Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:ebuild/mail-client/thunderbird-bin@3.22.2

Type ebuild

Namespace mail-client

Name thunderbird-bin

Version 3.22.2

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.12

Latest_non_vulnerable_version 128.9.0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-16z9-nfq6-cyfm

vulnerability_id VCID-16z9-nfq6-cyfm

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4489.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4489.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4489

reference_id

reference_type

scores

value	0.02203
scoring_system	epss
scoring_elements	0.84439
published_at	2026-04-13T12:55:00Z

value	0.02203
scoring_system	epss
scoring_elements	0.84367
published_at	2026-04-01T12:55:00Z

value	0.02203
scoring_system	epss
scoring_elements	0.84382
published_at	2026-04-02T12:55:00Z

value	0.02203
scoring_system	epss
scoring_elements	0.84402
published_at	2026-04-04T12:55:00Z

value	0.02203
scoring_system	epss
scoring_elements	0.84404
published_at	2026-04-07T12:55:00Z

value	0.02203
scoring_system	epss
scoring_elements	0.84426
published_at	2026-04-08T12:55:00Z

value	0.02203
scoring_system	epss
scoring_elements	0.84431
published_at	2026-04-09T12:55:00Z

value	0.02203
scoring_system	epss
scoring_elements	0.84449
published_at	2026-04-11T12:55:00Z

value	0.02203
scoring_system	epss
scoring_elements	0.84443
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252293
reference_id	1252293
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252293

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-90

reference_id

mfsa2015-90

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-90

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://access.redhat.com/errata/RHSA-2015:1682
reference_id	RHSA-2015:1682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1682

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

reference_url	https://usn.ubuntu.com/2712-1/
reference_id	USN-2712-1
reference_type
scores
url	https://usn.ubuntu.com/2712-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4489

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-16z9-nfq6-cyfm

url VCID-19cb-y1de-u3bn

vulnerability_id VCID-19cb-y1de-u3bn

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1957.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1957.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1957

reference_id

reference_type

scores

value	0.00355
scoring_system	epss
scoring_elements	0.57822
published_at	2026-04-13T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57713
published_at	2026-04-01T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57848
published_at	2026-04-09T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57864
published_at	2026-04-11T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57843
published_at	2026-04-12T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57797
published_at	2026-04-02T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57817
published_at	2026-04-04T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57791
published_at	2026-04-07T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57846
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1957

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1227052
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1227052

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-20.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-20.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315573
reference_id	1315573
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315573

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_id	cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1957

reference_id

CVE-2016-1957

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1957

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-20

reference_id

mfsa2016-20

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-20

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1957

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-19cb-y1de-u3bn

url VCID-26jx-pxqe-yucz

vulnerability_id VCID-26jx-pxqe-yucz

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://hg.mozilla.org/releases/mozilla-release/rev/80ce3f1ffe03
reference_id
reference_type
scores
url	http://hg.mozilla.org/releases/mozilla-release/rev/80ce3f1ffe03

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1958.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1958.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1958

reference_id

reference_type

scores

value	0.00619
scoring_system	epss
scoring_elements	0.69969
published_at	2026-04-13T12:55:00Z

value	0.00619
scoring_system	epss
scoring_elements	0.69906
published_at	2026-04-01T12:55:00Z

value	0.00619
scoring_system	epss
scoring_elements	0.69975
published_at	2026-04-09T12:55:00Z

value	0.00619
scoring_system	epss
scoring_elements	0.69998
published_at	2026-04-11T12:55:00Z

value	0.00619
scoring_system	epss
scoring_elements	0.69983
published_at	2026-04-12T12:55:00Z

value	0.00619
scoring_system	epss
scoring_elements	0.69918
published_at	2026-04-02T12:55:00Z

value	0.00619
scoring_system	epss
scoring_elements	0.69932
published_at	2026-04-04T12:55:00Z

value	0.00619
scoring_system	epss
scoring_elements	0.6991
published_at	2026-04-07T12:55:00Z

value	0.00619
scoring_system	epss
scoring_elements	0.69958
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1958

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1228754
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1228754

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-21.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-21.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315574
reference_id	1315574
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315574

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1958

reference_id

CVE-2016-1958

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1958

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-21

reference_id

mfsa2016-21

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-21

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1958

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26jx-pxqe-yucz

url VCID-2ms8-y2zb-wuhk

vulnerability_id VCID-2ms8-y2zb-wuhk

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1948

reference_id

reference_type

scores

value	0.00219
scoring_system	epss
scoring_elements	0.44543
published_at	2026-04-13T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44469
published_at	2026-04-01T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44555
published_at	2026-04-09T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44572
published_at	2026-04-11T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44542
published_at	2026-04-12T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.4454
published_at	2026-04-02T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44561
published_at	2026-04-04T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.445
published_at	2026-04-07T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.4455
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1948

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1235876
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1235876

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-12.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-12.html

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:43.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::
reference_id	cpe:2.3:o:google:android::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1948
reference_id	CVE-2016-1948
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1948

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1948

reference_id

CVE-2016-1948

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1948

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-12

reference_id

mfsa2016-12

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-12

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1948

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ms8-y2zb-wuhk

url VCID-2rn3-ydxb-5ugu

vulnerability_id VCID-2rn3-ydxb-5ugu

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4477.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4477.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4477

reference_id

reference_type

scores

value	0.0291
scoring_system	epss
scoring_elements	0.86369
published_at	2026-04-13T12:55:00Z

value	0.0291
scoring_system	epss
scoring_elements	0.86306
published_at	2026-04-01T12:55:00Z

value	0.0291
scoring_system	epss
scoring_elements	0.86316
published_at	2026-04-02T12:55:00Z

value	0.0291
scoring_system	epss
scoring_elements	0.86335
published_at	2026-04-04T12:55:00Z

value	0.0291
scoring_system	epss
scoring_elements	0.86336
published_at	2026-04-07T12:55:00Z

value	0.0291
scoring_system	epss
scoring_elements	0.86354
published_at	2026-04-08T12:55:00Z

value	0.0291
scoring_system	epss
scoring_elements	0.86363
published_at	2026-04-09T12:55:00Z

value	0.0291
scoring_system	epss
scoring_elements	0.86377
published_at	2026-04-11T12:55:00Z

value	0.0291
scoring_system	epss
scoring_elements	0.86375
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4477

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252277
reference_id	1252277
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252277

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4477
reference_id	CVE-2015-4477
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4477

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-81

reference_id

mfsa2015-81

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-81

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4477

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2rn3-ydxb-5ugu

url VCID-2w9f-avet-g7c5

vulnerability_id VCID-2w9f-avet-g7c5

summary

Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird, the worst of which may allow user-assisted execution of
    arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html

reference_url	http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1980.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1980.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1981.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1981.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7181.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7181.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-7181

reference_id

reference_type

scores

value	0.05021
scoring_system	epss
scoring_elements	0.89731
published_at	2026-04-13T12:55:00Z

value	0.05021
scoring_system	epss
scoring_elements	0.89689
published_at	2026-04-01T12:55:00Z

value	0.05021
scoring_system	epss
scoring_elements	0.8974
published_at	2026-04-11T12:55:00Z

value	0.05021
scoring_system	epss
scoring_elements	0.89738
published_at	2026-04-12T12:55:00Z

value	0.05021
scoring_system	epss
scoring_elements	0.89692
published_at	2026-04-02T12:55:00Z

value	0.05021
scoring_system	epss
scoring_elements	0.89706
published_at	2026-04-04T12:55:00Z

value	0.05021
scoring_system	epss
scoring_elements	0.89709
published_at	2026-04-07T12:55:00Z

value	0.05021
scoring_system	epss
scoring_elements	0.89726
published_at	2026-04-08T12:55:00Z

value	0.05021
scoring_system	epss
scoring_elements	0.89733
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7181

reference_url	https://bto.bluecoat.com/security-advisory/sa119
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa119

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1192028
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1192028

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes

reference_url	http://www.debian.org/security/2015/dsa-3393
reference_id
reference_type
scores
url	http://www.debian.org/security/2015/dsa-3393

reference_url	http://www.debian.org/security/2015/dsa-3410
reference_id
reference_type
scores
url	http://www.debian.org/security/2015/dsa-3410

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2015/mfsa2015-133.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2015/mfsa2015-133.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/77416
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/77416

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1034069
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034069

reference_url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753
reference_id
reference_type
scores
url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753

reference_url	http://www.ubuntu.com/usn/USN-2785-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2785-1

reference_url	http://www.ubuntu.com/usn/USN-2791-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2791-1

reference_url	http://www.ubuntu.com/usn/USN-2819-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2819-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1269345
reference_id	1269345
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1269345

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.0:::::::*
reference_id	cpe:2.3:a:mozilla:network_security_services:3.20.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-7181

reference_id

CVE-2015-7181

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2015-7181

reference_url	https://security.gentoo.org/glsa/201512-10
reference_id	GLSA-201512-10
reference_type
scores
url	https://security.gentoo.org/glsa/201512-10

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-133

reference_id

mfsa2015-133

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-133

reference_url	https://access.redhat.com/errata/RHSA-2015:1980
reference_id	RHSA-2015:1980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1980

reference_url	https://access.redhat.com/errata/RHSA-2015:1981
reference_id	RHSA-2015:1981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1981

reference_url	https://access.redhat.com/errata/RHSA-2015:2068
reference_id	RHSA-2015:2068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2068

reference_url	https://usn.ubuntu.com/2785-1/
reference_id	USN-2785-1
reference_type
scores
url	https://usn.ubuntu.com/2785-1/

reference_url	https://usn.ubuntu.com/2791-1/
reference_id	USN-2791-1
reference_type
scores
url	https://usn.ubuntu.com/2791-1/

reference_url	https://usn.ubuntu.com/2819-1/
reference_id	USN-2819-1
reference_type
scores
url	https://usn.ubuntu.com/2819-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.5.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.5.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.5.0

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-7181

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2w9f-avet-g7c5

url VCID-4azu-y4y6-nyff

vulnerability_id VCID-4azu-y4y6-nyff

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2794.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2794.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2794

reference_id

reference_type

scores

value	0.00875
scoring_system	epss
scoring_elements	0.75288
published_at	2026-04-13T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75235
published_at	2026-04-01T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.753
published_at	2026-04-09T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75321
published_at	2026-04-11T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75299
published_at	2026-04-12T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75238
published_at	2026-04-02T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.7527
published_at	2026-04-04T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75247
published_at	2026-04-07T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75289
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2794

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243526
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2794

reference_id

CVE-2016-2794

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2794

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2794

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4azu-y4y6-nyff

url VCID-4hnb-y6bt-4fb1

vulnerability_id VCID-4hnb-y6bt-4fb1

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2798.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2798.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2798

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2798

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248805
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2798

reference_id

CVE-2016-2798

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2798

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2798

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4hnb-y6bt-4fb1

url VCID-4yw5-k3au-33gf

vulnerability_id VCID-4yw5-k3au-33gf

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2714

reference_id

reference_type

scores

value	0.00101
scoring_system	epss
scoring_elements	0.27772
published_at	2026-04-13T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.2787
published_at	2026-04-01T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27924
published_at	2026-04-02T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27965
published_at	2026-04-04T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27757
published_at	2026-04-07T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27824
published_at	2026-04-08T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27866
published_at	2026-04-09T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27872
published_at	2026-04-11T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27829
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2714

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2714
reference_id	CVE-2015-2714
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2714

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-52

reference_id

mfsa2015-52

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-52

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2714

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4yw5-k3au-33gf

url VCID-51hn-ab8w-c7bn

vulnerability_id VCID-51hn-ab8w-c7bn

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2713.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2713.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2713

reference_id

reference_type

scores

value	0.01751
scoring_system	epss
scoring_elements	0.82558
published_at	2026-04-13T12:55:00Z

value	0.01751
scoring_system	epss
scoring_elements	0.8249
published_at	2026-04-01T12:55:00Z

value	0.01751
scoring_system	epss
scoring_elements	0.82504
published_at	2026-04-02T12:55:00Z

value	0.01751
scoring_system	epss
scoring_elements	0.82522
published_at	2026-04-04T12:55:00Z

value	0.01751
scoring_system	epss
scoring_elements	0.82519
published_at	2026-04-07T12:55:00Z

value	0.01751
scoring_system	epss
scoring_elements	0.82545
published_at	2026-04-08T12:55:00Z

value	0.01751
scoring_system	epss
scoring_elements	0.82552
published_at	2026-04-09T12:55:00Z

value	0.01751
scoring_system	epss
scoring_elements	0.82571
published_at	2026-04-11T12:55:00Z

value	0.01751
scoring_system	epss
scoring_elements	0.82564
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220605
reference_id	1220605
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220605

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-51

reference_id

mfsa2015-51

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-51

reference_url	https://access.redhat.com/errata/RHSA-2015:0988
reference_id	RHSA-2015:0988
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0988

reference_url	https://access.redhat.com/errata/RHSA-2015:1012
reference_id	RHSA-2015:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1012

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

reference_url	https://usn.ubuntu.com/2603-1/
reference_id	USN-2603-1
reference_type
scores
url	https://usn.ubuntu.com/2603-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2713

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-51hn-ab8w-c7bn

url VCID-55t4-7jnq-j7fx

vulnerability_id VCID-55t4-7jnq-j7fx

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2716.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2716.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2716

reference_id

reference_type

scores

value	0.05614
scoring_system	epss
scoring_elements	0.90326
published_at	2026-04-13T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90283
published_at	2026-04-01T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90286
published_at	2026-04-02T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90299
published_at	2026-04-04T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90303
published_at	2026-04-07T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90318
published_at	2026-04-08T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90325
published_at	2026-04-09T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90333
published_at	2026-04-11T12:55:00Z

value	0.05614
scoring_system	epss
scoring_elements	0.90332
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2716

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220607
reference_id	1220607
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220607

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-54

reference_id

mfsa2015-54

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-54

reference_url	https://access.redhat.com/errata/RHSA-2015:0988
reference_id	RHSA-2015:0988
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0988

reference_url	https://access.redhat.com/errata/RHSA-2015:1012
reference_id	RHSA-2015:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1012

reference_url	https://access.redhat.com/errata/RHSA-2020:1011
reference_id	RHSA-2020:1011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1011

reference_url	https://access.redhat.com/errata/RHSA-2020:2508
reference_id	RHSA-2020:2508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2508

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

reference_url	https://usn.ubuntu.com/2603-1/
reference_id	USN-2603-1
reference_type
scores
url	https://usn.ubuntu.com/2603-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2716

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-55t4-7jnq-j7fx

url VCID-5ead-13an-2kcs

vulnerability_id VCID-5ead-13an-2kcs

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2711.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2711.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2711

reference_id

reference_type

scores

value	0.00519
scoring_system	epss
scoring_elements	0.66796
published_at	2026-04-13T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66723
published_at	2026-04-01T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66761
published_at	2026-04-02T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66787
published_at	2026-04-04T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66758
published_at	2026-04-07T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66807
published_at	2026-04-08T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66822
published_at	2026-04-09T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66842
published_at	2026-04-11T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66828
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2711

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220603
reference_id	1220603
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2711
reference_id	CVE-2015-2711
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2711

