{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","type":"ebuild","namespace":"app-emulation","name":"qemu","version":"2.8.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.8.0-r1","latest_non_vulnerable_version":"8.0.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48343?format=json","vulnerability_id":"VCID-2ywm-rb9g-x3fr","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10028.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10028.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10028","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24979","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2479","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24649","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24725","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25057","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25096","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24871","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2494","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24986","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24999","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24904","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24918","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24911","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24887","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24832","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2482","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24774","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10028"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10028","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10028"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:C"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406367","reference_id":"1406367","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406367"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849798","reference_id":"849798","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849798"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"},{"reference_url":"https://usn.ubuntu.com/3268-1/","reference_id":"USN-3268-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3268-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-10028"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ywm-rb9g-x3fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48344?format=json","vulnerability_id":"VCID-32c4-eqrz-cfd5","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9101.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9101.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9101","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30323","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30354","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30401","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30216","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30276","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30311","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30315","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.3027","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30224","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30238","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.3022","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30175","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30111","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29995","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29917","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29783","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29853","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29865","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9101","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9101"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1389538","reference_id":"1389538","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1389538"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842455","reference_id":"842455","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842455"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3125-1/","reference_id":"USN-3125-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3125-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9101"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-32c4-eqrz-cfd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48349?format=json","vulnerability_id":"VCID-5xxx-u1x4-dfah","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9908.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9908.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9908","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22259","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22426","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22471","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22341","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22397","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22417","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22376","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22318","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22333","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22326","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22275","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22126","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22113","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22103","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22002","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22081","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2216","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9908"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402262","reference_id":"1402262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402262"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847400","reference_id":"847400","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847400"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"},{"reference_url":"https://usn.ubuntu.com/3268-1/","reference_id":"USN-3268-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3268-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9908"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5xxx-u1x4-dfah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48350?format=json","vulnerability_id":"VCID-5zfh-ajn1-fqbb","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9911.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9911.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9911","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35975","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36166","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36196","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36032","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36081","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36106","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36067","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36041","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36082","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36068","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36016","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35788","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35755","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35667","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35553","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35625","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35646","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9911"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402272","reference_id":"1402272","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402272"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847951","reference_id":"847951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847951"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2392","reference_id":"RHSA-2017:2392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2408","reference_id":"RHSA-2017:2408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2408"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9911"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5zfh-ajn1-fqbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48345?format=json","vulnerability_id":"VCID-77re-jhdj-syg6","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9776.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9776","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19862","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19748","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19579","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19664","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.2001","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20068","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19795","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19875","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19929","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19895","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19837","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19813","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19817","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19829","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19725","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19717","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19685","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"},{"value":"3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1400829","reference_id":"1400829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1400829"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846797","reference_id":"846797","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846797"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9776"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-77re-jhdj-syg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48353?format=json","vulnerability_id":"VCID-ab2e-uu8h-7qhx","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9914.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9914.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9914","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2174","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21905","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21958","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21857","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21869","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21771","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21772","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21778","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21743","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21596","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2159","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21581","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21484","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2155","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21636","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9914"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402276","reference_id":"1402276","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402276"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847496","reference_id":"847496","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847496"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"},{"reference_url":"https://usn.ubuntu.com/3268-1/","reference_id":"USN-3268-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3268-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9914"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ab2e-uu8h-7qhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48358?format=json","vulnerability_id":"VCID-axzq-sq7f-7yau","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9923.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9923.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9923","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35716","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35913","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35944","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35825","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35855","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35814","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35791","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.3583","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35818","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35769","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35537","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35505","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35418","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35301","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.3537","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35392","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9923"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9923","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9923"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402967","reference_id":"1402967","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402967"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847957","reference_id":"847957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847957"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9923"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-axzq-sq7f-7yau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48352?format=json","vulnerability_id":"VCID-b2wb-y2qf-afh7","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9913.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9913.