[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-3812":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":79,"aliases":80,"duplicate_of":9,"upstream":81,"downstream":82,"duplicates":97,"related":98,"reserved_at":9,"published_at":102,"modified_at":103,"state":104,"summary":105,"references_raw":114,"kevs":165,"epss":166,"epss_history":169,"metrics":437,"affected":452},"CVE-2019-3812","QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.",null,[11,23],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],{"_key":24,"id":24,"name":25,"description":26,"type":15,"status":27,"abstraction":28,"likelihood_of_exploit":29,"capec":30},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","Stable","Class","High",[31,35,39,43,47,51,55,59,63,67,71,75],{"id":32,"name":33,"techniques":34},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":36,"name":37,"techniques":38},"CAPEC-100","Overflow Buffers",[],{"id":40,"name":41,"techniques":42},"CAPEC-123","Buffer Manipulation",[],{"id":44,"name":45,"techniques":46},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":48,"name":49,"techniques":50},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":52,"name":53,"techniques":54},"CAPEC-42","MIME Conversion",[],{"id":56,"name":57,"techniques":58},"CAPEC-44","Overflow Binary Resource File",[],{"id":60,"name":61,"techniques":62},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":64,"name":65,"techniques":66},"CAPEC-46","Overflow Variables and Tags",[],{"id":68,"name":69,"techniques":70},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":72,"name":73,"techniques":74},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":76,"name":77,"techniques":78},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[83,85,87,89,91,93,95],{"_key":84},"SUSE-SU-2019:1238-1",{"_key":86},"SUSE-SU-2019:1239-1",{"_key":88},"UBUNTU-CVE-2019-3812",{"_key":90},"USN-3923-1",{"_key":92},"OPENSUSE-SU-2019:1405-1",{"_key":94},"DSA-4454-1",{"_key":96},"DEBIAN-CVE-2019-3812",[],[99,100,101],{"_key":84},{"_key":86},{"_key":92},"2019-02-19T14:00:00.000Z","2024-08-04T19:19:18.499Z","Modified",{"cisa_kev":106,"cisa_ransomware":106,"cisa_vendor":9,"epss_severity":107,"epss_score":108,"severity":109,"severity_score":110,"severity_version":111,"severity_source":112,"severity_vector":113,"severity_status":104},false,"low",0.00073,"medium",5.5,"v3.0","nvd","CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",[115,124,130,136,141,145,151,155,160],{"url":116,"sources":117,"tags":119},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3812",[118,112],"cve.org",[120,121,122,123],"X Refsource CONFIRM","Issue Tracking","Patch","Third Party Advisory",{"url":125,"sources":126,"tags":127},"http://www.securityfocus.com/bid/107059",[118,112],[128,129,123],"VDB Entry","X Refsource BID",{"url":131,"sources":132,"tags":133},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/",[118,112],[134,135],"Vendor Advisory","X Refsource FEDORA",{"url":137,"sources":138,"tags":139},"https://usn.ubuntu.com/3923-1/",[118,112],[134,140,123],"X Refsource UBUNTU",{"url":142,"sources":143,"tags":144},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/",[118,112],[134,135],{"url":146,"sources":147,"tags":148},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00094.html",[118,112],[134,149,150,123],"X Refsource SUSE","Mailing List",{"url":152,"sources":153,"tags":154},"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00040.html",[118,112],[134,149],{"url":156,"sources":157,"tags":158},"https://www.debian.org/security/2019/dsa-4454",[118,112],[134,159],"X Refsource DEBIAN",{"url":161,"sources":162,"tags":163},"https://seclists.org/bugtraq/2019/May/76",[118,112],[150,164],"X Refsource