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-49

reference_id

mfsa2015-49

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-49

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2711

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ead-13an-2kcs

url VCID-5wqt-2dtu-8qa4

vulnerability_id VCID-5wqt-2dtu-8qa4

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0495.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0495.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1950.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1950.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1950

reference_id

reference_type

scores

value	0.01867
scoring_system	epss
scoring_elements	0.8308
published_at	2026-04-13T12:55:00Z

value	0.01867
scoring_system	epss
scoring_elements	0.83014
published_at	2026-04-01T12:55:00Z

value	0.01867
scoring_system	epss
scoring_elements	0.83067
published_at	2026-04-08T12:55:00Z

value	0.01867
scoring_system	epss
scoring_elements	0.83074
published_at	2026-04-09T12:55:00Z

value	0.01867
scoring_system	epss
scoring_elements	0.8309
published_at	2026-04-11T12:55:00Z

value	0.01867
scoring_system	epss
scoring_elements	0.83084
published_at	2026-04-12T12:55:00Z

value	0.01867
scoring_system	epss
scoring_elements	0.83031
published_at	2026-04-02T12:55:00Z

value	0.01867
scoring_system	epss
scoring_elements	0.83044
published_at	2026-04-04T12:55:00Z

value	0.01867
scoring_system	epss
scoring_elements	0.83042
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1950

reference_url	https://bto.bluecoat.com/security-advisory/sa119
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa119

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1245528
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1245528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.3_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.3_release_notes

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://support.apple.com/HT206166
reference_id
reference_type
scores
url	https://support.apple.com/HT206166

reference_url	https://support.apple.com/HT206167
reference_id
reference_type
scores
url	https://support.apple.com/HT206167

reference_url	https://support.apple.com/HT206168
reference_id
reference_type
scores
url	https://support.apple.com/HT206168

reference_url	https://support.apple.com/HT206169
reference_id
reference_type
scores
url	https://support.apple.com/HT206169

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-35.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-35.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/84223
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84223

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2924-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2924-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1310509
reference_id	1310509
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1310509

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.19.2:::::::*
reference_id	cpe:2.3:a:mozilla:network_security_services:3.19.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.19.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20:::::::*
reference_id	cpe:2.3:a:mozilla:network_security_services:3.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.1:::::::*
reference_id	cpe:2.3:a:mozilla:network_security_services:3.20.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.21:::::::*
reference_id	cpe:2.3:a:mozilla:network_security_services:3.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:2.1.1:::::::*
reference_id	cpe:2.3:a:oracle:glassfish_server:2.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:2.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:::::::*
reference_id	cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_server:7.0:::::::*
reference_id	cpe:2.3:a:oracle:iplanet_web_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
reference_id	cpe:2.3:o:apple:tvos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
reference_id	cpe:2.3:o:apple:watchos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:::::::*
reference_id	cpe:2.3:o:oracle:vm_server:3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:::::::*

100

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1950

reference_id

CVE-2016-1950

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1950

101

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

102

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-35

reference_id

mfsa2016-35

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-35

103

reference_url	https://access.redhat.com/errata/RHSA-2016:0370
reference_id	RHSA-2016:0370
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0370

104

reference_url	https://access.redhat.com/errata/RHSA-2016:0371
reference_id	RHSA-2016:0371
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0371

105

reference_url	https://access.redhat.com/errata/RHSA-2016:0495
reference_id	RHSA-2016:0495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0495

106

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

107

reference_url	https://usn.ubuntu.com/2924-1/
reference_id	USN-2924-1
reference_type
scores
url	https://usn.ubuntu.com/2924-1/

108

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1950

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5wqt-2dtu-8qa4

url VCID-67my-umrg-wkgm

vulnerability_id VCID-67my-umrg-wkgm

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2802.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2802.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2802

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2802

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248804
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2802

reference_id

CVE-2016-2802

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2802

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2802

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-67my-umrg-wkgm

url VCID-6kac-5ery-wuew

vulnerability_id VCID-6kac-5ery-wuew

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4473.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4473.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4473

reference_id

reference_type

scores

value	0.03655
scoring_system	epss
scoring_elements	0.87819
published_at	2026-04-01T12:55:00Z

value	0.04054
scoring_system	epss
scoring_elements	0.88521
published_at	2026-04-13T12:55:00Z

value	0.04054
scoring_system	epss
scoring_elements	0.88518
published_at	2026-04-09T12:55:00Z

value	0.04054
scoring_system	epss
scoring_elements	0.88529
published_at	2026-04-11T12:55:00Z

value	0.04054
scoring_system	epss
scoring_elements	0.88474
published_at	2026-04-02T12:55:00Z

value	0.04054
scoring_system	epss
scoring_elements	0.88491
published_at	2026-04-04T12:55:00Z

value	0.04054
scoring_system	epss
scoring_elements	0.88495
published_at	2026-04-07T12:55:00Z

value	0.04054
scoring_system	epss
scoring_elements	0.88513
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252271
reference_id	1252271
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252271

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-79

reference_id

mfsa2015-79

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-79

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://access.redhat.com/errata/RHSA-2015:1682
reference_id	RHSA-2015:1682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1682

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

reference_url	https://usn.ubuntu.com/2712-1/
reference_id	USN-2712-1
reference_type
scores
url	https://usn.ubuntu.com/2712-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4473

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6kac-5ery-wuew

url VCID-7nng-abc2-fuep

vulnerability_id VCID-7nng-abc2-fuep

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1972.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1972.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1972

reference_id

reference_type

scores

value	0.00623
scoring_system	epss
scoring_elements	0.7014
published_at	2026-04-13T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70076
published_at	2026-04-01T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70128
published_at	2026-04-08T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70144
published_at	2026-04-09T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70167
published_at	2026-04-11T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70153
published_at	2026-04-12T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70088
published_at	2026-04-02T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70103
published_at	2026-04-04T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.7008
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1972

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1218124
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1218124

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html

reference_url	http://www.securityfocus.com/bid/84220
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84220

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780
reference_id	1315780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1972
reference_id	CVE-2016-1972
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1972

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1972

reference_id

CVE-2016-1972

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1972

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

reference_id

mfsa2016-32

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1972

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nng-abc2-fuep

url VCID-86q8-2yv7-efez

vulnerability_id VCID-86q8-2yv7-efez

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2790.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2790.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2790

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2790

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243464
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243464

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2790

reference_id

CVE-2016-2790

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2790

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2790

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-86q8-2yv7-efez

url VCID-89g9-adnb-jbcb

vulnerability_id VCID-89g9-adnb-jbcb

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
reference_id
reference_type
scores
url	http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00053.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00053.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00055.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00055.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0197.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0197.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0258.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0258.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0594.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0594.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1523.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1523.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1523

reference_id

reference_type

scores

value	0.01341
scoring_system	epss
scoring_elements	0.80022
published_at	2026-04-13T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.7997
published_at	2026-04-01T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.80026
published_at	2026-04-09T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.80046
published_at	2026-04-11T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.8003
published_at	2026-04-12T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.79977
published_at	2026-04-02T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.79999
published_at	2026-04-04T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.79989
published_at	2026-04-07T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.80017
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1523

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246093
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246093

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1521
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1521

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1522
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1522

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	http://www.debian.org/security/2016/dsa-3477
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3477

reference_url	http://www.debian.org/security/2016/dsa-3479
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3479

reference_url	http://www.debian.org/security/2016/dsa-3491
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3491

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-14.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-14.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/82991
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/82991

reference_url	http://www.securitytracker.com/id/1035017
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035017

reference_url	http://www.ubuntu.com/usn/USN-2902-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2902-1

reference_url	http://www.ubuntu.com/usn/USN-2904-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2904-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1305813
reference_id	1305813
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1305813

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.2:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:1.2.4:::::::*
reference_id	cpe:2.3:a:sil:graphite2:1.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:1.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1523

reference_id

CVE-2016-1523

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1523

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-35
reference_id	GLSA-201701-35
reference_type
scores
url	https://security.gentoo.org/glsa/201701-35

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-14

reference_id

mfsa2016-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-14

reference_url	https://access.redhat.com/errata/RHSA-2016:0197
reference_id	RHSA-2016:0197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0197

reference_url	https://access.redhat.com/errata/RHSA-2016:0258
reference_id	RHSA-2016:0258
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0258

reference_url	https://access.redhat.com/errata/RHSA-2016:0594
reference_id	RHSA-2016:0594
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0594

reference_url	https://usn.ubuntu.com/2902-1/
reference_id	USN-2902-1
reference_type
scores
url	https://usn.ubuntu.com/2902-1/

reference_url	https://usn.ubuntu.com/2904-1/
reference_id	USN-2904-1
reference_type
scores
url	https://usn.ubuntu.com/2904-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1523

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-89g9-adnb-jbcb

url VCID-89pc-vcy3-tkd7

vulnerability_id VCID-89pc-vcy3-tkd7

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2718.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2718.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2718

reference_id

reference_type

scores

value	0.00118
scoring_system	epss
scoring_elements	0.30733
published_at	2026-04-13T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30739
published_at	2026-04-01T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30865
published_at	2026-04-02T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30911
published_at	2026-04-04T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30731
published_at	2026-04-07T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30789
published_at	2026-04-08T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30821
published_at	2026-04-09T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30822
published_at	2026-04-11T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30778
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2718

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220609
reference_id	1220609
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2718
reference_id	CVE-2015-2718
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2718

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-56

reference_id

mfsa2015-56

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-56

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2718

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-89pc-vcy3-tkd7

url VCID-89xg-je2g-7fgg

vulnerability_id VCID-89xg-je2g-7fgg

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2709.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2709.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2709

reference_id

reference_type

scores

value	0.01077
scoring_system	epss
scoring_elements	0.77806
published_at	2026-04-13T12:55:00Z

value	0.01077
scoring_system	epss
scoring_elements	0.77746
published_at	2026-04-01T12:55:00Z

value	0.01077
scoring_system	epss
scoring_elements	0.77753
published_at	2026-04-02T12:55:00Z

value	0.01077
scoring_system	epss
scoring_elements	0.77779
published_at	2026-04-04T12:55:00Z

value	0.01077
scoring_system	epss
scoring_elements	0.77763
published_at	2026-04-07T12:55:00Z

value	0.01077
scoring_system	epss
scoring_elements	0.77791
published_at	2026-04-08T12:55:00Z

value	0.01077
scoring_system	epss
scoring_elements	0.77796
published_at	2026-04-09T12:55:00Z

value	0.01077
scoring_system	epss
scoring_elements	0.77822
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2709

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220599
reference_id	1220599
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220599

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2709
reference_id	CVE-2015-2709
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2709

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-46

reference_id

mfsa2015-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-46

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2709

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-89xg-je2g-7fgg

url VCID-92j3-c6tu-tkc9

vulnerability_id VCID-92j3-c6tu-tkc9

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1955.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1955.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1955

reference_id

reference_type

scores

value	0.00549
scoring_system	epss
scoring_elements	0.67924
published_at	2026-04-13T12:55:00Z

value	0.00549
scoring_system	epss
scoring_elements	0.67863
published_at	2026-04-01T12:55:00Z

value	0.00549
scoring_system	epss
scoring_elements	0.67935
published_at	2026-04-08T12:55:00Z

value	0.00549
scoring_system	epss
scoring_elements	0.67949
published_at	2026-04-09T12:55:00Z

value	0.00549
scoring_system	epss
scoring_elements	0.67973
published_at	2026-04-11T12:55:00Z

value	0.00549
scoring_system	epss
scoring_elements	0.6796
published_at	2026-04-12T12:55:00Z

value	0.00549
scoring_system	epss
scoring_elements	0.67886
published_at	2026-04-02T12:55:00Z

value	0.00549
scoring_system	epss
scoring_elements	0.67905
published_at	2026-04-04T12:55:00Z

value	0.00549
scoring_system	epss
scoring_elements	0.67885
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1955

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1208946
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1208946

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-18.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-18.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315570
reference_id	1315570
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315570

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_id	cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1955
reference_id	CVE-2016-1955
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1955

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1955

reference_id

CVE-2016-1955

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1955

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-18

reference_id

mfsa2016-18

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-18

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1955

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92j3-c6tu-tkc9

url VCID-94dz-rrv5-a3gk

vulnerability_id VCID-94dz-rrv5-a3gk

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1946.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1946.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1946

reference_id

reference_type

scores

value	0.03529
scoring_system	epss
scoring_elements	0.87658
published_at	2026-04-13T12:55:00Z

value	0.03529
scoring_system	epss
scoring_elements	0.87603
published_at	2026-04-01T12:55:00Z

value	0.03529
scoring_system	epss
scoring_elements	0.87654
published_at	2026-04-09T12:55:00Z

value	0.03529
scoring_system	epss
scoring_elements	0.87665
published_at	2026-04-11T12:55:00Z

value	0.03529
scoring_system	epss
scoring_elements	0.87661
published_at	2026-04-12T12:55:00Z

value	0.03529
scoring_system	epss
scoring_elements	0.87612
published_at	2026-04-02T12:55:00Z

value	0.03529
scoring_system	epss
scoring_elements	0.87626
published_at	2026-04-04T12:55:00Z

value	0.03529
scoring_system	epss
scoring_elements	0.87628
published_at	2026-04-07T12:55:00Z

value	0.03529
scoring_system	epss
scoring_elements	0.87648
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1946

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1232069
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1232069

reference_url	https://hg.mozilla.org/mozilla-central/rev/2a57c0a0cf19
reference_id
reference_type
scores
url	https://hg.mozilla.org/mozilla-central/rev/2a57c0a0cf19

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-10.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-10.html

reference_url	http://www.securityfocus.com/bid/81950
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81950

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301825
reference_id	1301825
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301825

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1946
reference_id	CVE-2016-1946
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1946

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1946

reference_id

CVE-2016-1946

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1946

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-10

reference_id

mfsa2016-10

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-10

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1946

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-94dz-rrv5-a3gk

url VCID-94py-4f6r-gbf9

vulnerability_id VCID-94py-4f6r-gbf9

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1952.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1952.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1952

reference_id

reference_type

scores

value	0.00321
scoring_system	epss
scoring_elements	0.55154
published_at	2026-04-13T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.5503
published_at	2026-04-01T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.5518
published_at	2026-04-09T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55191
published_at	2026-04-11T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55173
published_at	2026-04-12T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55132
published_at	2026-04-02T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55155
published_at	2026-04-04T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.5513
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1952

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1123661
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1123661

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1221872
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1221872

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224979
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224979

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234578
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234578

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1241217
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1241217

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1242279
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1242279

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1244250
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1244250

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1244995
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1244995

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249685
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-16.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-16.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315566
reference_id	1315566
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315566

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_id	cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1952

reference_id

CVE-2016-1952

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1952

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-16

reference_id

mfsa2016-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-16

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1952

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-94py-4f6r-gbf9

url VCID-9mux-fuyc-a7dx

vulnerability_id VCID-9mux-fuyc-a7dx

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1938.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1938.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1938

reference_id

reference_type

scores

value	0.01048
scoring_system	epss
scoring_elements	0.77513
published_at	2026-04-13T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77455
published_at	2026-04-01T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77506
published_at	2026-04-09T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77532
published_at	2026-04-11T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77516
published_at	2026-04-12T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77461
published_at	2026-04-02T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77486
published_at	2026-04-04T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77467
published_at	2026-04-07T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77497
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1938

reference_url	https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html
reference_id
reference_type
scores
url	https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1190248
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1190248

