[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-4206":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":91,"aliases":101,"duplicate_of":9,"upstream":102,"downstream":103,"duplicates":132,"related":133,"reserved_at":9,"published_at":141,"modified_at":142,"state":143,"summary":144,"references_raw":152,"kevs":186,"epss":187,"epss_history":190,"metrics":459,"affected":470},"CVE-2021-4206","A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.",null,[11,24,81],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],{"_key":25,"id":25,"name":26,"description":27,"type":15,"status":28,"abstraction":17,"likelihood_of_exploit":29,"capec":30},"CWE-120","Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.","Incomplete","High",[31,35,39,43,47,51,55,59,63,67,71,75,79],{"id":32,"name":33,"techniques":34},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":36,"name":37,"techniques":38},"CAPEC-100","Overflow Buffers",[],{"id":40,"name":41,"techniques":42},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":44,"name":45,"techniques":46},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":48,"name":49,"techniques":50},"CAPEC-42","MIME Conversion",[],{"id":52,"name":53,"techniques":54},"CAPEC-44","Overflow Binary Resource File",[],{"id":56,"name":57,"techniques":58},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":60,"name":61,"techniques":62},"CAPEC-46","Overflow Variables and Tags",[],{"id":64,"name":65,"techniques":66},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":68,"name":69,"techniques":70},"CAPEC-67","String Format Overflow in syslog()",[],{"id":72,"name":73,"techniques":74},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":76,"name":77,"techniques":78},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"id":21,"name":22,"techniques":80},[],{"_key":82,"id":82,"name":83,"description":84,"type":15,"status":85,"abstraction":17,"likelihood_of_exploit":29,"capec":86},"CWE-131","Incorrect Calculation of Buffer Size","The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.","Draft",[87,89],{"id":36,"name":37,"techniques":88},[],{"id":64,"name":65,"techniques":90},[],[92],{"_key":93,"name":94,"source":95,"url":96,"maturity":97,"reliability_score":98,"verified":99,"type":9,"platforms":100,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_62CE3DF6B543437D","Exploit Reference (starlabs.sg)","reference","https://starlabs.sg/advisories/21-4206/","unknown",0.2,false,[],[],[],[104,106,108,110,112,114,116,118,120,122,124,126,128,130],{"_key":105},"RHSA-2022:5002",{"_key":107},"RHSA-2022:5821",{"_key":109},"SUSE-SU-2022:3768-1",{"_key":111},"SUSE-SU-2023:0761-1",{"_key":113},"SUSE-SU-2023:2358-1",{"_key":115},"UBUNTU-CVE-2021-4206",{"_key":117},"SUSE-SU-2022:2254-1",{"_key":119},"SUSE-SU-2022:2260-1",{"_key":121},"SUSE-SU-2022:3594-1",{"_key":123},"OPENSUSE-SU-2024:12209-1",{"_key":125},"DLA-3099-1",{"_key":127},"DSA-5133-1",{"_key":129},"USN-5489-1",{"_key":131},"DEBIAN-CVE-2021-4206",[],[134,135,136,137,138,139,140],{"_key":109},{"_key":111},{"_key":113},{"_key":117},{"_key":119},{"_key":121},{"_key":123},"2022-04-29T16:19:09.000Z","2025-03-21T18:03:39.948Z","Modified",{"cisa_kev":99,"cisa_ransomware":99,"cisa_vendor":9,"epss_severity":145,"epss_score":146,"severity":147,"severity_score":148,"severity_version":149,"severity_source":150,"severity_vector":151,"severity_status":143},"low",0.00161,"high",8.2,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",[153,161,165,171,176,182],{"url":154,"sources":155,"tags":157},"https://bugzilla.redhat.com/show_bug.cgi?id=2036998",[156,150],"cve.org",[158,159,160],"X Refsource MISC","Issue Tracking","Third Party Advisory",{"url":96,"sources":162,"tags":163},[156,150],[158,164,160],"Exploit",{"url":166,"sources":167,"tags":168},"https://www.debian.org/security/2022/dsa-5133",[156,150],[169,170,160],"Vendor Advisory","X Refsource