BUGTRAQ",[],{"date":167,"score":108,"percentile":168},"2026-06-04",0.22328,[170,174,177,180,182,185,188,191,194,197,200,203,206,209,212,216,219,222,225,228,231,234,237,240,243,246,249,252,255,258,261,263,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,327,330,333,335,338,341,344,347,350,353,355,358,361,364,367,370,373,376,379,382,384,387,390,393,396,399,402,405,408,411,414,417,420,423,426,429,432,435],{"date":171,"score":172,"percentile":173},"2025-11-04",0.00078,0.238,{"date":175,"score":172,"percentile":176},"2025-11-05",0.23785,{"date":178,"score":172,"percentile":179},"2025-11-06",0.23791,{"date":181,"score":172,"percentile":173},"2025-11-07",{"date":183,"score":172,"percentile":184},"2025-11-08",0.2379,{"date":186,"score":172,"percentile":187},"2025-11-09",0.23737,{"date":189,"score":172,"percentile":190},"2025-11-10",0.23693,{"date":192,"score":172,"percentile":193},"2025-11-11",0.23708,{"date":195,"score":172,"percentile":196},"2025-11-12",0.23744,{"date":198,"score":172,"percentile":199},"2025-11-13",0.2374,{"date":201,"score":172,"percentile":202},"2025-11-14",0.23727,{"date":204,"score":172,"percentile":205},"2025-11-15",0.23712,{"date":207,"score":172,"percentile":208},"2025-11-16",0.23664,{"date":210,"score":172,"percentile":211},"2025-11-17",0.23623,{"date":213,"score":214,"percentile":215},"2025-11-18",0.00087,0.21067,{"date":217,"score":214,"percentile":218},"2025-11-19",0.21076,{"date":220,"score":214,"percentile":221},"2025-11-20",0.21048,{"date":223,"score":172,"percentile":224},"2025-11-21",0.23564,{"date":226,"score":172,"percentile":227},"2025-11-22",0.2356,{"date":229,"score":172,"percentile":230},"2025-11-23",0.23518,{"date":232,"score":172,"percentile":233},"2025-11-24",0.23483,{"date":235,"score":172,"percentile":236},"2025-11-25",0.23473,{"date":238,"score":172,"percentile":239},"2025-11-26",0.23458,{"date":241,"score":172,"percentile":242},"2025-11-27",0.23459,{"date":244,"score":172,"percentile":245},"2025-11-28",0.23438,{"date":247,"score":172,"percentile":248},"2025-11-29",0.2342,{"date":250,"score":172,"percentile":251},"2025-11-30",0.23413,{"date":253,"score":172,"percentile":254},"2025-12-01",0.23449,{"date":256,"score":172,"percentile":257},"2025-12-02",0.23466,{"date":259,"score":172,"percentile":260},"2025-12-03",0.23482,{"date":262,"score":172,"percentile":251},"2025-12-04",{"date":264,"score":265,"percentile":266},"2025-12-05",0.00076,0.23072,{"date":268,"score":265,"percentile":269},"2025-12-06",0.23071,{"date":271,"score":265,"percentile":272},"2025-12-07",0.23028,{"date":274,"score":265,"percentile":275},"2025-12-08",0.23036,{"date":277,"score":265,"percentile":278},"2025-12-09",0.23087,{"date":280,"score":265,"percentile":281},"2025-12-10",0.23159,{"date":283,"score":265,"percentile":284},"2025-12-11",0.23193,{"date":286,"score":265,"percentile":287},"2025-12-12",0.23201,{"date":289,"score":265,"percentile":290},"2025-12-13",0.23205,{"date":292,"score":265,"percentile":293},"2025-12-14",0.2317,{"date":295,"score":265,"percentile":296},"2025-12-15",0.23147,{"date":298,"score":265,"percentile":299},"2025-12-16",0.23169,{"date":301,"score":265,"percentile":302},"2025-12-17",0.23248,{"date":304,"score":265,"percentile":305},"2025-12-18",0.23282,{"date":307,"score":265,"percentile":308},"2025-12-19",0.23305,{"date":310,"score":265,"percentile":311},"2025-12-20",0.23277,{"date":313,"score":265,"percentile":314},"2025-12-21",0.23229,{"date":316,"score":265,"percentile":317},"2025-12-22",0.23198,{"date":319,"score":265,"percentile":320},"2025-12-23",0.23178,{"date":322,"score":265,"percentile":323},"2025-12-24",0.23194,{"date":325,"score":265,"percentile":326},"2025-12-25",0.23274,{"date":328,"score":265,"percentile":329},"2025-12-26",0.23255,{"date":331,"score":265,"percentile":332},"2025-12-27",0.23259,{"date":334,"score":265,"percentile":320},"2025-12-28",{"date":336,"score":265,"percentile":337},"2025-12-29",0.2315,{"date":339,"score":265,"percentile":340},"2025-12-30",0.23131,{"date":342,"score":265,"percentile":343},"2025-12-31",0.23189,{"date":345,"score":265,"percentile":346},"2026-01-01",0.23295,{"date":348,"score":265,"percentile":349},"2026-01-02",0.23285,{"date":351,"score":265,"percentile":352},"2026-01-03",0.23269,{"date":354,"score":265,"percentile":320},"2026-01-04",{"date":356,"score":265,"percentile":357},"2026