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1194947
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1194947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes

reference_url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c
reference_id
reference_type
scores
url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c

reference_url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c
reference_id
reference_type
scores
url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c

reference_url	https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c
reference_id
reference_type
scores
url	https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-07.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-07.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.securityfocus.com/bid/81955
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81955

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	http://www.ubuntu.com/usn/USN-2903-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2903-1

reference_url	http://www.ubuntu.com/usn/USN-2903-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2903-2

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1305159
reference_id	1305159
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1305159

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:nss::::::::
reference_id	cpe:2.3:a:mozilla:nss::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:nss::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
reference_id	CVE-2016-1938
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1938

reference_id

CVE-2016-1938

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1938

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-46
reference_id	GLSA-201701-46
reference_type
scores
url	https://security.gentoo.org/glsa/201701-46

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-07

reference_id

mfsa2016-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-07

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

reference_url	https://usn.ubuntu.com/2903-1/
reference_id	USN-2903-1
reference_type
scores
url	https://usn.ubuntu.com/2903-1/

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1938

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mux-fuyc-a7dx

url VCID-b3uc-t8zd-2kbs

vulnerability_id VCID-b3uc-t8zd-2kbs

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00102.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00102.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00142.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00142.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1949.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1949.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1949

reference_id

reference_type

scores

value	0.00179
scoring_system	epss
scoring_elements	0.3952
published_at	2026-04-13T12:55:00Z

value	0.00179
scoring_system	epss
scoring_elements	0.39393
published_at	2026-04-01T12:55:00Z

value	0.00179
scoring_system	epss
scoring_elements	0.39565
published_at	2026-04-09T12:55:00Z

value	0.00179
scoring_system	epss
scoring_elements	0.39575
published_at	2026-04-11T12:55:00Z

value	0.00179
scoring_system	epss
scoring_elements	0.39537
published_at	2026-04-12T12:55:00Z

value	0.00179
scoring_system	epss
scoring_elements	0.39555
published_at	2026-04-02T12:55:00Z

value	0.00179
scoring_system	epss
scoring_elements	0.39579
published_at	2026-04-04T12:55:00Z

value	0.00179
scoring_system	epss
scoring_elements	0.39494
published_at	2026-04-07T12:55:00Z

value	0.00179
scoring_system	epss
scoring_elements	0.39549
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1949

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1245724
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1245724

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-13.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-13.html

reference_url	http://www.securitytracker.com/id/1035007
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035007

reference_url	http://www.ubuntu.com/usn/USN-2893-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2893-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1306856
reference_id	1306856
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1306856

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1949
reference_id	CVE-2016-1949
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1949

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1949

reference_id

CVE-2016-1949

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1949

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-13

reference_id

mfsa2016-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-13

reference_url	https://usn.ubuntu.com/2893-1/
reference_id	USN-2893-1
reference_type
scores
url	https://usn.ubuntu.com/2893-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1949

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b3uc-t8zd-2kbs

url VCID-b59k-h9kd-rygx

vulnerability_id VCID-b59k-h9kd-rygx

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1931.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1931.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1931

reference_id

reference_type

scores

value	0.0254
scoring_system	epss
scoring_elements	0.85461
published_at	2026-04-13T12:55:00Z

value	0.0254
scoring_system	epss
scoring_elements	0.85387
published_at	2026-04-01T12:55:00Z

value	0.0254
scoring_system	epss
scoring_elements	0.85452
published_at	2026-04-09T12:55:00Z

value	0.0254
scoring_system	epss
scoring_elements	0.85466
published_at	2026-04-11T12:55:00Z

value	0.0254
scoring_system	epss
scoring_elements	0.85464
published_at	2026-04-12T12:55:00Z

value	0.0254
scoring_system	epss
scoring_elements	0.854
published_at	2026-04-02T12:55:00Z

value	0.0254
scoring_system	epss
scoring_elements	0.85419
published_at	2026-04-04T12:55:00Z

value	0.0254
scoring_system	epss
scoring_elements	0.85423
published_at	2026-04-07T12:55:00Z

value	0.0254
scoring_system	epss
scoring_elements	0.85444
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1931

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1180064
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1180064

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1186973
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1186973

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1206675
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1206675

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1207298
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1207298

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209358
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209358

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209365
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209365

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209366
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209366

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209368
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209368

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209546
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209546

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1222015
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1222015

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1229825
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1229825

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1231121
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1231121

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234576
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234576

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-01.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-01.html

reference_url	http://www.securityfocus.com/bid/81953
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81953

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301819
reference_id	1301819
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301819

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1931
reference_id	CVE-2016-1931
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1931

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1931

reference_id

CVE-2016-1931

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	10.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1931

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-01

reference_id

mfsa2016-01

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-01

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1931

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b59k-h9kd-rygx

url VCID-bwm1-yauc-xudu

vulnerability_id VCID-bwm1-yauc-xudu

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2801.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2801.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2801

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2801

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249920
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2801

reference_id

CVE-2016-2801

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2801

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2801

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bwm1-yauc-xudu

url VCID-c83b-ttr4-83em

vulnerability_id VCID-c83b-ttr4-83em

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2797.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2797.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2797

reference_id

reference_type

scores

value	0.00562
scoring_system	epss
scoring_elements	0.6834
published_at	2026-04-13T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68276
published_at	2026-04-01T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.6836
published_at	2026-04-09T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68386
published_at	2026-04-11T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-12T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68296
published_at	2026-04-02T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68316
published_at	2026-04-04T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68292
published_at	2026-04-07T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68343
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2797

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243823
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2797

reference_id

CVE-2016-2797

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2797

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2797

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c83b-ttr4-83em

url VCID-cmd5-hzau-9bb1

vulnerability_id VCID-cmd5-hzau-9bb1

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1941

reference_id

reference_type

scores

value	0.00248
scoring_system	epss
scoring_elements	0.48075
published_at	2026-04-13T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48008
published_at	2026-04-01T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48063
published_at	2026-04-09T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48087
published_at	2026-04-11T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48064
published_at	2026-04-12T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48046
published_at	2026-04-02T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48067
published_at	2026-04-04T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48016
published_at	2026-04-07T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48069
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1941

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1116385
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1116385

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-08.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-08.html

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1941
reference_id	CVE-2016-1941
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1941

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1941

reference_id

CVE-2016-1941

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1941

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-08

reference_id

mfsa2016-08

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-08

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1941

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cmd5-hzau-9bb1

url VCID-dk4z-1j37-aucx

vulnerability_id VCID-dk4z-1j37-aucx

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0591.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0591.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0684.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0684.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0685.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0685.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1979

reference_id

reference_type

scores

value	0.00707
scoring_system	epss
scoring_elements	0.72159
published_at	2026-04-13T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72113
published_at	2026-04-01T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72165
published_at	2026-04-09T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72188
published_at	2026-04-11T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72172
published_at	2026-04-12T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72119
published_at	2026-04-02T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72139
published_at	2026-04-04T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72117
published_at	2026-04-07T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72153
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1979

reference_url	https://bto.bluecoat.com/security-advisory/sa124
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa124

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1185033
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1185033

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes

reference_url	http://www.debian.org/security/2016/dsa-3576
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3576

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-36.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-36.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/84221
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84221

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315202
reference_id	1315202
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315202

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
reference_id	CVE-2016-1979
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1979

reference_id

CVE-2016-1979

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1979

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-36

reference_id

mfsa2016-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-36

reference_url	https://access.redhat.com/errata/RHSA-2016:0591
reference_id	RHSA-2016:0591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0591

reference_url	https://access.redhat.com/errata/RHSA-2016:0684
reference_id	RHSA-2016:0684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0684

reference_url	https://access.redhat.com/errata/RHSA-2016:0685
reference_id	RHSA-2016:0685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0685

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1979

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dk4z-1j37-aucx

url VCID-drq5-6jps-skax

vulnerability_id VCID-drq5-6jps-skax

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4491.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4491.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4491

reference_id

reference_type

scores

value	0.04296
scoring_system	epss
scoring_elements	0.88871
published_at	2026-04-13T12:55:00Z

value	0.04296
scoring_system	epss
scoring_elements	0.88815
published_at	2026-04-01T12:55:00Z

value	0.04296
scoring_system	epss
scoring_elements	0.88864
published_at	2026-04-09T12:55:00Z

value	0.04296
scoring_system	epss
scoring_elements	0.88876
published_at	2026-04-11T12:55:00Z

value	0.04296
scoring_system	epss
scoring_elements	0.88823
published_at	2026-04-02T12:55:00Z

value	0.04296
scoring_system	epss
scoring_elements	0.88839
published_at	2026-04-04T12:55:00Z

value	0.04296
scoring_system	epss
scoring_elements	0.88841
published_at	2026-04-07T12:55:00Z

value	0.04296
scoring_system	epss
scoring_elements	0.88859
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4491

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252290
reference_id	1252290
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252290

reference_url	https://security.gentoo.org/glsa/201512-05
reference_id	GLSA-201512-05
reference_type
scores
url	https://security.gentoo.org/glsa/201512-05

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-88

reference_id

mfsa2015-88

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-88

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://access.redhat.com/errata/RHSA-2015:1682
reference_id	RHSA-2015:1682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1682

reference_url	https://access.redhat.com/errata/RHSA-2015:1694
reference_id	RHSA-2015:1694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1694

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

reference_url	https://usn.ubuntu.com/2712-1/
reference_id	USN-2712-1
reference_type
scores
url	https://usn.ubuntu.com/2712-1/

reference_url	https://usn.ubuntu.com/2722-1/
reference_id	USN-2722-1
reference_type
scores
url	https://usn.ubuntu.com/2722-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4491

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-drq5-6jps-skax

url VCID-ecm1-2298-mkfm

vulnerability_id VCID-ecm1-2298-mkfm

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2799.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2799.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2799

reference_id

reference_type

scores

value	0.00646
scoring_system	epss
scoring_elements	0.70703
published_at	2026-04-13T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.7064
published_at	2026-04-01T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70712
published_at	2026-04-09T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70735
published_at	2026-04-11T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70718
published_at	2026-04-12T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70655
published_at	2026-04-02T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70673
published_at	2026-04-04T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70651
published_at	2026-04-07T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70696
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2799

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249081
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2799

reference_id

CVE-2016-2799

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2799

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2799

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ecm1-2298-mkfm

url VCID-ezh3-6eqd-q3eb

vulnerability_id VCID-ezh3-6eqd-q3eb

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1937.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1937.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1937

reference_id

reference_type

scores

value	0.00353
scoring_system	epss
scoring_elements	0.5767
published_at	2026-04-13T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57556
published_at	2026-04-01T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57696
published_at	2026-04-09T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57711
published_at	2026-04-11T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.5769
published_at	2026-04-12T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57641
published_at	2026-04-02T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57663
published_at	2026-04-04T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57638
published_at	2026-04-07T12:55:00Z

value	0.00353
scoring_system	epss
scoring_elements	0.57693
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1937

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=724353
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=724353

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-06.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-06.html

reference_url	http://www.securityfocus.com/bid/81957
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81957

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301823
reference_id	1301823
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301823

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1937
reference_id	CVE-2016-1937
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1937

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1937

reference_id

CVE-2016-1937

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1937

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-06

reference_id

mfsa2016-06

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-06

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1937

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezh3-6eqd-q3eb

url VCID-fjam-jfc1-pkbv

vulnerability_id VCID-fjam-jfc1-pkbv

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2795.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2795

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2795

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243597
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243597

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2795

reference_id

CVE-2016-2795

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2795

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2795

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fjam-jfc1-pkbv

url VCID-fjdm-u6fm-y7eq

vulnerability_id VCID-fjdm-u6fm-y7eq

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1940

reference_id

reference_type

scores

value	0.00322
scoring_system	epss
scoring_elements	0.55331
published_at	2026-04-13T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55204
published_at	2026-04-01T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.5536
published_at	2026-04-09T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55371
published_at	2026-04-11T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55349
published_at	2026-04-12T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55303
published_at	2026-04-02T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55327
published_at	2026-04-04T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55309
published_at	2026-04-07T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55359
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1940

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1208525
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1208525

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-05.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-05.html

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::
reference_id	cpe:2.3:o:google:android::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1940
reference_id	CVE-2016-1940
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1940

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1940

reference_id

CVE-2016-1940

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1940

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-05

reference_id

mfsa2016-05

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-05

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1940

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fjdm-u6fm-y7eq

url VCID-gaq6-9xu7-n7fk

vulnerability_id VCID-gaq6-9xu7-n7fk

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4480.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4480.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4480

reference_id

reference_type

scores

value	0.02284
scoring_system	epss
scoring_elements	0.84694
published_at	2026-04-13T12:55:00Z

value	0.02284
scoring_system	epss
scoring_elements	0.84622
published_at	2026-04-01T12:55:00Z

value	0.02284
scoring_system	epss
scoring_elements	0.84636
published_at	2026-04-02T12:55:00Z

value	0.02284
scoring_system	epss
scoring_elements	0.84657
published_at	2026-04-04T12:55:00Z

value	0.02284
scoring_system	epss
scoring_elements	0.84658
published_at	2026-04-07T12:55:00Z

value	0.02284
scoring_system	epss
scoring_elements	0.8468
published_at	2026-04-08T12:55:00Z

value	0.02284
scoring_system	epss
scoring_elements	0.84686
published_at	2026-04-09T12:55:00Z

value	0.02284
scoring_system	epss
scoring_elements	0.84704
published_at	2026-04-11T12:55:00Z

value	0.02284
scoring_system	epss
scoring_elements	0.847
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252285
reference_id	1252285
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252285

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-83

reference_id

mfsa2015-83

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-83

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4480

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gaq6-9xu7-n7fk

url VCID-gb42-43gw-pygv

vulnerability_id VCID-gb42-43gw-pygv

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1943.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1943.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1943

reference_id

reference_type

scores

value	0.00556
scoring_system	epss
scoring_elements	0.68147
published_at	2026-04-13T12:55:00Z

value	0.00556
scoring_system	epss
scoring_elements	0.68084
published_at	2026-04-01T12:55:00Z

value	0.00556
scoring_system	epss
scoring_elements	0.68169
published_at	2026-04-09T12:55:00Z

value	0.00556
scoring_system	epss
scoring_elements	0.68194
published_at	2026-04-11T12:55:00Z

value	0.00556
scoring_system	epss
scoring_elements	0.6818
published_at	2026-04-12T12:55:00Z

value	0.00556
scoring_system	epss
scoring_elements	0.68107
published_at	2026-04-02T12:55:00Z

value	0.00556
scoring_system	epss
scoring_elements	0.68125
published_at	2026-04-04T12:55:00Z

value	0.00556
scoring_system	epss
scoring_elements	0.68102
published_at	2026-04-07T12:55:00Z

value	0.00556
scoring_system	epss
scoring_elements	0.68154
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1943

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1228590
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1228590

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-09.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-09.html

reference_url	http://www.securityfocus.com/bid/81948
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81948

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301827
reference_id	1301827
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301827

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:43.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::
reference_id	cpe:2.3:o:google:android::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1943
reference_id	CVE-2016-1943
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1943