DEBIAN",{"url":172,"sources":173,"tags":174},"https://security.gentoo.org/glsa/202208-27",[156,150],[169,175,160],"X Refsource GENTOO",{"url":177,"sources":178,"tags":179},"https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html",[156,150],[180,181,160],"Mailing List","X Refsource MLIST",{"url":183,"sources":184,"tags":185},"https://security.netapp.com/advisory/ntap-20250321-0010/",[156,150],[],[],{"date":188,"score":146,"percentile":189},"2026-06-04",0.36757,[191,195,198,200,203,205,208,211,214,217,221,224,227,230,233,237,240,243,247,250,253,256,259,262,265,268,271,274,278,282,285,288,291,294,297,300,303,306,309,312,315,318,320,323,326,329,332,335,338,341,344,347,349,352,355,357,360,363,366,369,372,375,378,381,384,387,390,393,395,397,400,403,406,408,411,414,417,420,423,426,429,432,435,438,441,444,447,450,453,456],{"date":192,"score":193,"percentile":194},"2025-11-04",0.00165,0.38038,{"date":196,"score":193,"percentile":197},"2025-11-05",0.38032,{"date":199,"score":193,"percentile":197},"2025-11-06",{"date":201,"score":193,"percentile":202},"2025-11-07",0.38054,{"date":204,"score":193,"percentile":202},"2025-11-08",{"date":206,"score":193,"percentile":207},"2025-11-09",0.38036,{"date":209,"score":193,"percentile":210},"2025-11-10",0.37999,{"date":212,"score":193,"percentile":213},"2025-11-11",0.38021,{"date":215,"score":193,"percentile":216},"2025-11-12",0.38064,{"date":218,"score":219,"percentile":220},"2025-11-13",0.00121,0.31954,{"date":222,"score":219,"percentile":223},"2025-11-14",0.31957,{"date":225,"score":219,"percentile":226},"2025-11-15",0.31959,{"date":228,"score":219,"percentile":229},"2025-11-16",0.31924,{"date":231,"score":219,"percentile":232},"2025-11-17",0.31902,{"date":234,"score":235,"percentile":236},"2025-11-18",0.01114,0.76315,{"date":238,"score":235,"percentile":239},"2025-11-19",0.76321,{"date":241,"score":235,"percentile":242},"2025-11-20",0.76332,{"date":244,"score":245,"percentile":246},"2025-11-21",0.00125,0.32447,{"date":248,"score":245,"percentile":249},"2025-11-22",0.3245,{"date":251,"score":245,"percentile":252},"2025-11-23",0.32422,{"date":254,"score":245,"percentile":255},"2025-11-24",0.32396,{"date":257,"score":245,"percentile":258},"2025-11-25",0.32393,{"date":260,"score":245,"percentile":261},"2025-11-26",0.32395,{"date":263,"score":245,"percentile":264},"2025-11-27",0.32406,{"date":266,"score":245,"percentile":267},"2025-11-28",0.32387,{"date":269,"score":245,"percentile":270},"2025-11-29",0.3237,{"date":272,"score":245,"percentile":273},"2025-11-30",0.32345,{"date":275,"score":276,"percentile":277},"2025-12-01",0.00082,0.243,{"date":279,"score":280,"percentile":281},"2025-12-02",0.00079,0.23868,{"date":283,"score":280,"percentile":284},"2025-12-03",0.23881,{"date":286,"score":219,"percentile":287},"2025-12-04",0.31842,{"date":289,"score":219,"percentile":290},"2025-12-05",0.31878,{"date":292,"score":219,"percentile":293},"2025-12-06",0.3188,{"date":295,"score":219,"percentile":296},"2025-12-07",0.31853,{"date":298,"score":219,"percentile":299},"2025-12-08",0.31866,{"date":301,"score":219,"percentile":302},"2025-12-09",0.31919,{"date":304,"score":219,"percentile":305},"2025-12-10",0.31979,{"date":307,"score":219,"percentile":308},"2025-12-11",0.32015,{"date":310,"score":219,"percentile":311},"2025-12-12",0.32046,{"date":313,"score":219,"percentile":314},"2025-12-13",0.32033,{"date":316,"score":219,"percentile":317},"2025-12-14",0.32006,{"date":319,"score":219,"percentile":223},"2025-12-15",{"date":321,"score":219,"percentile":322},"2025-12-16",0.31975,{"date":324,"score":219,"percentile":325},"2025-12-17",0.32022,{"date":327,"score":219,"percentile":328},"2025-12-18",0.3207,{"date":330,"score":219,"percentile":331},"2025-12-19",0.32097,{"date":333,"score":219,"percentile":334},"2025-12-20",0.32076,{"date":336,"score":219,"percentile":337},"2025-12-21",0.32018,{"date":339,"score":219,"percentile":340