{"url":"http://public2.vulnerablecode.io/api/packages/178963?format=json","purl":"pkg:rpm/redhat/libxcb@1.9.1-2?arch=el6","type":"rpm","namespace":"redhat","name":"libxcb","version":"1.9.1-2","qualifiers":{"arch":"el6"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/114689?format=json","vulnerability_id":"VCID-1msm-184m-5fdm","summary":"libXp: Integer overflow leading to heap-based buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2062.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2062.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2062","reference_id":"","reference_type":"","scores":[{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68182","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68222","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68229","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68221","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68206","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68223","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2062"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2062","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2062"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960362","reference_id":"960362","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960362"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1861-1/","reference_id":"USN-1861-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1861-1/"}],"fixed_packages":[],"aliases":["CVE-2013-2062"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1msm-184m-5fdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77865?format=json","vulnerability_id":"VCID-4xkx-8z58-pqgg","summary":"Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1982.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1982.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1982","reference_id":"","reference_type":"","scores":[{"value":"0.00489","scoring_system":"epss","scoring_elements":"0.65882","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00489","scoring_system":"epss","scoring_elements":"0.65934","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00489","scoring_system":"epss","scoring_elements":"0.65946","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00489","scoring_system":"epss","scoring_elements":"0.65932","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00489","scoring_system":"epss","scoring_elements":"0.65921","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00489","scoring_system":"epss","scoring_elements":"0.65939","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1982"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1982","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1982"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959046","reference_id":"959046","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959046"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1857-1/","reference_id":"USN-1857-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1857-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1982"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4xkx-8z58-pqgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78013?format=json","vulnerability_id":"VCID-5sax-1rpk-b3dk","summary":"Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1986.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1986.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1986","reference_id":"","reference_type":"","scores":[{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76096","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76121","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76122","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76113","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76102","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76126","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1986"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959059","reference_id":"959059","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959059"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1862-1/","reference_id":"USN-1862-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1862-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1986"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5sax-1rpk-b3dk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78016?format=json","vulnerability_id":"VCID-6e2m-rc8s-xqbd","summary":"Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictIndexValues functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1987.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1987.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1987","reference_id":"","reference_type":"","scores":[{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75963","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75989","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75988","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75981","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75967","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75991","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1987"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1987","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1987"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959061","reference_id":"959061","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959061"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1863-1/","reference_id":"USN-1863-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1863-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1987"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6e2m-rc8s-xqbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78049?format=json","vulnerability_id":"VCID-6gck-rwjc-zqdv","summary":"Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2002.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2002.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2002","reference_id":"","reference_type":"","scores":[{"value":"0.00902","scoring_system":"epss","scoring_elements":"0.7607","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00902","scoring_system":"epss","scoring_elements":"0.76095","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00902","scoring_system":"epss","scoring_elements":"0.76096","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00902","scoring_system":"epss","scoring_elements":"0.76088","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00902","scoring_system":"epss","scoring_elements":"0.76074","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00902","scoring_system":"epss","scoring_elements":"0.76098","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960352","reference_id":"960352","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960352"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1865-1/","reference_id":"USN-1865-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1865-1/"}],"fixed_packages":[],"aliases":["CVE-2013-2002"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6gck-rwjc-zqdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78054?format=json","vulnerability_id":"VCID-81ae-fu13-vug3","summary":"Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2063.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2063.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2063","reference_id":"","reference_type":"","scores":[{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.77021","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.77053","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.77062","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.7705","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.7704","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2063"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2063","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2063"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960366","reference_id":"960366","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960366"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1866-1/","reference_id":"USN-1866-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1866-1/"}],"fixed_packages":[],"aliases":["CVE-2013-2063"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81ae-fu13-vug3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78060?format=json","vulnerability_id":"VCID-83dq-v2jc-87a3","summary":"Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvMCListSurfaceTypes and (2) XvMCListSubpictureTypes functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1990.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1990.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1990","reference_id":"","reference_type":"","scores":[{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76096","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76121","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76122","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76113","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76102","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76126","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1999"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959070","reference_id":"959070","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959070"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1868-1/","reference_id":"USN-1868-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1868-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1990"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-83dq-v2jc-87a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77916?format=json","vulnerability_id":"VCID-996v-3myj-euau","summary":"Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1984.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1984.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1984","reference_id":"","reference_type":"","scores":[{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76096","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76121","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76122","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76113","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76102","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76126","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1998"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959049","reference_id":"959049","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959049"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1859-1/","reference_id":"USN-1859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1859-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1984"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-996v-3myj-euau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77867?format=json","vulnerability_id":"VCID-9u92-gpuc-7fgv","summary":"Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1983.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1983.