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1943

reference_id

CVE-2016-1943

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1943

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-09

reference_id

mfsa2016-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-09

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1943

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gb42-43gw-pygv

url VCID-gbgr-rxhx-jkae

vulnerability_id VCID-gbgr-rxhx-jkae

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1965.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1965.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1965

reference_id

reference_type

scores

value	0.005
scoring_system	epss
scoring_elements	0.65978
published_at	2026-04-13T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65902
published_at	2026-04-01T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.66003
published_at	2026-04-09T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.66021
published_at	2026-04-11T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.66008
published_at	2026-04-12T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65943
published_at	2026-04-02T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65973
published_at	2026-04-04T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65939
published_at	2026-04-07T12:55:00Z

value	0.005
scoring_system	epss
scoring_elements	0.65991
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1965

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1245264
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1245264

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-28.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-28.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315775
reference_id	1315775
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315775

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1965

reference_id

CVE-2016-1965

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1965

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-28

reference_id

mfsa2016-28

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-28

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1965

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gbgr-rxhx-jkae

url VCID-ghtc-dh9g-2ufb

vulnerability_id VCID-ghtc-dh9g-2ufb

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2708.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2708.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2708

reference_id

reference_type

scores

value	0.01328
scoring_system	epss
scoring_elements	0.79934
published_at	2026-04-13T12:55:00Z

value	0.01328
scoring_system	epss
scoring_elements	0.79885
published_at	2026-04-01T12:55:00Z

value	0.01328
scoring_system	epss
scoring_elements	0.79892
published_at	2026-04-02T12:55:00Z

value	0.01328
scoring_system	epss
scoring_elements	0.79913
published_at	2026-04-04T12:55:00Z

value	0.01328
scoring_system	epss
scoring_elements	0.79901
published_at	2026-04-07T12:55:00Z

value	0.01328
scoring_system	epss
scoring_elements	0.79929
published_at	2026-04-08T12:55:00Z

value	0.01328
scoring_system	epss
scoring_elements	0.79938
published_at	2026-04-09T12:55:00Z

value	0.01328
scoring_system	epss
scoring_elements	0.79958
published_at	2026-04-11T12:55:00Z

value	0.01328
scoring_system	epss
scoring_elements	0.79941
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220597
reference_id	1220597
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220597

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-46

reference_id

mfsa2015-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-46

reference_url	https://access.redhat.com/errata/RHSA-2015:0988
reference_id	RHSA-2015:0988
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0988

reference_url	https://access.redhat.com/errata/RHSA-2015:1012
reference_id	RHSA-2015:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1012

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

reference_url	https://usn.ubuntu.com/2603-1/
reference_id	USN-2603-1
reference_type
scores
url	https://usn.ubuntu.com/2603-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2708

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ghtc-dh9g-2ufb

url VCID-gnet-tz9t-abd9

vulnerability_id VCID-gnet-tz9t-abd9

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4474.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4474.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4474

reference_id

reference_type

scores

value	0.02206
scoring_system	epss
scoring_elements	0.84446
published_at	2026-04-13T12:55:00Z

value	0.02206
scoring_system	epss
scoring_elements	0.84373
published_at	2026-04-01T12:55:00Z

value	0.02206
scoring_system	epss
scoring_elements	0.84388
published_at	2026-04-02T12:55:00Z

value	0.02206
scoring_system	epss
scoring_elements	0.84409
published_at	2026-04-04T12:55:00Z

value	0.02206
scoring_system	epss
scoring_elements	0.84411
published_at	2026-04-07T12:55:00Z

value	0.02206
scoring_system	epss
scoring_elements	0.84433
published_at	2026-04-08T12:55:00Z

value	0.02206
scoring_system	epss
scoring_elements	0.84438
published_at	2026-04-09T12:55:00Z

value	0.02206
scoring_system	epss
scoring_elements	0.84456
published_at	2026-04-11T12:55:00Z

value	0.02206
scoring_system	epss
scoring_elements	0.84451
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4474

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252273
reference_id	1252273
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252273

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4474
reference_id	CVE-2015-4474
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4474

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-79

reference_id

mfsa2015-79

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-79

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4474

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gnet-tz9t-abd9

url VCID-h6yb-xsc5-7yck

vulnerability_id VCID-h6yb-xsc5-7yck

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1959.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1959.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1959

reference_id

reference_type

scores

value	0.00894
scoring_system	epss
scoring_elements	0.7559
published_at	2026-04-13T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75526
published_at	2026-04-01T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.7558
published_at	2026-04-08T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75591
published_at	2026-04-09T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75615
published_at	2026-04-11T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75596
published_at	2026-04-12T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75528
published_at	2026-04-02T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75558
published_at	2026-04-04T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75538
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1959

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234949
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234949

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-22.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-22.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315575
reference_id	1315575
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315575

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1959
reference_id	CVE-2016-1959
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1959

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1959

reference_id

CVE-2016-1959

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1959

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-22

reference_id

mfsa2016-22

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-22

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1959

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6yb-xsc5-7yck

url VCID-hnb1-5t4z-ubhj

vulnerability_id VCID-hnb1-5t4z-ubhj

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1963.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1963.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1963

reference_id

reference_type

scores

value	0.00071
scoring_system	epss
scoring_elements	0.2178
published_at	2026-04-13T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.2175
published_at	2026-04-01T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21866
published_at	2026-04-09T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21877
published_at	2026-04-11T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21838
published_at	2026-04-12T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21914
published_at	2026-04-02T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21967
published_at	2026-04-04T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21733
published_at	2026-04-07T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.2181
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1963

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1238440
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1238440

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-26.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-26.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315579
reference_id	1315579
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315579

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1963
reference_id	CVE-2016-1963
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1963

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1963

reference_id

CVE-2016-1963

reference_type

scores

value	4.4
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:P/I:P/A:P

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1963

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-26

reference_id

mfsa2016-26

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-26

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1963

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hnb1-5t4z-ubhj

url VCID-hq81-4u9w-quh6

vulnerability_id VCID-hq81-4u9w-quh6

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1945.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1945.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1945

reference_id

reference_type

scores

value	0.00674
scoring_system	epss
scoring_elements	0.714
published_at	2026-04-13T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71356
published_at	2026-04-01T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.7141
published_at	2026-04-09T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71433
published_at	2026-04-11T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71418
published_at	2026-04-12T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71364
published_at	2026-04-02T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71382
published_at	2026-04-04T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71357
published_at	2026-04-07T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71398
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1945

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1214782
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1214782

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-10.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-10.html

reference_url	http://www.securityfocus.com/bid/81950
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81950

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301825
reference_id	1301825
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301825

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:43.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1945
reference_id	CVE-2016-1945
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1945

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1945

reference_id

CVE-2016-1945

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1945

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-10

reference_id

mfsa2016-10

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-10

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1945

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hq81-4u9w-quh6

url VCID-j6x8-vnns-1yfg

vulnerability_id VCID-j6x8-vnns-1yfg

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2791.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2791.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2791

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2791

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243473
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2791

reference_id

CVE-2016-2791

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2791

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2791

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j6x8-vnns-1yfg

url VCID-j7wt-w5x2-nye4

vulnerability_id VCID-j7wt-w5x2-nye4

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2800.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2800.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2800

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2800

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249338
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249338

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2800

reference_id

CVE-2016-2800

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2800

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2800

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j7wt-w5x2-nye4

url VCID-jfw1-18np-47b8

vulnerability_id VCID-jfw1-18np-47b8

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://hg.mozilla.org/releases/mozilla-release/rev/b208427885d3
reference_id
reference_type
scores
url	http://hg.mozilla.org/releases/mozilla-release/rev/b208427885d3

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1961.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1961.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1961

reference_id

reference_type

scores

value	0.00749
scoring_system	epss
scoring_elements	0.73112
published_at	2026-04-13T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.7306
published_at	2026-04-01T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73114
published_at	2026-04-09T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73139
published_at	2026-04-11T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73119
published_at	2026-04-12T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73069
published_at	2026-04-02T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.7309
published_at	2026-04-04T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73064
published_at	2026-04-07T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73101
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1961

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249377
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-24.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-24.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	http://zerodayinitiative.com/advisories/ZDI-16-199/
reference_id
reference_type
scores
url	http://zerodayinitiative.com/advisories/ZDI-16-199/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315577
reference_id	1315577
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315577

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1961

reference_id

CVE-2016-1961

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1961

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-24

reference_id

mfsa2016-24

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-24

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1961

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jfw1-18np-47b8

url VCID-jqed-5g3b-auag

vulnerability_id VCID-jqed-5g3b-auag

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4478.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4478.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4478

reference_id

reference_type

scores

value	0.00661
scoring_system	epss
scoring_elements	0.71129
published_at	2026-04-13T12:55:00Z

value	0.00661
scoring_system	epss
scoring_elements	0.71081
published_at	2026-04-01T12:55:00Z

value	0.00661
scoring_system	epss
scoring_elements	0.7109
published_at	2026-04-02T12:55:00Z

value	0.00661
scoring_system	epss
scoring_elements	0.71107
published_at	2026-04-04T12:55:00Z

value	0.00661
scoring_system	epss
scoring_elements	0.71082
published_at	2026-04-07T12:55:00Z

value	0.00661
scoring_system	epss
scoring_elements	0.71124
published_at	2026-04-08T12:55:00Z

value	0.00661
scoring_system	epss
scoring_elements	0.71137
published_at	2026-04-09T12:55:00Z

value	0.00661
scoring_system	epss
scoring_elements	0.7116
published_at	2026-04-11T12:55:00Z

value	0.00661
scoring_system	epss
scoring_elements	0.71145
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252282
reference_id	1252282
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252282

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-82

reference_id

mfsa2015-82

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-82

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4478

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jqed-5g3b-auag

url VCID-jqq7-zaqr-6bap

vulnerability_id VCID-jqq7-zaqr-6bap

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4481

reference_id

reference_type

scores

value	0.00164
scoring_system	epss
scoring_elements	0.37277
published_at	2026-04-13T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37246
published_at	2026-04-01T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37412
published_at	2026-04-02T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37436
published_at	2026-04-04T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37264
published_at	2026-04-07T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37315
published_at	2026-04-08T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37327
published_at	2026-04-09T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37339
published_at	2026-04-11T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37305
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4481

reference_url	https://code.google.com/p/google-security-research/issues/detail?id=427&can=1
reference_id	CVE-2015-4481
reference_type	exploit
scores
url	https://code.google.com/p/google-security-research/issues/detail?id=427&can=1

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4481
reference_id	CVE-2015-4481
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4481

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/37925.txt
reference_id	CVE-2015-4481
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/37925.txt

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-84

reference_id

mfsa2015-84

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-84

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4481

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jqq7-zaqr-6bap

url VCID-js15-jev6-6fbs

vulnerability_id VCID-js15-jev6-6fbs

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1960.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1960.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1960

reference_id

reference_type

scores

value	0.87057
scoring_system	epss
scoring_elements	0.99442
published_at	2026-04-13T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99436
published_at	2026-04-01T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99439
published_at	2026-04-09T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.9944
published_at	2026-04-11T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99441
published_at	2026-04-12T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99435
published_at	2026-04-02T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99437
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1960

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246014
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	https://www.exploit-db.com/exploits/42484/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/42484/

reference_url	https://www.exploit-db.com/exploits/44294/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/44294/

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-23.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-23.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	http://zerodayinitiative.com/advisories/ZDI-16-198/
reference_id
reference_type
scores
url	http://zerodayinitiative.com/advisories/ZDI-16-198/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315576
reference_id	1315576
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315576

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42484.html
reference_id	CVE-2016-1960
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42484.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1960

reference_id

CVE-2016-1960

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1960

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44294.html
reference_id	CVE-2017-5375;CVE-2016-1960
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44294.html

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-23

reference_id

mfsa2016-23

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-23

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1960

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-js15-jev6-6fbs

url VCID-jtxv-vhm6-33h3

vulnerability_id VCID-jtxv-vhm6-33h3

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2712.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2712.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2712

reference_id

reference_type

scores

value	0.03878
scoring_system	epss
scoring_elements	0.88241
published_at	2026-04-13T12:55:00Z

value	0.03878
scoring_system	epss
scoring_elements	0.88182
published_at	2026-04-01T12:55:00Z

value	0.03878
scoring_system	epss
scoring_elements	0.8819
published_at	2026-04-02T12:55:00Z

value	0.03878
scoring_system	epss
scoring_elements	0.88206
published_at	2026-04-04T12:55:00Z

value	0.03878
scoring_system	epss
scoring_elements	0.88212
published_at	2026-04-07T12:55:00Z

value	0.03878
scoring_system	epss
scoring_elements	0.88232
published_at	2026-04-08T12:55:00Z

value	0.03878
scoring_system	epss
scoring_elements	0.88238
published_at	2026-04-09T12:55:00Z

value	0.03878
scoring_system	epss
scoring_elements	0.88249
published_at	2026-04-11T12:55:00Z

value	0.03878
scoring_system	epss
scoring_elements	0.88242
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2712

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220604
reference_id	1220604
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220604

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2712
reference_id	CVE-2015-2712
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2712

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-50

reference_id

mfsa2015-50

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-50

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2712

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtxv-vhm6-33h3

url VCID-jxqn-t5tg-9udc

vulnerability_id VCID-jxqn-t5tg-9udc

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1976.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1976.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1976

reference_id

reference_type

scores

value	0.0053
scoring_system	epss
scoring_elements	0.67212
published_at	2026-04-13T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67138
published_at	2026-04-01T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67227
published_at	2026-04-08T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.6724
published_at	2026-04-09T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.6726
published_at	2026-04-11T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67247
published_at	2026-04-12T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67175
published_at	2026-04-07T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67199
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1976

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1176340
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1176340

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html

reference_url	http://www.securityfocus.com/bid/84220
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84220

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780
reference_id	1315780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:webrtc_project:webrtc:-:::::::*
reference_id	cpe:2.3:a:webrtc_project:webrtc:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:webrtc_project:webrtc:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1976
reference_id	CVE-2016-1976
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1976

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1976

reference_id

CVE-2016-1976

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1976

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

reference_id

mfsa2016-32

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1976

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxqn-t5tg-9udc

url VCID-k131-mfqm-dka9

vulnerability_id VCID-k131-mfqm-dka9

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1977.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1977.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1977

reference_id

reference_type

scores

value	0.00701
scoring_system	epss
scoring_elements	0.72031
published_at	2026-04-13T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71984
published_at	2026-04-01T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72038
published_at	2026-04-09T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72062
published_at	2026-04-11T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72046
published_at	2026-04-12T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71991
published_at	2026-04-02T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72011
published_at	2026-04-04T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71987
published_at	2026-04-07T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72026
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1977

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248876
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1977

reference_id

CVE-2016-1977

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1977

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1977

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k131-mfqm-dka9

url VCID-k4qs-aaqm-eucb

vulnerability_id VCID-k4qs-aaqm-eucb

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0071.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0071.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0258.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0258.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1935.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1935.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1935

reference_id

reference_type

scores

value	0.00458
scoring_system	epss
scoring_elements	0.64001
published_at	2026-04-13T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63919
published_at	2026-04-01T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64015
published_at	2026-04-08T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64032
published_at	2026-04-09T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64044
published_at	2026-04-11T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.6403
published_at	2026-04-12T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63977
published_at	2026-04-02T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64005
published_at	2026-04-04T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63965
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1935

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1220450
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1220450

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3457
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3457

reference_url	http://www.debian.org/security/2016/dsa-3491
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3491