-01-05",0.23162,{"date":359,"score":265,"percentile":360},"2026-01-06",0.23172,{"date":362,"score":265,"percentile":363},"2026-01-07",0.23209,{"date":365,"score":265,"percentile":366},"2026-01-08",0.23256,{"date":368,"score":265,"percentile":369},"2026-01-09",0.23244,{"date":371,"score":265,"percentile":372},"2026-01-10",0.23228,{"date":374,"score":265,"percentile":375},"2026-01-11",0.23199,{"date":377,"score":265,"percentile":378},"2026-01-12",0.23166,{"date":380,"score":265,"percentile":381},"2026-01-13",0.23143,{"date":383,"score":265,"percentile":287},"2026-01-14",{"date":385,"score":265,"percentile":386},"2026-01-15",0.23195,{"date":388,"score":265,"percentile":389},"2026-01-16",0.23227,{"date":391,"score":265,"percentile":392},"2026-01-17",0.23224,{"date":394,"score":265,"percentile":395},"2026-01-18",0.23168,{"date":397,"score":265,"percentile":398},"2026-01-19",0.23125,{"date":400,"score":108,"percentile":401},"2026-01-20",0.22515,{"date":403,"score":108,"percentile":404},"2026-01-21",0.22473,{"date":406,"score":108,"percentile":407},"2026-01-22",0.22453,{"date":409,"score":108,"percentile":410},"2026-01-23",0.22538,{"date":412,"score":108,"percentile":413},"2026-01-24",0.22559,{"date":415,"score":108,"percentile":416},"2026-01-25",0.22481,{"date":418,"score":108,"percentile":419},"2026-01-26",0.22374,{"date":421,"score":108,"percentile":422},"2026-01-27",0.22362,{"date":424,"score":108,"percentile":425},"2026-01-28",0.22365,{"date":427,"score":108,"percentile":428},"2026-01-29",0.22317,{"date":430,"score":108,"percentile":431},"2026-01-30",0.22314,{"date":433,"score":108,"percentile":434},"2026-01-31",0.22315,{"date":436,"score":108,"percentile":422},"2026-02-01",[438,445],{"source":118,"cvss_v2_0":9,"cvss_v3_0":439,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":440,"baseSeverity":441,"vectorString":442,"impactScore":443,"exploitabilityScore":444},4.4,"MEDIUM","CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",6,2.1,{"source":112,"cvss_v2_0":446,"cvss_v3_0":450,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":444,"baseSeverity":9,"vectorString":447,"impactScore":448,"exploitabilityScore":449},"AV:L/AC:L/Au:N/C:P/I:N/A:N",2.9,3.9,{"baseScore":110,"baseSeverity":441,"vectorString":113,"impactScore":443,"exploitabilityScore":451},4.6,[453,464,472,478,488],{"ecosystem":9,"name":454,"vendor":455,"product":456,"cpe_part":457,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":458},"ubuntu linux","canonical","ubuntu_linux","o",[459,462],{"version":460,"is_range":106,"range_type":461,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04","cpe",{"version":463,"is_range":106,"range_type":461,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":465,"vendor":466,"product":465,"cpe_part":457,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":467},"fedora","fedoraproject",[468,470],{"version":469,"is_range":106,"range_type":461,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"29",{"version":471,"is_range":106,"range_type":461,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"30",{"ecosystem":9,"name":473,"vendor":474,"product":473,"cpe_part":457,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":475},"leap","opensuse",[476],{"version":477,"is_range":106,"range_type":461,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":479,"vendor":479,"product":479,"cpe_part":480,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":481},"qemu","a",[482],{"version":483,"is_range":484,"range_type":461,"version_start":485,"version_start_type":486,"version_end":487,"version_end_type":486,"fixed_in":9},"gte2.10.0_lte3.1.0",true,"2.10.0","including","3.1.0",{"ecosystem":9,"name":479,"vendor":489,"product":479,"cpe_part":480,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":490},"the qemu project",[491],{"version":492,"is_range":484,"range_type":118,"version_start":9,"version_start_type":9,"version_end":493,"version_end_type":486,"fixed_in":9},"through version 2.10 and through to 3.1.0","version 2.10 and through to 3.1.0"]