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1983","reference_id":"","reference_type":"","scores":[{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76187","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76212","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76214","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76207","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.76196","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00909","scoring_system":"epss","scoring_elements":"0.7622","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1983"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1983","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959048","reference_id":"959048","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959048"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1858-1/","reference_id":"USN-1858-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1858-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1983"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9u92-gpuc-7fgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77856?format=json","vulnerability_id":"VCID-bdq2-x48w-bbg9","summary":"Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2003.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2003.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2003","reference_id":"","reference_type":"","scores":[{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.76035","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.7606","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.76061","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.76053","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.76039","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.76064","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2003"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2003","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2003"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959077","reference_id":"959077","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959077"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1856-1/","reference_id":"USN-1856-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1856-1/"}],"fixed_packages":[],"aliases":["CVE-2013-2003"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bdq2-x48w-bbg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77827?format=json","vulnerability_id":"VCID-c3b3-19zh-uffc","summary":"Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1997.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1997.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1997","reference_id":"","reference_type":"","scores":[{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.72986","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73024","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73031","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73013","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73001","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73025","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1997"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960345","reference_id":"960345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960345"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1854-1/","reference_id":"USN-1854-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1854-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1997"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c3b3-19zh-uffc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78019?format=json","vulnerability_id":"VCID-c6hy-z2ce-cbck","summary":"Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1988.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1988.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1988","reference_id":"","reference_type":"","scores":[{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74839","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74869","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74874","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74866","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.7485","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74876","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1988"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959066","reference_id":"959066","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959066"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1864-1/","reference_id":"USN-1864-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1864-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1988"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c6hy-z2ce-cbck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78058?format=json","vulnerability_id":"VCID-ce56-v3by-6bd2","summary":"Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2066.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2066.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2066","reference_id":"","reference_type":"","scores":[{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76134","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76159","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76161","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76153","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76141","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76165","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960369","reference_id":"960369","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960369"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1867-1/","reference_id":"USN-1867-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1867-1/"}],"fixed_packages":[],"aliases":["CVE-2013-2066"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ce56-v3by-6bd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78064?format=json","vulnerability_id":"VCID-cmxn-v2ef-m7h8","summary":"Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2000.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2000","reference_id":"","reference_type":"","scores":[{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.72986","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73024","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73031","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73013","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73001","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.73025","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960349","reference_id":"960349","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960349"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1869-1/","reference_id":"USN-1869-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1869-1/"}],"fixed_packages":[],"aliases":["CVE-2013-2000"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmxn-v2ef-m7h8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77828?format=json","vulnerability_id":"VCID-ffvf-mwbq-gqd8","summary":"The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2004.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2004.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2004","reference_id":"","reference_type":"","scores":[{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6057","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60619","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60626","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60614","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60597","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60613","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959112","reference_id":"959112","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959112"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1854-1/","reference_id":"USN-1854-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1854-1/"}],"fixed_packages":[],"aliases":["CVE-2013-2004"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ffvf-mwbq-gqd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78065?format=json","vulnerability_id":"VCID-g3q3-t8kc-1bd6","summary":"Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2001.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2001.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2001","reference_id":"","reference_type":"","scores":[{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78828","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78855","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78862","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78852","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78841","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78859","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2001"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960350","reference_id":"960350","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960350"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1870-1/","reference_id":"USN-1870-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1870-1/"}],"fixed_packages":[],"aliases":["CVE-2013-2001"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3q3-t8kc-1bd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77920?format=json","vulnerability_id":"VCID-hb57-qhmh-fbdg","summary":"Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1998.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1998.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1998","reference_id":"","reference_type":"","scores":[{"value":"0.00896","scoring_system":"epss","scoring_elements":"0.7599","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00896","scoring_system":"epss","scoring_elements":"0.76016","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00896","scoring_system":"epss","scoring_elements":"0.76008","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00896","scoring_system":"epss","scoring_elements":"0.75994","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00896","scoring_system":"epss","scoring_elements":"0.76019","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1998"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960346","reference_id":"960346","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960346"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1859-1/","reference_id":"USN-1859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1859-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1998"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hb57-qhmh-fbdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75938?format=json","vulnerability_id":"VCID-hcrz-j14a-ebhs","summary":"Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) DMXGetScreenAttributes, (2) DMXGetWindowAttributes, and (3) DMXGetInputAttributes functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1992.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1992.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1992","reference_id":"","reference_type":"","scores":[{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.77021","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.77053","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.77062","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.7705","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.7704","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1992"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959074","reference_id":"959074","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959074"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1852-1/","reference_id":"USN-1852-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1852-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1992"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hcrz-j14a-ebhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77928?format=json","vulnerability_id":"VCID-hshr-4qk2-6fdq","summary":"Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1985.