},"2025-12-22",0.31987,{"date":342,"score":219,"percentile":343},"2025-12-23",0.31967,{"date":345,"score":219,"percentile":346},"2025-12-24",0.31961,{"date":348,"score":219,"percentile":314},"2025-12-25",{"date":350,"score":219,"percentile":351},"2025-12-26",0.32019,{"date":353,"score":146,"percentile":354},"2025-12-27",0.37692,{"date":356,"score":219,"percentile":220},"2025-12-28",{"date":358,"score":219,"percentile":359},"2025-12-29",0.31922,{"date":361,"score":219,"percentile":362},"2025-12-30",0.31916,{"date":364,"score":146,"percentile":365},"2025-12-31",0.3762,{"date":367,"score":280,"percentile":368},"2026-01-01",0.24051,{"date":370,"score":280,"percentile":371},"2026-01-02",0.24045,{"date":373,"score":280,"percentile":374},"2026-01-03",0.24024,{"date":376,"score":146,"percentile":377},"2026-01-04",0.37568,{"date":379,"score":146,"percentile":380},"2026-01-05",0.37545,{"date":382,"score":146,"percentile":383},"2026-01-06",0.37551,{"date":385,"score":146,"percentile":386},"2026-01-07",0.37578,{"date":388,"score":146,"percentile":389},"2026-01-08",0.37605,{"date":391,"score":146,"percentile":392},"2026-01-09",0.376,{"date":394,"score":146,"percentile":392},"2026-01-10",{"date":396,"score":146,"percentile":386},"2026-01-11",{"date":398,"score":146,"percentile":399},"2026-01-12",0.3753,{"date":401,"score":146,"percentile":402},"2026-01-13",0.37508,{"date":404,"score":146,"percentile":405},"2026-01-14",0.3756,{"date":407,"score":146,"percentile":383},"2026-01-15",{"date":409,"score":146,"percentile":410},"2026-01-16",0.37573,{"date":412,"score":146,"percentile":413},"2026-01-17",0.3755,{"date":415,"score":146,"percentile":416},"2026-01-18",0.37496,{"date":418,"score":146,"percentile":419},"2026-01-19",0.37447,{"date":421,"score":146,"percentile":422},"2026-01-20",0.37426,{"date":424,"score":146,"percentile":425},"2026-01-21",0.37407,{"date":427,"score":146,"percentile":428},"2026-01-22",0.37389,{"date":430,"score":146,"percentile":431},"2026-01-23",0.37451,{"date":433,"score":146,"percentile":434},"2026-01-24",0.37456,{"date":436,"score":146,"percentile":437},"2026-01-25",0.37399,{"date":439,"score":146,"percentile":440},"2026-01-26",0.37329,{"date":442,"score":146,"percentile":443},"2026-01-27",0.37325,{"date":445,"score":146,"percentile":446},"2026-01-28",0.37313,{"date":448,"score":146,"percentile":449},"2026-01-29",0.37286,{"date":451,"score":146,"percentile":452},"2026-01-30",0.37282,{"date":454,"score":146,"percentile":455},"2026-01-31",0.37281,{"date":457,"score":280,"percentile":458},"2026-02-01",0.2367,[460],{"source":150,"cvss_v2_0":461,"cvss_v3_0":9,"cvss_v3_1":466,"cvss_v4_0":9},{"baseScore":462,"baseSeverity":9,"vectorString":463,"impactScore":464,"exploitabilityScore":465},4.6,"AV:L/AC:L/Au:N/C:P/I:P/A:P",6.4,3.9,{"baseScore":148,"baseSeverity":467,"vectorString":151,"impactScore":468,"exploitabilityScore":469},"HIGH",10,3.8,[471,482,491],{"ecosystem":9,"name":472,"vendor":473,"product":474,"cpe_part":475,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":476},"debian linux","debian","debian_linux","o",[477,480],{"version":478,"is_range":99,"range_type":479,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"version":481,"is_range":99,"range_type":479,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"ecosystem":9,"name":483,"vendor":483,"product":483,"cpe_part":484,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":485},"qemu","a",[486],{"version":487,"is_range":488,"range_type":479,"version_start":9,"version_start_type":9,"version_end":489,"version_end_type":490,"fixed_in":9},"lt7.0.0",true,"7.0.0","excluding",{"ecosystem":9,"name":492,"vendor":493,"product":494,"cpe_part":475,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":495},"enterprise linux","redhat","enterprise_linux",[496],{"version":497,"is_range":99,"range_type":479,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0"]