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-03.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-03.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/81952
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81952

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	http://www.ubuntu.com/usn/USN-2904-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2904-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301821
reference_id	1301821
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301821

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1935

reference_id

CVE-2016-1935

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1935

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-03

reference_id

mfsa2016-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-03

reference_url	https://access.redhat.com/errata/RHSA-2016:0071
reference_id	RHSA-2016:0071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0071

reference_url	https://access.redhat.com/errata/RHSA-2016:0258
reference_id	RHSA-2016:0258
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0258

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

reference_url	https://usn.ubuntu.com/2904-1/
reference_id	USN-2904-1
reference_type
scores
url	https://usn.ubuntu.com/2904-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1935

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4qs-aaqm-eucb

url VCID-k5hu-n47k-wffm

vulnerability_id VCID-k5hu-n47k-wffm

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2792.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2792.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2792

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2792

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243482
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243482

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2792

reference_id

CVE-2016-2792

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2792

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2792

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k5hu-n47k-wffm

url VCID-kdyn-9bn6-ebgz

vulnerability_id VCID-kdyn-9bn6-ebgz

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1933.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1933.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1933

reference_id

reference_type

scores

value	0.00777
scoring_system	epss
scoring_elements	0.73631
published_at	2026-04-13T12:55:00Z

value	0.00777
scoring_system	epss
scoring_elements	0.73581
published_at	2026-04-01T12:55:00Z

value	0.00777
scoring_system	epss
scoring_elements	0.73635
published_at	2026-04-09T12:55:00Z

value	0.00777
scoring_system	epss
scoring_elements	0.73658
published_at	2026-04-11T12:55:00Z

value	0.00777
scoring_system	epss
scoring_elements	0.7364
published_at	2026-04-12T12:55:00Z

value	0.00777
scoring_system	epss
scoring_elements	0.7359
published_at	2026-04-02T12:55:00Z

value	0.00777
scoring_system	epss
scoring_elements	0.73613
published_at	2026-04-04T12:55:00Z

value	0.00777
scoring_system	epss
scoring_elements	0.73586
published_at	2026-04-07T12:55:00Z

value	0.00777
scoring_system	epss
scoring_elements	0.73622
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1933

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1231761
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1231761

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-02.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-02.html

reference_url	http://www.securityfocus.com/bid/81956
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81956

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301820
reference_id	1301820
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301820

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1933
reference_id	CVE-2016-1933
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1933

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1933

reference_id

CVE-2016-1933

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1933

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-02

reference_id

mfsa2016-02

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-02

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1933

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kdyn-9bn6-ebgz

url VCID-mqbr-btgy-aygy

vulnerability_id VCID-mqbr-btgy-aygy

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1944.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1944.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1944

reference_id

reference_type

scores

value	0.02826
scoring_system	epss
scoring_elements	0.86169
published_at	2026-04-13T12:55:00Z

value	0.02826
scoring_system	epss
scoring_elements	0.86104
published_at	2026-04-01T12:55:00Z

value	0.02826
scoring_system	epss
scoring_elements	0.8616
published_at	2026-04-09T12:55:00Z

value	0.02826
scoring_system	epss
scoring_elements	0.86174
published_at	2026-04-11T12:55:00Z

value	0.02826
scoring_system	epss
scoring_elements	0.86172
published_at	2026-04-12T12:55:00Z

value	0.02826
scoring_system	epss
scoring_elements	0.86114
published_at	2026-04-02T12:55:00Z

value	0.02826
scoring_system	epss
scoring_elements	0.8613
published_at	2026-04-04T12:55:00Z

value	0.02826
scoring_system	epss
scoring_elements	0.86129
published_at	2026-04-07T12:55:00Z

value	0.02826
scoring_system	epss
scoring_elements	0.86149
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1944

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1186621
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1186621

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-10.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-10.html

reference_url	http://www.securityfocus.com/bid/81950
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81950

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301825
reference_id	1301825
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301825

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:43.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1944
reference_id	CVE-2016-1944
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1944

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1944

reference_id

CVE-2016-1944

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1944

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-10

reference_id

mfsa2016-10

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-10

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1944

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mqbr-btgy-aygy

url VCID-mwyu-5rk2-xbbz

vulnerability_id VCID-mwyu-5rk2-xbbz

summary

Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird, the worst of which may allow user-assisted execution of
    arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2721.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2721.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2721

reference_id

reference_type

scores

value	0.00607
scoring_system	epss
scoring_elements	0.69676
published_at	2026-04-13T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69606
published_at	2026-04-01T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69619
published_at	2026-04-02T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69635
published_at	2026-04-04T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69614
published_at	2026-04-07T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69665
published_at	2026-04-08T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69682
published_at	2026-04-09T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69704
published_at	2026-04-11T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69689
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1236967
reference_id	1236967
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1236967

reference_url	https://security.gentoo.org/glsa/201512-10
reference_id	GLSA-201512-10
reference_type
scores
url	https://security.gentoo.org/glsa/201512-10

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-46
reference_id	GLSA-201701-46
reference_type
scores
url	https://security.gentoo.org/glsa/201701-46

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-71

reference_id

mfsa2015-71

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-71

reference_url	https://access.redhat.com/errata/RHSA-2015:1185
reference_id	RHSA-2015:1185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1185

reference_url	https://access.redhat.com/errata/RHSA-2015:1664
reference_id	RHSA-2015:1664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1664

reference_url	https://usn.ubuntu.com/2656-1/
reference_id	USN-2656-1
reference_type
scores
url	https://usn.ubuntu.com/2656-1/

reference_url	https://usn.ubuntu.com/2656-2/
reference_id	USN-2656-2
reference_type
scores
url	https://usn.ubuntu.com/2656-2/

reference_url	https://usn.ubuntu.com/2672-1/
reference_id	USN-2672-1
reference_type
scores
url	https://usn.ubuntu.com/2672-1/

reference_url	https://usn.ubuntu.com/2673-1/
reference_id	USN-2673-1
reference_type
scores
url	https://usn.ubuntu.com/2673-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.5.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.5.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.5.0

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2721

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mwyu-5rk2-xbbz

url VCID-my4s-k6en-qkc2

vulnerability_id VCID-my4s-k6en-qkc2

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0071.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0071.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0258.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0258.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1930.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1930.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1930

reference_id

reference_type

scores

value	0.0186
scoring_system	epss
scoring_elements	0.83044
published_at	2026-04-13T12:55:00Z

value	0.0186
scoring_system	epss
scoring_elements	0.8298
published_at	2026-04-01T12:55:00Z

value	0.0186
scoring_system	epss
scoring_elements	0.83039
published_at	2026-04-09T12:55:00Z

value	0.0186
scoring_system	epss
scoring_elements	0.83055
published_at	2026-04-11T12:55:00Z

value	0.0186
scoring_system	epss
scoring_elements	0.83049
published_at	2026-04-12T12:55:00Z

value	0.0186
scoring_system	epss
scoring_elements	0.82996
published_at	2026-04-02T12:55:00Z

value	0.0186
scoring_system	epss
scoring_elements	0.8301
published_at	2026-04-04T12:55:00Z

value	0.0186
scoring_system	epss
scoring_elements	0.83008
published_at	2026-04-07T12:55:00Z

value	0.0186
scoring_system	epss
scoring_elements	0.83032
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1930

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1221385
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1221385

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1223670

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224200
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224200

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1230483
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1230483

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1230639
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1230639

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1230668
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1230668

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1230686
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1230686

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1233152
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1233152

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1233346
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1233346

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1233925
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1233925

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234280
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234280

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234571
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234571

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935

reference_url	http://www.debian.org/security/2016/dsa-3457
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3457

reference_url	http://www.debian.org/security/2016/dsa-3491
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3491

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-01.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-01.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/81953
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81953

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	http://www.ubuntu.com/usn/USN-2904-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2904-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301818
reference_id	1301818
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301818

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1930

reference_id

CVE-2016-1930

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1930

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-01

reference_id

mfsa2016-01

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-01

reference_url	https://access.redhat.com/errata/RHSA-2016:0071
reference_id	RHSA-2016:0071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0071

reference_url	https://access.redhat.com/errata/RHSA-2016:0258
reference_id	RHSA-2016:0258
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0258

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

reference_url	https://usn.ubuntu.com/2904-1/
reference_id	USN-2904-1
reference_type
scores
url	https://usn.ubuntu.com/2904-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1930

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-my4s-k6en-qkc2

url VCID-nav6-hsaf-2fbj

vulnerability_id VCID-nav6-hsaf-2fbj

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2715.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2715.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2715

reference_id

reference_type

scores

value	0.01381
scoring_system	epss
scoring_elements	0.80275
published_at	2026-04-13T12:55:00Z

value	0.01381
scoring_system	epss
scoring_elements	0.80224
published_at	2026-04-01T12:55:00Z

value	0.01381
scoring_system	epss
scoring_elements	0.80232
published_at	2026-04-02T12:55:00Z

value	0.01381
scoring_system	epss
scoring_elements	0.80252
published_at	2026-04-04T12:55:00Z

value	0.01381
scoring_system	epss
scoring_elements	0.8024
published_at	2026-04-07T12:55:00Z

value	0.01381
scoring_system	epss
scoring_elements	0.80268
published_at	2026-04-08T12:55:00Z

value	0.01381
scoring_system	epss
scoring_elements	0.80278
published_at	2026-04-09T12:55:00Z

value	0.01381
scoring_system	epss
scoring_elements	0.80297
published_at	2026-04-11T12:55:00Z

value	0.01381
scoring_system	epss
scoring_elements	0.80282
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2715

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220606
reference_id	1220606
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220606

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2715
reference_id	CVE-2015-2715
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2715

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-53

reference_id

mfsa2015-53

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-53

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2715

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nav6-hsaf-2fbj

url VCID-nega-51gt-hqfd

vulnerability_id VCID-nega-51gt-hqfd

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4482

reference_id

reference_type

scores

value	0.00091
scoring_system	epss
scoring_elements	0.257
published_at	2026-04-13T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25797
published_at	2026-04-01T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25857
published_at	2026-04-02T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.259
published_at	2026-04-04T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25671
published_at	2026-04-07T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25742
published_at	2026-04-08T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.2579
published_at	2026-04-09T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.258
published_at	2026-04-11T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25759
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4482

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4482
reference_id	CVE-2015-4482
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4482

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-85

reference_id

mfsa2015-85

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-85

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4482

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nega-51gt-hqfd

url VCID-ngdr-hetx-kbf8

vulnerability_id VCID-ngdr-hetx-kbf8

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1956.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1956.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1956

reference_id

reference_type

scores

value	0.00312
scoring_system	epss
scoring_elements	0.54395
published_at	2026-04-13T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54314
published_at	2026-04-01T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.5439
published_at	2026-04-08T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54385
published_at	2026-04-09T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54434
published_at	2026-04-11T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54417
published_at	2026-04-12T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54334
published_at	2026-04-02T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54364
published_at	2026-04-04T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54339
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1956

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1199923
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1199923

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-19.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-19.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315571
reference_id	1315571
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315571

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_id	cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel::::::::
reference_id	cpe:2.3:o:linux:linux_kernel::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1956
reference_id	CVE-2016-1956
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1956

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1956

reference_id

CVE-2016-1956

reference_type

scores

value	7.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:C

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1956

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-19

reference_id

mfsa2016-19

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-19

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1956

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ngdr-hetx-kbf8

url VCID-nr84-88hy-6fah

vulnerability_id VCID-nr84-88hy-6fah

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2796.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2796.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2796

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68357
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68441
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68424
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2796

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243816
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2796

reference_id

CVE-2016-2796

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2796

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2796

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nr84-88hy-6fah

url VCID-nyur-qfet-9ua8

vulnerability_id VCID-nyur-qfet-9ua8

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4488.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4488.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4488

reference_id

reference_type

scores

value	0.01901
scoring_system	epss
scoring_elements	0.83236
published_at	2026-04-13T12:55:00Z

value	0.01901
scoring_system	epss
scoring_elements	0.8317
published_at	2026-04-01T12:55:00Z

value	0.01901
scoring_system	epss
scoring_elements	0.83186
published_at	2026-04-02T12:55:00Z

value	0.01901
scoring_system	epss
scoring_elements	0.832
published_at	2026-04-04T12:55:00Z

value	0.01901
scoring_system	epss
scoring_elements	0.83198
published_at	2026-04-07T12:55:00Z

value	0.01901
scoring_system	epss
scoring_elements	0.83223
published_at	2026-04-08T12:55:00Z

value	0.01901
scoring_system	epss
scoring_elements	0.8323
published_at	2026-04-09T12:55:00Z

value	0.01901
scoring_system	epss
scoring_elements	0.83246
published_at	2026-04-11T12:55:00Z

value	0.01901
scoring_system	epss
scoring_elements	0.8324
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252293
reference_id	1252293
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252293

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-90

reference_id

mfsa2015-90

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-90

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://access.redhat.com/errata/RHSA-2015:1682
reference_id	RHSA-2015:1682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1682

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

reference_url	https://usn.ubuntu.com/2712-1/
reference_id	USN-2712-1
reference_type
scores
url	https://usn.ubuntu.com/2712-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4488

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nyur-qfet-9ua8

url VCID-nzr5-nt1n-akg1

vulnerability_id VCID-nzr5-nt1n-akg1

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4493.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4493.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4493

reference_id

reference_type

scores

value	0.0731
scoring_system	epss
scoring_elements	0.91683
published_at	2026-04-13T12:55:00Z

value	0.0731
scoring_system	epss
scoring_elements	0.9164
published_at	2026-04-01T12:55:00Z

value	0.0731
scoring_system	epss
scoring_elements	0.91648
published_at	2026-04-02T12:55:00Z

value	0.0731
scoring_system	epss
scoring_elements	0.91654
published_at	2026-04-04T12:55:00Z

value	0.0731
scoring_system	epss
scoring_elements	0.91662
published_at	2026-04-07T12:55:00Z

value	0.0731
scoring_system	epss
scoring_elements	0.91675
published_at	2026-04-08T12:55:00Z

value	0.0731
scoring_system	epss
scoring_elements	0.91681
published_at	2026-04-09T12:55:00Z

value	0.0731
scoring_system	epss
scoring_elements	0.91685
published_at	2026-04-11T12:55:00Z

value	0.0731
scoring_system	epss
scoring_elements	0.91687
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252285
reference_id	1252285
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252285

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-83

reference_id

mfsa2015-83

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-83

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4493

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nzr5-nt1n-akg1

url VCID-p728-2nbz-cfbh

vulnerability_id VCID-p728-2nbz-cfbh

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1939.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1939.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1939

reference_id

reference_type

scores

value	0.00582
scoring_system	epss
scoring_elements	0.68944
published_at	2026-04-13T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68878
published_at	2026-04-01T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68965
published_at	2026-04-09T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68988
published_at	2026-04-11T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68973
published_at	2026-04-12T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68895
published_at	2026-04-02T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68916
published_at	2026-04-04T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68896
published_at	2026-04-07T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68946
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1939

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1233784
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1233784

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-04.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-04.html

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301822
reference_id	1301822
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301822

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1939
reference_id	CVE-2016-1939
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1939