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1985.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1985","reference_id":"","reference_type":"","scores":[{"value":"0.00836","scoring_system":"epss","scoring_elements":"0.74999","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00836","scoring_system":"epss","scoring_elements":"0.75028","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00836","scoring_system":"epss","scoring_elements":"0.75033","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00836","scoring_system":"epss","scoring_elements":"0.75025","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00836","scoring_system":"epss","scoring_elements":"0.7501","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00836","scoring_system":"epss","scoring_elements":"0.75037","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1985"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959056","reference_id":"959056","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959056"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1860-1/","reference_id":"USN-1860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1860-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1985"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hshr-4qk2-6fdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78057?format=json","vulnerability_id":"VCID-hywv-bwtv-3kgn","summary":"Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvQueryPortAttributes, (2) XvListImageFormats, and (3) XvCreateImage function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1989.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1989.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1989","reference_id":"","reference_type":"","scores":[{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76096","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76121","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76122","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76113","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76102","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76126","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959068","reference_id":"959068","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959068"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1867-1/","reference_id":"USN-1867-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1867-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1989"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hywv-bwtv-3kgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77826?format=json","vulnerability_id":"VCID-j9qd-ka51-p3a6","summary":"Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1981.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1981.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1981","reference_id":"","reference_type":"","scores":[{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75963","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75989","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75988","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75981","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75967","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75991","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959040","reference_id":"959040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959040"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1854-1/","reference_id":"USN-1854-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1854-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1981"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j9qd-ka51-p3a6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77829?format=json","vulnerability_id":"VCID-jefk-z9v2-kqb6","summary":"Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7439.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7439.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7439","reference_id":"","reference_type":"","scores":[{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84512","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84536","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.8454","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84535","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02136","scoring_system":"epss","scoring_elements":"0.84523","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7439"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1209943","reference_id":"1209943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1209943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/2568-1/","reference_id":"USN-2568-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2568-1/"}],"fixed_packages":[],"aliases":["CVE-2013-7439"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jefk-z9v2-kqb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78063?format=json","vulnerability_id":"VCID-kz98-3689-auhm","summary":"Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XDGAQueryModes and (2) XDGASetMode functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1991.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1991.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1991","reference_id":"","reference_type":"","scores":[{"value":"0.00683","scoring_system":"epss","scoring_elements":"0.72047","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00683","scoring_system":"epss","scoring_elements":"0.72087","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00683","scoring_system":"epss","scoring_elements":"0.72095","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00683","scoring_system":"epss","scoring_elements":"0.72072","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00683","scoring_system":"epss","scoring_elements":"0.72058","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00683","scoring_system":"epss","scoring_elements":"0.72083","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959072","reference_id":"959072","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959072"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1869-1/","reference_id":"USN-1869-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1869-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1991"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kz98-3689-auhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78061?format=json","vulnerability_id":"VCID-p23p-pyhp-hbfw","summary":"Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1999.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1999.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1999","reference_id":"","reference_type":"","scores":[{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76134","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76159","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76161","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76153","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76141","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76165","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1999"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960347","reference_id":"960347","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960347"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1868-1/","reference_id":"USN-1868-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1868-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1999"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p23p-pyhp-hbfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77918?format=json","vulnerability_id":"VCID-tbyb-c1wu-u3dm","summary":"X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1995.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1995.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1995","reference_id":"","reference_type":"","scores":[{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74839","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74869","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74874","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74866","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.7485","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74876","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1998"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960357","reference_id":"960357","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960357"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1859-1/","reference_id":"USN-1859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1859-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1995"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbyb-c1wu-u3dm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78051?format=json","vulnerability_id":"VCID-tw8h-2na1-a3g3","summary":"X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2005.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2005","reference_id":"","reference_type":"","scores":[{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71953","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71993","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.72001","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71979","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71965","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71989","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=959108","reference_id":"959108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=959108"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1865-1/","reference_id":"USN-1865-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1865-1/"}],"fixed_packages":[],"aliases":["CVE-2013-2005"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tw8h-2na1-a3g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77847?format=json","vulnerability_id":"VCID-zfqv-98av-wqbz","summary":"Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2064.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2064.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2064","reference_id":"","reference_type":"","scores":[{"value":"0.00943","scoring_system":"epss","scoring_elements":"0.76636","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00943","scoring_system":"epss","scoring_elements":"0.76666","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00943","scoring_system":"epss","scoring_elements":"0.76672","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00943","scoring_system":"epss","scoring_elements":"0.76661","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00943","scoring_system":"epss","scoring_elements":"0.7665","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2064"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=960367","reference_id":"960367","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=960367"},{"reference_url":"https://security.gentoo.org/glsa/201405-07","reference_id":"GLSA-201405-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1436","reference_id":"RHSA-2014:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1436"},{"reference_url":"https://usn.ubuntu.com/1855-1/","reference_id":"USN-1855-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1855-1/"}],"fixed_packages":[],"aliases":["CVE-2013-2064"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zfqv-98av-wqbz"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libxcb@1.9.1-2%3Farch=el6"}