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9913","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2174","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21905","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21958","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21857","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21869","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21771","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21772","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21778","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21743","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21596","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2159","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21581","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21484","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2155","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21636","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9913"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402276","reference_id":"1402276","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402276"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847496","reference_id":"847496","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847496"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9913"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b2wb-y2qf-afh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48354?format=json","vulnerability_id":"VCID-drpd-g9w1-t7ad","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9915.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9915.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9915","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2174","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21905","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21958","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21857","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21869","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21771","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21772","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21778","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21743","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21596","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2159","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21581","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21484","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2155","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21636","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9915"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9915","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9915"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402276","reference_id":"1402276","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402276"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847496","reference_id":"847496","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847496"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9915"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-drpd-g9w1-t7ad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48346?format=json","vulnerability_id":"VCID-du84-jfqv-q3hu","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9845.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9845.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9845","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26526","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26577","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26622","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26407","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26476","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26525","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26532","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26486","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26428","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26434","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26404","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26368","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26301","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26293","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26242","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26114","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26181","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26237","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9845"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402245","reference_id":"1402245","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402245"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847381","reference_id":"847381","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847381"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9845"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-du84-jfqv-q3hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48348?format=json","vulnerability_id":"VCID-gysr-zvcz-1yfm","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9907.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9907.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9907","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35975","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36166","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36196","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36032","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36081","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36106","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36067","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36041","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36082","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36068","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36016","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35788","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35755","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35667","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35553","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35625","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35646","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9907"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402265","reference_id":"1402265","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402265"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847953","reference_id":"847953","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847953"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2392","reference_id":"RHSA-2017:2392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2408","reference_id":"RHSA-2017:2408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2408"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9907"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gysr-zvcz-1yfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48351?format=json","vulnerability_id":"VCID-m828-1szt-hfb6","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9912.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9912.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9912","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29634","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29701","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29752","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29571","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29671","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29674","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29629","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29578","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29597","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29572","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29526","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.2941","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29296","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29231","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29085","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29146","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29161","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9912"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402284","reference_id":"1402284","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402284"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847391","reference_id":"847391","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847391"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"},{"reference_url":"https://usn.ubuntu.com/3268-1/","reference_id":"USN-3268-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3268-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9912"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m828-1szt-hfb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48347?format=json","vulnerability_id":"VCID-qjf9-yvjp-tqef","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9846.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9846.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9846","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24644","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.2472","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24759","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24532","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24603","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.2465","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24667","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24626","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24569","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24582","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24573","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24548","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24493","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24479","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24438","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.2431","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24388","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24451","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9846"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402255","reference_id":"1402255","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402255"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847382","reference_id":"847382","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847382"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9846"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjf9-yvjp-tqef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48356?format=json","vulnerability_id":"VCID-r4z8-mhwj-qyhp","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9921.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9921.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9921","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28413","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28488","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.2853","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28326","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28391","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28434","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28437","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28394","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28337","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28348","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28279","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28184","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28072","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27994","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.2783","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27894","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27921","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9921"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334398","reference_id":"1334398","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334398"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847960","reference_id":"847960","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847960"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2392","reference_id":"RHSA-2017:2392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2408","reference_id":"RHSA-2017:2408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2408"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9921"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4z8-mhwj-qyhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48355?format=json","vulnerability_id":"VCID-w3nb-nbh8-m3fj","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9916.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9916.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9916","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2174","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21905","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21958","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21857","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21869","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21771","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21772","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21778","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21743","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21596","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2159","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21581","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21484","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2155","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21636","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9916"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402276","reference_id":"1402276","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402276"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847496","reference_id":"847496","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847496"},{"reference_url":"https://security.gentoo.org/glsa/201701-49","reference_id":"GLSA-201701-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-49"},{"reference_url":"https://usn.ubuntu.com/3261-1/","reference_id":"USN-3261-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3261-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77471?format=json","purl":"pkg:ebuild/app-emulation/qemu@2.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}],"aliases":["CVE-2016-9916"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w3nb-nbh8-m3fj"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0"}