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1939

reference_id

CVE-2016-1939

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1939

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-04

reference_id

mfsa2016-04

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-04

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1939

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p728-2nbz-cfbh

url VCID-p86b-vnu2-6fbu

vulnerability_id VCID-p86b-vnu2-6fbu

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4483.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4483.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4483

reference_id

reference_type

scores

value	0.00299
scoring_system	epss
scoring_elements	0.5328
published_at	2026-04-13T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53197
published_at	2026-04-01T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53221
published_at	2026-04-02T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53246
published_at	2026-04-04T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53214
published_at	2026-04-07T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53266
published_at	2026-04-08T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53261
published_at	2026-04-09T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53312
published_at	2026-04-11T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53297
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4483

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252288
reference_id	1252288
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252288

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4483
reference_id	CVE-2015-4483
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4483

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-86

reference_id

mfsa2015-86

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-86

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4483

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p86b-vnu2-6fbu

url VCID-pdgz-dsbq-67hq

vulnerability_id VCID-pdgz-dsbq-67hq

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1967.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1967.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1967

reference_id

reference_type

scores

value	0.00402
scoring_system	epss
scoring_elements	0.60815
published_at	2026-04-13T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60695
published_at	2026-04-01T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60826
published_at	2026-04-09T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60846
published_at	2026-04-11T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60833
published_at	2026-04-12T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60768
published_at	2026-04-02T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60797
published_at	2026-04-04T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60761
published_at	2026-04-07T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.6081
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1967

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246956
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246956

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-29.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-29.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315776
reference_id	1315776
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315776

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1967
reference_id	CVE-2016-1967
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1967

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1967

reference_id

CVE-2016-1967

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1967

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-29

reference_id

mfsa2016-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-29

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1967

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdgz-dsbq-67hq

url VCID-pgxa-jsvb-73cf

vulnerability_id VCID-pgxa-jsvb-73cf

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1947.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1947.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1947

reference_id

reference_type

scores

value	0.00571
scoring_system	epss
scoring_elements	0.68656
published_at	2026-04-12T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68561
published_at	2026-04-01T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68626
published_at	2026-04-13T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68644
published_at	2026-04-09T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68669
published_at	2026-04-11T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68579
published_at	2026-04-02T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68598
published_at	2026-04-04T12:55:00Z

value	0.00571
scoring_system	epss
scoring_elements	0.68575
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1947

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1237103
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1237103

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-11.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-11.html

reference_url	http://www.securityfocus.com/bid/81949
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81949

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301826
reference_id	1301826
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301826

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:43.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:43.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.2:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:43.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.3:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:43.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:43.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:43.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1947
reference_id	CVE-2016-1947
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1947

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1947

reference_id

CVE-2016-1947

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1947

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-11

reference_id

mfsa2016-11

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-11

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1947

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pgxa-jsvb-73cf

url VCID-qrva-vbms-sug2

vulnerability_id VCID-qrva-vbms-sug2

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1969.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1969.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1969

reference_id

reference_type

scores

value	0.00472
scoring_system	epss
scoring_elements	0.64633
published_at	2026-04-13T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64552
published_at	2026-04-01T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64657
published_at	2026-04-09T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64674
published_at	2026-04-11T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64662
published_at	2026-04-12T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64606
published_at	2026-04-02T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64634
published_at	2026-04-04T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64592
published_at	2026-04-07T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64641
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1969

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1242322
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1242322

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-38.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-38.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1317560
reference_id	1317560
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1317560

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1969

reference_id

CVE-2016-1969

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1969

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-38

reference_id

mfsa2016-38

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-38

reference_url	https://access.redhat.com/errata/RHSA-2016:0197
reference_id	RHSA-2016:0197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0197

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1969

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrva-vbms-sug2

url VCID-qtp4-ada6-tydd

vulnerability_id VCID-qtp4-ada6-tydd

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1974.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1974.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1974

reference_id

reference_type

scores

value	0.00493
scoring_system	epss
scoring_elements	0.65715
published_at	2026-04-13T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.6563
published_at	2026-04-01T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65738
published_at	2026-04-09T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65759
published_at	2026-04-11T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65744
published_at	2026-04-12T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65679
published_at	2026-04-02T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65709
published_at	2026-04-04T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65675
published_at	2026-04-07T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65726
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1974

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1228103
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1228103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-34.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-34.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315785
reference_id	1315785
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315785

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1974

reference_id

CVE-2016-1974

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1974

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-34

reference_id

mfsa2016-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-34

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1974

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtp4-ada6-tydd

url VCID-qup9-qy11-fqhe

vulnerability_id VCID-qup9-qy11-fqhe

summary

Multiple vulnerabilities have been found in mbed TLS, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0049.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0049.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0050.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0050.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0053.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0053.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0054.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0054.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0055.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0055.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0056.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0056.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7575.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7575.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-7575

reference_id

reference_type

scores

value	0.01509
scoring_system	epss
scoring_elements	0.81189
published_at	2026-04-13T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81125
published_at	2026-04-01T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81184
published_at	2026-04-08T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.8119
published_at	2026-04-09T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.8121
published_at	2026-04-11T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81196
published_at	2026-04-12T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81134
published_at	2026-04-02T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81157
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7575

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1158489
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1158489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.netapp.com/advisory/ntap-20160225-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20160225-0001/

reference_url	http://www.debian.org/security/2016/dsa-3436
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3436

reference_url	http://www.debian.org/security/2016/dsa-3437
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3437

reference_url	http://www.debian.org/security/2016/dsa-3457
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3457

reference_url	http://www.debian.org/security/2016/dsa-3458
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3458

reference_url	http://www.debian.org/security/2016/dsa-3465
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3465

reference_url	http://www.debian.org/security/2016/dsa-3491
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3491

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2015/mfsa2015-150.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2015/mfsa2015-150.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/79684
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/79684

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1034541
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034541

reference_url	http://www.securitytracker.com/id/1036467
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036467

reference_url	http://www.ubuntu.com/usn/USN-2863-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2863-1

reference_url	http://www.ubuntu.com/usn/USN-2864-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2864-1

reference_url	http://www.ubuntu.com/usn/USN-2865-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2865-1

reference_url	http://www.ubuntu.com/usn/USN-2866-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2866-1

reference_url	http://www.ubuntu.com/usn/USN-2884-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2884-1

reference_url	http://www.ubuntu.com/usn/USN-2904-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2904-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1289841
reference_id	1289841
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1289841

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

101

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-7575

reference_id

CVE-2015-7575

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2015-7575

102

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

103

reference_url	https://security.gentoo.org/glsa/201701-46
reference_id	GLSA-201701-46
reference_type
scores
url	https://security.gentoo.org/glsa/201701-46

104

reference_url	https://security.gentoo.org/glsa/201706-18
reference_id	GLSA-201706-18
reference_type
scores
url	https://security.gentoo.org/glsa/201706-18

105

reference_url	https://security.gentoo.org/glsa/201801-15
reference_id	GLSA-201801-15
reference_type
scores
url	https://security.gentoo.org/glsa/201801-15

106

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-150

reference_id

mfsa2015-150

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-150

107

reference_url	https://access.redhat.com/errata/RHSA-2016:0007
reference_id	RHSA-2016:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0007

108

reference_url	https://access.redhat.com/errata/RHSA-2016:0008
reference_id	RHSA-2016:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0008

109

reference_url	https://access.redhat.com/errata/RHSA-2016:0012
reference_id	RHSA-2016:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0012

110

reference_url	https://access.redhat.com/errata/RHSA-2016:0049
reference_id	RHSA-2016:0049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0049

111

reference_url	https://access.redhat.com/errata/RHSA-2016:0050
reference_id	RHSA-2016:0050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0050

112

reference_url	https://access.redhat.com/errata/RHSA-2016:0053
reference_id	RHSA-2016:0053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0053

113

reference_url	https://access.redhat.com/errata/RHSA-2016:0054
reference_id	RHSA-2016:0054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0054

114

reference_url	https://access.redhat.com/errata/RHSA-2016:0055
reference_id	RHSA-2016:0055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0055

115

reference_url	https://access.redhat.com/errata/RHSA-2016:0056
reference_id	RHSA-2016:0056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0056

116

reference_url	https://access.redhat.com/errata/RHSA-2016:0098
reference_id	RHSA-2016:0098
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0098

117

reference_url	https://access.redhat.com/errata/RHSA-2016:0099
reference_id	RHSA-2016:0099
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0099

118

reference_url	https://access.redhat.com/errata/RHSA-2016:0100
reference_id	RHSA-2016:0100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0100

119

reference_url	https://access.redhat.com/errata/RHSA-2016:0101
reference_id	RHSA-2016:0101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0101

120

reference_url	https://access.redhat.com/errata/RHSA-2016:1430
reference_id	RHSA-2016:1430
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1430

121

reference_url	https://usn.ubuntu.com/2863-1/
reference_id	USN-2863-1
reference_type
scores
url	https://usn.ubuntu.com/2863-1/

122

reference_url	https://usn.ubuntu.com/2864-1/
reference_id	USN-2864-1
reference_type
scores
url	https://usn.ubuntu.com/2864-1/

123

reference_url	https://usn.ubuntu.com/2865-1/
reference_id	USN-2865-1
reference_type
scores
url	https://usn.ubuntu.com/2865-1/

124

reference_url	https://usn.ubuntu.com/2866-1/
reference_id	USN-2866-1
reference_type
scores
url	https://usn.ubuntu.com/2866-1/

125

reference_url	https://usn.ubuntu.com/2884-1/
reference_id	USN-2884-1
reference_type
scores
url	https://usn.ubuntu.com/2884-1/

126

reference_url	https://usn.ubuntu.com/2904-1/
reference_id	USN-2904-1
reference_type
scores
url	https://usn.ubuntu.com/2904-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-7575

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qup9-qy11-fqhe

url VCID-r1pj-wxzf-5ubj

vulnerability_id VCID-r1pj-wxzf-5ubj

summary

Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird, the worst of which may allow user-assisted execution of
    arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html

reference_url	http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1980.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1980.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1981.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1981.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7183.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7183.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-7183

reference_id

reference_type

scores

value	0.04702
scoring_system	epss
scoring_elements	0.89359
published_at	2026-04-13T12:55:00Z

value	0.04702
scoring_system	epss
scoring_elements	0.89317
published_at	2026-04-01T12:55:00Z

value	0.04702
scoring_system	epss
scoring_elements	0.89366
published_at	2026-04-11T12:55:00Z

value	0.04702
scoring_system	epss
scoring_elements	0.89363
published_at	2026-04-12T12:55:00Z

value	0.04702
scoring_system	epss
scoring_elements	0.89323
published_at	2026-04-02T12:55:00Z

value	0.04702
scoring_system	epss
scoring_elements	0.89335
published_at	2026-04-04T12:55:00Z

value	0.04702
scoring_system	epss
scoring_elements	0.89337
published_at	2026-04-07T12:55:00Z

value	0.04702
scoring_system	epss
scoring_elements	0.89353
published_at	2026-04-08T12:55:00Z

value	0.04702
scoring_system	epss
scoring_elements	0.89358
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7183

reference_url	https://bto.bluecoat.com/security-advisory/sa119
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa119

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1205157
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1205157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes

reference_url	http://www.debian.org/security/2015/dsa-3393
reference_id
reference_type
scores
url	http://www.debian.org/security/2015/dsa-3393

reference_url	http://www.debian.org/security/2015/dsa-3406
reference_id
reference_type
scores
url	http://www.debian.org/security/2015/dsa-3406

reference_url	http://www.mozilla.org/security/announce/2015/mfsa2015-133.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2015/mfsa2015-133.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/77415
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/77415

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1034069
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034069

reference_url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753
reference_id
reference_type
scores
url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753

reference_url	http://www.ubuntu.com/usn/USN-2785-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2785-1

reference_url	http://www.ubuntu.com/usn/USN-2790-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2790-1

reference_url	http://www.ubuntu.com/usn/USN-2819-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2819-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1269353
reference_id	1269353
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1269353

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.0:::::::*
reference_id	cpe:2.3:a:mozilla:network_security_services:3.20.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-7183

reference_id

CVE-2015-7183

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2015-7183

reference_url	https://security.gentoo.org/glsa/201512-10
reference_id	GLSA-201512-10
reference_type
scores
url	https://security.gentoo.org/glsa/201512-10

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-133

reference_id

mfsa2015-133

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-133

reference_url	https://access.redhat.com/errata/RHSA-2015:1980
reference_id	RHSA-2015:1980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1980

reference_url	https://access.redhat.com/errata/RHSA-2015:1981
reference_id	RHSA-2015:1981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1981

reference_url	https://access.redhat.com/errata/RHSA-2015:2068
reference_id	RHSA-2015:2068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2068

reference_url	https://usn.ubuntu.com/2785-1/
reference_id	USN-2785-1
reference_type
scores
url	https://usn.ubuntu.com/2785-1/

reference_url	https://usn.ubuntu.com/2790-1/
reference_id	USN-2790-1
reference_type
scores
url	https://usn.ubuntu.com/2790-1/

reference_url	https://usn.ubuntu.com/2819-1/
reference_id	USN-2819-1
reference_type
scores
url	https://usn.ubuntu.com/2819-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.5.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.5.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.5.0

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-7183

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r1pj-wxzf-5ubj

url VCID-r7v8-qp3e-cua2

vulnerability_id VCID-r7v8-qp3e-cua2

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2717.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2717.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2717

reference_id

reference_type

scores

value	0.02421
scoring_system	epss
scoring_elements	0.8513
published_at	2026-04-13T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85058
published_at	2026-04-01T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85071
published_at	2026-04-02T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85088
published_at	2026-04-04T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85093
published_at	2026-04-07T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85114
published_at	2026-04-08T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85121
published_at	2026-04-09T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85136
published_at	2026-04-11T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85133
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2717

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220608
reference_id	1220608
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2717
reference_id	CVE-2015-2717
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2717

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-55

reference_id

mfsa2015-55

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-55

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2717

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7v8-qp3e-cua2

url VCID-rsda-j27d-8bdc

vulnerability_id VCID-rsda-j27d-8bdc

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236
reference_id
reference_type
scores
url	http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1954.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1954.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1954

reference_id

reference_type

scores

value	0.02706
scoring_system	epss
scoring_elements	0.85892
published_at	2026-04-13T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85825
published_at	2026-04-01T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85886
published_at	2026-04-09T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85901
published_at	2026-04-11T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85898
published_at	2026-04-12T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85836
published_at	2026-04-02T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85854
published_at	2026-04-04T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85858
published_at	2026-04-07T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85876
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1954

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243178
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-17.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-17.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315569
reference_id	1315569
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315569

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_id	cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1954

reference_id

CVE-2016-1954

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1954

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-17

reference_id

mfsa2016-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-17

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1954

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsda-j27d-8bdc

url VCID-rszx-mrtt-pkam

vulnerability_id VCID-rszx-mrtt-pkam

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://hg.mozilla.org/releases/mozilla-release/rev/bafc86c12e63
reference_id
reference_type
scores
url	http://hg.mozilla.org/releases/mozilla-release/rev/bafc86c12e63

