":101,"percentile":354},"2026-01-18",0.41097,{"date":356,"score":101,"percentile":357},"2026-01-19",0.41066,{"date":359,"score":101,"percentile":360},"2026-01-20",0.41055,{"date":362,"score":101,"percentile":360},"2026-01-21",{"date":364,"score":101,"percentile":365},"2026-01-22",0.41046,{"date":367,"score":101,"percentile":368},"2026-01-23",0.41107,{"date":370,"score":101,"percentile":235},"2026-01-24",{"date":372,"score":101,"percentile":373},"2026-01-25",0.41071,{"date":375,"score":101,"percentile":376},"2026-01-26",0.41028,{"date":378,"score":101,"percentile":376},"2026-01-27",{"date":380,"score":101,"percentile":381},"2026-01-28",0.41026,{"date":383,"score":101,"percentile":384},"2026-01-29",0.41008,{"date":386,"score":101,"percentile":387},"2026-01-30",0.41016,{"date":389,"score":101,"percentile":390},"2026-01-31",0.41025,{"date":392,"score":101,"percentile":346},"2026-02-01",[394],{"source":105,"cvss_v2_0":395,"cvss_v3_0":9,"cvss_v3_1":400,"cvss_v4_0":9},{"baseScore":396,"baseSeverity":9,"vectorString":397,"impactScore":398,"exploitabilityScore":399},4.4,"AV:L/AC:M/Au:N/C:P/I:P/A:P",6.4,3.4,{"baseScore":103,"baseSeverity":401,"vectorString":106,"impactScore":402,"exploitabilityScore":403},"MEDIUM",7.8,2.6,[405],{"ecosystem":9,"name":406,"vendor":406,"product":406,"cpe_part":407,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":408},"qemu","a",[409],{"version":410,"is_range":99,"range_type":411,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0","cpe"]