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1975.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1975.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1975

reference_id

reference_type

scores

value	0.00594
scoring_system	epss
scoring_elements	0.69286
published_at	2026-04-13T12:55:00Z

value	0.00594
scoring_system	epss
scoring_elements	0.69223
published_at	2026-04-01T12:55:00Z

value	0.00594
scoring_system	epss
scoring_elements	0.69308
published_at	2026-04-09T12:55:00Z

value	0.00594
scoring_system	epss
scoring_elements	0.6933
published_at	2026-04-11T12:55:00Z

value	0.00594
scoring_system	epss
scoring_elements	0.69314
published_at	2026-04-12T12:55:00Z

value	0.00594
scoring_system	epss
scoring_elements	0.69239
published_at	2026-04-02T12:55:00Z

value	0.00594
scoring_system	epss
scoring_elements	0.69258
published_at	2026-04-04T12:55:00Z

value	0.00594
scoring_system	epss
scoring_elements	0.6924
published_at	2026-04-07T12:55:00Z

value	0.00594
scoring_system	epss
scoring_elements	0.6929
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1975

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1230768
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1230768

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html

reference_url	http://www.securityfocus.com/bid/84220
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84220

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780
reference_id	1315780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:webrtc_project:webrtc:-:::::::*
reference_id	cpe:2.3:a:webrtc_project:webrtc:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:webrtc_project:webrtc:-:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1975
reference_id	CVE-2016-1975
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1975

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1975

reference_id

CVE-2016-1975

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1975

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

reference_id

mfsa2016-32

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1975

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rszx-mrtt-pkam

url VCID-rzp7-qr9d-uybc

vulnerability_id VCID-rzp7-qr9d-uybc

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1942

reference_id

reference_type

scores

value	0.0082
scoring_system	epss
scoring_elements	0.7438
published_at	2026-04-13T12:55:00Z

value	0.0082
scoring_system	epss
scoring_elements	0.74334
published_at	2026-04-01T12:55:00Z

value	0.0082
scoring_system	epss
scoring_elements	0.74387
published_at	2026-04-09T12:55:00Z

value	0.0082
scoring_system	epss
scoring_elements	0.74408
published_at	2026-04-11T12:55:00Z

value	0.0082
scoring_system	epss
scoring_elements	0.74388
published_at	2026-04-12T12:55:00Z

value	0.0082
scoring_system	epss
scoring_elements	0.74338
published_at	2026-04-02T12:55:00Z

value	0.0082
scoring_system	epss
scoring_elements	0.74365
published_at	2026-04-04T12:55:00Z

value	0.0082
scoring_system	epss
scoring_elements	0.74339
published_at	2026-04-07T12:55:00Z

value	0.0082
scoring_system	epss
scoring_elements	0.74372
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1942

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1189082
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1189082

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-09.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-09.html

reference_url	http://www.securityfocus.com/bid/81948
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81948

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1942
reference_id	CVE-2016-1942
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1942

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1942

reference_id

CVE-2016-1942

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1942

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-09

reference_id

mfsa2016-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-09

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1942

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rzp7-qr9d-uybc

url VCID-rzqy-gheq-cqgg

vulnerability_id VCID-rzqy-gheq-cqgg

summary

Multiple vulnerabilities have been found in Oracle's JRE and JDK
    software suites allowing remote attackers to remotely execute arbitrary
    code, obtain information, and cause Denial of Service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4000.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4000.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4000

reference_id

reference_type

scores

value	0.93743
scoring_system	epss
scoring_elements	0.99851
published_at	2026-04-07T12:55:00Z

value	0.93894
scoring_system	epss
scoring_elements	0.99875
published_at	2026-04-08T12:55:00Z

value	0.93894
scoring_system	epss
scoring_elements	0.99876
published_at	2026-04-09T12:55:00Z

value	0.939
scoring_system	epss
scoring_elements	0.99876
published_at	2026-04-13T12:55:00Z

value	0.939
scoring_system	epss
scoring_elements	0.99873
published_at	2026-04-01T12:55:00Z

value	0.939
scoring_system	epss
scoring_elements	0.99874
published_at	2026-04-02T12:55:00Z

value	0.939
scoring_system	epss
scoring_elements	0.99875
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:C/I:C/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1223211
reference_id	1223211
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1223211

reference_url	https://security.gentoo.org/glsa/201506-02
reference_id	GLSA-201506-02
reference_type
scores
url	https://security.gentoo.org/glsa/201506-02

reference_url	https://security.gentoo.org/glsa/201512-10
reference_id	GLSA-201512-10
reference_type
scores
url	https://security.gentoo.org/glsa/201512-10

reference_url	https://security.gentoo.org/glsa/201603-11
reference_id	GLSA-201603-11
reference_type
scores
url	https://security.gentoo.org/glsa/201603-11

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-46
reference_id	GLSA-201701-46
reference_type
scores
url	https://security.gentoo.org/glsa/201701-46

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-70

reference_id

mfsa2015-70

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-70

reference_url	https://access.redhat.com/errata/RHSA-2015:1072
reference_id	RHSA-2015:1072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1072

reference_url	https://access.redhat.com/errata/RHSA-2015:1185
reference_id	RHSA-2015:1185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1185

reference_url	https://access.redhat.com/errata/RHSA-2015:1197
reference_id	RHSA-2015:1197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1197

reference_url	https://access.redhat.com/errata/RHSA-2015:1228
reference_id	RHSA-2015:1228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1228

reference_url	https://access.redhat.com/errata/RHSA-2015:1229
reference_id	RHSA-2015:1229
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1229

reference_url	https://access.redhat.com/errata/RHSA-2015:1230
reference_id	RHSA-2015:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1230

reference_url	https://access.redhat.com/errata/RHSA-2015:1241
reference_id	RHSA-2015:1241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1241

reference_url	https://access.redhat.com/errata/RHSA-2015:1242
reference_id	RHSA-2015:1242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1242

reference_url	https://access.redhat.com/errata/RHSA-2015:1243
reference_id	RHSA-2015:1243
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1243

reference_url	https://access.redhat.com/errata/RHSA-2015:1485
reference_id	RHSA-2015:1485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1485

reference_url	https://access.redhat.com/errata/RHSA-2015:1486
reference_id	RHSA-2015:1486
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1486

reference_url	https://access.redhat.com/errata/RHSA-2015:1488
reference_id	RHSA-2015:1488
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1488

reference_url	https://access.redhat.com/errata/RHSA-2015:1526
reference_id	RHSA-2015:1526
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1526

reference_url	https://access.redhat.com/errata/RHSA-2015:1544
reference_id	RHSA-2015:1544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1544

reference_url	https://access.redhat.com/errata/RHSA-2015:1604
reference_id	RHSA-2015:1604
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1604

reference_url	https://access.redhat.com/errata/RHSA-2016:2056
reference_id	RHSA-2016:2056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2056

reference_url	https://usn.ubuntu.com/2656-1/
reference_id	USN-2656-1
reference_type
scores
url	https://usn.ubuntu.com/2656-1/

reference_url	https://usn.ubuntu.com/2656-2/
reference_id	USN-2656-2
reference_type
scores
url	https://usn.ubuntu.com/2656-2/

reference_url	https://usn.ubuntu.com/2673-1/
reference_id	USN-2673-1
reference_type
scores
url	https://usn.ubuntu.com/2673-1/

reference_url	https://usn.ubuntu.com/2696-1/
reference_id	USN-2696-1
reference_type
scores
url	https://usn.ubuntu.com/2696-1/

reference_url	https://usn.ubuntu.com/2706-1/
reference_id	USN-2706-1
reference_type
scores
url	https://usn.ubuntu.com/2706-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.5.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.5.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.5.0

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4000

risk_score 7.2

exploitability 2.0

weighted_severity 3.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rzqy-gheq-cqgg

url VCID-s76d-pjvk-63cr

vulnerability_id VCID-s76d-pjvk-63cr

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4485.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4485.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4485

reference_id

reference_type

scores

value	0.07599
scoring_system	epss
scoring_elements	0.91852
published_at	2026-04-13T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.9181
published_at	2026-04-01T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91818
published_at	2026-04-02T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91824
published_at	2026-04-04T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91832
published_at	2026-04-07T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91845
published_at	2026-04-08T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91851
published_at	2026-04-09T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91855
published_at	2026-04-11T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91856
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4485

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252292
reference_id	1252292
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252292

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4485
reference_id	CVE-2015-4485
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4485

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-89

reference_id

mfsa2015-89

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-89

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4485

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s76d-pjvk-63cr

url VCID-tb9n-zfut-ubht

vulnerability_id VCID-tb9n-zfut-ubht

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1962.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1962.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1962

reference_id

reference_type

scores

value	0.02149
scoring_system	epss
scoring_elements	0.84242
published_at	2026-04-13T12:55:00Z

value	0.02149
scoring_system	epss
scoring_elements	0.84172
published_at	2026-04-01T12:55:00Z

value	0.02149
scoring_system	epss
scoring_elements	0.84232
published_at	2026-04-09T12:55:00Z

value	0.02149
scoring_system	epss
scoring_elements	0.8425
published_at	2026-04-11T12:55:00Z

value	0.02149
scoring_system	epss
scoring_elements	0.84245
published_at	2026-04-12T12:55:00Z

value	0.02149
scoring_system	epss
scoring_elements	0.84185
published_at	2026-04-02T12:55:00Z

value	0.02149
scoring_system	epss
scoring_elements	0.84203
published_at	2026-04-04T12:55:00Z

value	0.02149
scoring_system	epss
scoring_elements	0.84204
published_at	2026-04-07T12:55:00Z

value	0.02149
scoring_system	epss
scoring_elements	0.84225
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1962

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1240760
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1240760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-25.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-25.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315578
reference_id	1315578
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315578

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1962

reference_id

CVE-2016-1962

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1962

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-25

reference_id

mfsa2016-25

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-25

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1962

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tb9n-zfut-ubht

url VCID-tbkw-k4a7-43fp

vulnerability_id VCID-tbkw-k4a7-43fp

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4486.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4486.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4486

reference_id

reference_type

scores

value	0.01667
scoring_system	epss
scoring_elements	0.82099
published_at	2026-04-13T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82035
published_at	2026-04-01T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82047
published_at	2026-04-02T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82068
published_at	2026-04-04T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82064
published_at	2026-04-07T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.8209
published_at	2026-04-08T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82097
published_at	2026-04-09T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82116
published_at	2026-04-11T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82107
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4486

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252292
reference_id	1252292
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252292

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4486
reference_id	CVE-2015-4486
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4486

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-89

reference_id

mfsa2015-89

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-89

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4486

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbkw-k4a7-43fp

url VCID-teza-m5kj-s7ac

vulnerability_id VCID-teza-m5kj-s7ac

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4492.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4492.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4492

reference_id

reference_type

scores

value	0.02306
scoring_system	epss
scoring_elements	0.84751
published_at	2026-04-13T12:55:00Z

value	0.02306
scoring_system	epss
scoring_elements	0.84677
published_at	2026-04-01T12:55:00Z

value	0.02306
scoring_system	epss
scoring_elements	0.84692
published_at	2026-04-02T12:55:00Z

value	0.02306
scoring_system	epss
scoring_elements	0.84712
published_at	2026-04-04T12:55:00Z

value	0.02306
scoring_system	epss
scoring_elements	0.84714
published_at	2026-04-07T12:55:00Z

value	0.02306
scoring_system	epss
scoring_elements	0.84736
published_at	2026-04-08T12:55:00Z

value	0.02306
scoring_system	epss
scoring_elements	0.84743
published_at	2026-04-09T12:55:00Z

value	0.02306
scoring_system	epss
scoring_elements	0.84761
published_at	2026-04-11T12:55:00Z

value	0.02306
scoring_system	epss
scoring_elements	0.84757
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252295
reference_id	1252295
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252295

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-92

reference_id

mfsa2015-92

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-92

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4492

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-teza-m5kj-s7ac

url VCID-tpp7-z9eb-bqh4

vulnerability_id VCID-tpp7-z9eb-bqh4

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1973.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1973.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1973

reference_id

reference_type

scores

value	0.01001
scoring_system	epss
scoring_elements	0.77
published_at	2026-04-13T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76938
published_at	2026-04-01T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76987
published_at	2026-04-08T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76998
published_at	2026-04-09T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.77026
published_at	2026-04-11T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.77005
published_at	2026-04-12T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76943
published_at	2026-04-02T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76973
published_at	2026-04-04T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76955
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1973

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1219339
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1219339

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-33.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-33.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315782
reference_id	1315782
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315782

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1973
reference_id	CVE-2016-1973
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1973

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1973

reference_id

CVE-2016-1973

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1973

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-33

reference_id

mfsa2016-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-33

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1973

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tpp7-z9eb-bqh4

url VCID-tsmv-w2tb-hyht

vulnerability_id VCID-tsmv-w2tb-hyht

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4487.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4487.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4487

reference_id

reference_type

scores

value	0.02676
scoring_system	epss
scoring_elements	0.85828
published_at	2026-04-13T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85754
published_at	2026-04-01T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85767
published_at	2026-04-02T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85785
published_at	2026-04-04T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85791
published_at	2026-04-07T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.8581
published_at	2026-04-08T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.8582
published_at	2026-04-09T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85835
published_at	2026-04-11T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85832
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252293
reference_id	1252293
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252293

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-90

reference_id

mfsa2015-90

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-90

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://access.redhat.com/errata/RHSA-2015:1682
reference_id	RHSA-2015:1682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1682

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

reference_url	https://usn.ubuntu.com/2712-1/
reference_id	USN-2712-1
reference_type
scores
url	https://usn.ubuntu.com/2712-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4487

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tsmv-w2tb-hyht

url VCID-ueke-9crt-qybh

vulnerability_id VCID-ueke-9crt-qybh

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4475.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4475.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4475

reference_id

reference_type

scores

value	0.01248
scoring_system	epss
scoring_elements	0.79308
published_at	2026-04-13T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.7926
published_at	2026-04-01T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79267
published_at	2026-04-02T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79291
published_at	2026-04-04T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79277
published_at	2026-04-07T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79302
published_at	2026-04-08T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79312
published_at	2026-04-09T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79335
published_at	2026-04-11T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79319
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252276
reference_id	1252276
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252276

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-80

reference_id

mfsa2015-80

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-80

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4475

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ueke-9crt-qybh

url VCID-um9h-twug-97ha

vulnerability_id VCID-um9h-twug-97ha

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1970.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1970.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1970

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68357
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68424
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68441
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68468
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68456
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68378
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68397
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68374
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1970

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1216837
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1216837

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html

reference_url	http://www.securityfocus.com/bid/84220
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84220

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780
reference_id	1315780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1970
reference_id	CVE-2016-1970
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1970

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1970

reference_id

CVE-2016-1970

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1970

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

reference_id

mfsa2016-32

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1970

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-um9h-twug-97ha

url VCID-urxv-nzfr-sfhb

vulnerability_id VCID-urxv-nzfr-sfhb

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1953.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1953.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1953

reference_id

reference_type

scores

value	0.00705
scoring_system	epss
scoring_elements	0.72058
published_at	2026-04-01T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72103
published_at	2026-04-13T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72111
published_at	2026-04-09T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72133
published_at	2026-04-11T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72118
published_at	2026-04-12T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72065
published_at	2026-04-02T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72085
published_at	2026-04-04T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72062
published_at	2026-04-07T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72099
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1953

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1199171
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1199171

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1205163
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1205163

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1207958
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1207958

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224361
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224361

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224363
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224363

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224369
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224369

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1225618
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1225618

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234425
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234425

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1236519
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1236519

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1238558
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1238558

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1238935
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1238935

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1241731
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1241731

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243555
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243555

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243583
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243583

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1245866
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1245866

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1247236
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1247236

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248794
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248794

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-16.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-16.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315567
reference_id	1315567
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315567

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_id	cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1953
reference_id	CVE-2016-1953
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1953

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1953

reference_id

CVE-2016-1953

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1953

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-16

reference_id

mfsa2016-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-16

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1953

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-urxv-nzfr-sfhb

url VCID-ut8d-5w7x-4qg2

vulnerability_id VCID-ut8d-5w7x-4qg2

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1964.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1964.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1964

reference_id

reference_type

scores

value	0.00701
scoring_system	epss
scoring_elements	0.72031
published_at	2026-04-13T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71984
published_at	2026-04-01T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72038
published_at	2026-04-09T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72062
published_at	2026-04-11T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72046
published_at	2026-04-12T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71991
published_at	2026-04-02T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72011
published_at	2026-04-04T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71987
published_at	2026-04-07T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72026
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1964

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243335
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243335

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-27.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-27.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315774
reference_id	1315774
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315774

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1964

reference_id

CVE-2016-1964

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1964

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-27

reference_id

mfsa2016-27

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-27

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1964

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ut8d-5w7x-4qg2

url VCID-uur2-nxhu-hkev

vulnerability_id VCID-uur2-nxhu-hkev

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4490.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4490.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4490

reference_id

reference_type

scores

value	0.00337
scoring_system	epss
scoring_elements	0.56586
published_at	2026-04-13T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.5647
published_at	2026-04-01T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56567
published_at	2026-04-07T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56588
published_at	2026-04-04T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56618
published_at	2026-04-08T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56623
published_at	2026-04-09T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56632
published_at	2026-04-11T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56607
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4490

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252294
reference_id	1252294
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252294

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4490
reference_id	CVE-2015-4490
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4490

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-91

reference_id

mfsa2015-91

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-91

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4490

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uur2-nxhu-hkev

url VCID-v3rg-mrwe-yqck

vulnerability_id VCID-v3rg-mrwe-yqck

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4484.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4484.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4484

reference_id

reference_type

scores

value	0.00848
scoring_system	epss
scoring_elements	0.74846
published_at	2026-04-13T12:55:00Z

value	0.00848
scoring_system	epss
scoring_elements	0.74802
published_at	2026-04-01T12:55:00Z

value	0.00848
scoring_system	epss
scoring_elements	0.74804
published_at	2026-04-02T12:55:00Z

value	0.00848
scoring_system	epss
scoring_elements	0.74832
published_at	2026-04-04T12:55:00Z

value	0.00848
scoring_system	epss
scoring_elements	0.74806
published_at	2026-04-07T12:55:00Z

value	0.00848
scoring_system	epss
scoring_elements	0.74839
published_at	2026-04-08T12:55:00Z

value	0.00848
scoring_system	epss
scoring_elements	0.74853
published_at	2026-04-09T12:55:00Z

value	0.00848
scoring_system	epss
scoring_elements	0.74876
published_at	2026-04-11T12:55:00Z

value	0.00848
scoring_system	epss
scoring_elements	0.74855
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252289
reference_id	1252289
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252289

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-87

reference_id

mfsa2015-87

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-87

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4484

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3rg-mrwe-yqck

url VCID-va34-kurf-uycj

vulnerability_id VCID-va34-kurf-uycj

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2793.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2793.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2793

reference_id

reference_type

scores

value	0.00562
scoring_system	epss
scoring_elements	0.6834
published_at	2026-04-13T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68276
published_at	2026-04-01T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.6836
published_at	2026-04-09T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68386
published_at	2026-04-11T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-12T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68296
published_at	2026-04-02T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68316
published_at	2026-04-04T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68292
published_at	2026-04-07T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68343
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2793

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243513
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2793

reference_id

CVE-2016-2793

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2793

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-2793

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-va34-kurf-uycj

url VCID-wut5-sqr6-mubd

vulnerability_id VCID-wut5-sqr6-mubd

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0591.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0591.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0684.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0684.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0685.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0685.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1978.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1978.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1978

reference_id

reference_type

scores

value	0.02458
scoring_system	epss
scoring_elements	0.85233
published_at	2026-04-13T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85163
published_at	2026-04-01T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85224
published_at	2026-04-09T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85239
published_at	2026-04-11T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85236
published_at	2026-04-12T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85175
published_at	2026-04-02T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85193
published_at	2026-04-04T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85194
published_at	2026-04-07T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85216
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1978

reference_url	https://bto.bluecoat.com/security-advisory/sa124
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa124

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209546
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-15.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-15.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/84275
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84275

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1035258
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035258

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315565
reference_id	1315565
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315565

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
reference_id	CVE-2016-1978
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1978

reference_id

CVE-2016-1978

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1978

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-15

reference_id

mfsa2016-15

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-15

reference_url	https://access.redhat.com/errata/RHSA-2016:0591
reference_id	RHSA-2016:0591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0591

reference_url	https://access.redhat.com/errata/RHSA-2016:0684
reference_id	RHSA-2016:0684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0684

reference_url	https://access.redhat.com/errata/RHSA-2016:0685
reference_id	RHSA-2016:0685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0685

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1978

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wut5-sqr6-mubd

url VCID-x2yk-hpvu-6fg6

vulnerability_id VCID-x2yk-hpvu-6fg6

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4479.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4479.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4479

reference_id

reference_type

scores

value	0.02255
scoring_system	epss
scoring_elements	0.84598
published_at	2026-04-13T12:55:00Z

value	0.02255
scoring_system	epss
scoring_elements	0.8452
published_at	2026-04-01T12:55:00Z

value	0.02255
scoring_system	epss
scoring_elements	0.84535
published_at	2026-04-02T12:55:00Z

value	0.02255
scoring_system	epss
scoring_elements	0.84556
published_at	2026-04-04T12:55:00Z

value	0.02255
scoring_system	epss
scoring_elements	0.8456
published_at	2026-04-07T12:55:00Z

value	0.02255
scoring_system	epss
scoring_elements	0.84581
published_at	2026-04-08T12:55:00Z

value	0.02255
scoring_system	epss
scoring_elements	0.84588
published_at	2026-04-09T12:55:00Z

value	0.02255
scoring_system	epss
scoring_elements	0.84607
published_at	2026-04-11T12:55:00Z

value	0.02255
scoring_system	epss
scoring_elements	0.84602
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4493

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252285
reference_id	1252285
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252285

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-83

reference_id

mfsa2015-83

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-83

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-4479

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x2yk-hpvu-6fg6

url VCID-xpdy-jt9v-nuhj

vulnerability_id VCID-xpdy-jt9v-nuhj

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1971.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1971.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1971

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68357
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68424
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68441
published_at	2026-04-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68468
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68456
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68378
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68397
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68374
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1971

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1217663
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1217663

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html

reference_url	http://www.securityfocus.com/bid/84220
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84220

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780
reference_id	1315780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1971
reference_id	CVE-2016-1971
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1971

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1971

reference_id

CVE-2016-1971

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1971

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

reference_id

mfsa2016-32

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1971

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xpdy-jt9v-nuhj

url VCID-xx39-5rg1-b3am

vulnerability_id VCID-xx39-5rg1-b3am

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2710.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2710.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2710

reference_id

reference_type

scores

value	0.02421
scoring_system	epss
scoring_elements	0.8513
published_at	2026-04-13T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85058
published_at	2026-04-01T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85071
published_at	2026-04-02T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85088
published_at	2026-04-04T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85092
published_at	2026-04-07T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85114
published_at	2026-04-08T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85121
published_at	2026-04-09T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85135
published_at	2026-04-11T12:55:00Z

value	0.02421
scoring_system	epss
scoring_elements	0.85133
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2710

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1220601
reference_id	1220601
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1220601

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-48

reference_id

mfsa2015-48

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-48

reference_url	https://access.redhat.com/errata/RHSA-2015:0988
reference_id	RHSA-2015:0988
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0988

reference_url	https://access.redhat.com/errata/RHSA-2015:1012
reference_id	RHSA-2015:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1012

reference_url	https://usn.ubuntu.com/2602-1/
reference_id	USN-2602-1
reference_type
scores
url	https://usn.ubuntu.com/2602-1/

reference_url	https://usn.ubuntu.com/2603-1/
reference_id	USN-2603-1
reference_type
scores
url	https://usn.ubuntu.com/2603-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-2710

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xx39-5rg1-b3am

url VCID-ywys-vj5p-ubbe

vulnerability_id VCID-ywys-vj5p-ubbe

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1968.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1968.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1968

reference_id

reference_type

scores

value	0.01806
scoring_system	epss
scoring_elements	0.82816
published_at	2026-04-13T12:55:00Z

value	0.01806
scoring_system	epss
scoring_elements	0.82751
published_at	2026-04-01T12:55:00Z

value	0.01806
scoring_system	epss
scoring_elements	0.82804
published_at	2026-04-08T12:55:00Z

value	0.01806
scoring_system	epss
scoring_elements	0.82809
published_at	2026-04-09T12:55:00Z

value	0.01806
scoring_system	epss
scoring_elements	0.82826
published_at	2026-04-11T12:55:00Z

value	0.01806
scoring_system	epss
scoring_elements	0.82821
published_at	2026-04-12T12:55:00Z

value	0.01806
scoring_system	epss
scoring_elements	0.82767
published_at	2026-04-02T12:55:00Z

value	0.01806
scoring_system	epss
scoring_elements	0.82781
published_at	2026-04-04T12:55:00Z

value	0.01806
scoring_system	epss
scoring_elements	0.82778
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1968

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246742
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246742

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-30.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-30.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315777
reference_id	1315777
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315777

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817233
reference_id	817233
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817233

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1968
reference_id	CVE-2016-1968
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1968

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1968

reference_id

CVE-2016-1968

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1968

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-30

reference_id

mfsa2016-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-30

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1968

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ywys-vj5p-ubbe

url VCID-z26z-btvf-x7eq

vulnerability_id VCID-z26z-btvf-x7eq

summary

Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird, the worst of which may allow user-assisted execution of
    arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html

reference_url	http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1980.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1980.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1981.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1981.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7182.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7182.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-7182

reference_id

reference_type

scores

value	0.11044
scoring_system	epss
scoring_elements	0.9344
published_at	2026-04-13T12:55:00Z

value	0.11044
scoring_system	epss
scoring_elements	0.93405
published_at	2026-04-01T12:55:00Z

value	0.11044
scoring_system	epss
scoring_elements	0.93433
published_at	2026-04-09T12:55:00Z

value	0.11044
scoring_system	epss
scoring_elements	0.93438
published_at	2026-04-11T12:55:00Z

value	0.11044
scoring_system	epss
scoring_elements	0.93439
published_at	2026-04-12T12:55:00Z

value	0.11044
scoring_system	epss
scoring_elements	0.93413
published_at	2026-04-02T12:55:00Z

value	0.11044
scoring_system	epss
scoring_elements	0.93421
published_at	2026-04-07T12:55:00Z

value	0.11044
scoring_system	epss
scoring_elements	0.93429
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7182

reference_url	https://bto.bluecoat.com/security-advisory/sa119
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa119

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1202868
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1202868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes

reference_url	http://www.debian.org/security/2015/dsa-3393
reference_id
reference_type
scores
url	http://www.debian.org/security/2015/dsa-3393

reference_url	http://www.debian.org/security/2015/dsa-3410
reference_id
reference_type
scores
url	http://www.debian.org/security/2015/dsa-3410

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2015/mfsa2015-133.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2015/mfsa2015-133.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/77416
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/77416

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1034069
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034069

reference_url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753
reference_id
reference_type
scores
url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753

reference_url	http://www.ubuntu.com/usn/USN-2785-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2785-1

reference_url	http://www.ubuntu.com/usn/USN-2791-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2791-1

reference_url	http://www.ubuntu.com/usn/USN-2819-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2819-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1269351
reference_id	1269351
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1269351

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.0:::::::*
reference_id	cpe:2.3:a:mozilla:network_security_services:3.20.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:2.1.1:::::::*
reference_id	cpe:2.3:a:oracle:glassfish_server:2.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:2.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:::::::*
reference_id	cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_server:7.0:::::::*
reference_id	cpe:2.3:a:oracle:iplanet_web_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:opensso:3.0-0.7:::::::*
reference_id	cpe:2.3:a:oracle:opensso:3.0-0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:opensso:3.0-0.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:traffic_director:11.1.1.7.0:::::::*
reference_id	cpe:2.3:a:oracle:traffic_director:11.1.1.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:traffic_director:11.1.1.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:traffic_director:11.1.1.9.0:::::::*
reference_id	cpe:2.3:a:oracle:traffic_director:11.1.1.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:traffic_director:11.1.1.9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-7182

reference_id

CVE-2015-7182

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-7182

reference_url	https://security.gentoo.org/glsa/201512-10
reference_id	GLSA-201512-10
reference_type
scores
url	https://security.gentoo.org/glsa/201512-10

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-133

reference_id

mfsa2015-133

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-133

reference_url	https://access.redhat.com/errata/RHSA-2015:1980
reference_id	RHSA-2015:1980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1980

reference_url	https://access.redhat.com/errata/RHSA-2015:1981
reference_id	RHSA-2015:1981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1981

reference_url	https://access.redhat.com/errata/RHSA-2015:2068
reference_id	RHSA-2015:2068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2068

reference_url	https://usn.ubuntu.com/2785-1/
reference_id	USN-2785-1
reference_type
scores
url	https://usn.ubuntu.com/2785-1/

reference_url	https://usn.ubuntu.com/2791-1/
reference_id	USN-2791-1
reference_type
scores
url	https://usn.ubuntu.com/2791-1/

reference_url	https://usn.ubuntu.com/2819-1/
reference_id	USN-2819-1
reference_type
scores
url	https://usn.ubuntu.com/2819-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.5.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.5.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.5.0

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2015-7182

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z26z-btvf-x7eq

url VCID-z4ad-5vm8-t3g2

vulnerability_id VCID-z4ad-5vm8-t3g2

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://hg.mozilla.org/releases/mozilla-release/rev/f0d2911a9a4e
reference_id
reference_type
scores
url	http://hg.mozilla.org/releases/mozilla-release/rev/f0d2911a9a4e

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1966.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1966.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1966

reference_id

reference_type

scores

value	0.00797
scoring_system	epss
scoring_elements	0.74003
published_at	2026-04-13T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.73955
published_at	2026-04-01T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.74006
published_at	2026-04-09T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.74028
published_at	2026-04-11T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.7401
published_at	2026-04-12T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.73962
published_at	2026-04-02T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.73987
published_at	2026-04-04T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.73958
published_at	2026-04-07T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.73992
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1966

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246054
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246054

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-31.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-31.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315778
reference_id	1315778
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315778

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1966

reference_id

CVE-2016-1966

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1966

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-31

reference_id

mfsa2016-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-31

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
purl	pkg:ebuild/mail-client/thunderbird-bin@3.22.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

url	pkg:ebuild/mail-client/thunderbird-bin@4.12
purl	pkg:ebuild/mail-client/thunderbird-bin@4.12
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@4.12

url	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@38.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@38.7.0

aliases CVE-2016-1966

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z4ad-5vm8-t3g2

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@3.22.2

Package Instance