Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie

Type deb

Namespace debian

Name qemu

Version 1:2.6+dfsg-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:2.6+dfsg-2

Latest_non_vulnerable_version 1:11.0.0+ds-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-4xv9-ahxv-tuh1

vulnerability_id VCID-4xv9-ahxv-tuh1

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=80eecda8e5d09c442c24307f340840a5b70ea3b9
reference_id
reference_type
scores
url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=80eecda8e5d09c442c24307f340840a5b70ea3b9

reference_url	http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html
reference_id
reference_type
scores
url	http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2392.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2392.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2392

reference_id

reference_type

scores

value	0.00086
scoring_system	epss
scoring_elements	0.24637
published_at	2026-05-07T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.2456
published_at	2026-05-05T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24887
published_at	2026-04-01T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24966
published_at	2026-04-02T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.25006
published_at	2026-04-04T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24781
published_at	2026-04-07T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24849
published_at	2026-04-08T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24893
published_at	2026-04-09T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24908
published_at	2026-04-11T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24869
published_at	2026-04-12T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24814
published_at	2026-04-13T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24826
published_at	2026-04-16T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24818
published_at	2026-04-18T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24797
published_at	2026-04-21T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24736
published_at	2026-04-24T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24725
published_at	2026-04-26T12:55:00Z

value	0.00086
scoring_system	epss
scoring_elements	0.24681
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2392

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2392
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2392

reference_url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg02553.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg02553.html

reference_url	http://www.openwall.com/lists/oss-security/2016/02/16/7
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/02/16/7

reference_url	http://www.securityfocus.com/bid/83274
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/83274

reference_url	http://www.ubuntu.com/usn/USN-2974-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2974-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1302299
reference_id	1302299
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1302299

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815008
reference_id	815008
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815008

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.5.0:::::::*
reference_id	cpe:2.3:a:qemu:qemu:2.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2392

reference_id

CVE-2016-2392

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2392

reference_url	https://security.gentoo.org/glsa/201604-01
reference_id	GLSA-201604-01
reference_type
scores
url	https://security.gentoo.org/glsa/201604-01

reference_url	https://usn.ubuntu.com/2974-1/
reference_id	USN-2974-1
reference_type
scores
url	https://usn.ubuntu.com/2974-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-2392

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4xv9-ahxv-tuh1

url VCID-7r2x-vm78-gkb3

vulnerability_id VCID-7r2x-vm78-gkb3

summary QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks

references

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0724.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0724.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0725.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0725.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0997.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0997.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0999.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0999.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1000.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1000.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1001.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1001.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1002.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1002.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1019.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1019.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1943.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1943.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3710.json

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3710.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3710

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.22178
published_at	2026-04-01T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.2198
published_at	2026-05-07T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22017
published_at	2026-04-26T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22003
published_at	2026-04-29T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.21907
published_at	2026-05-05T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22336
published_at	2026-04-02T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.2238
published_at	2026-04-04T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22165
published_at	2026-04-07T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22248
published_at	2026-04-08T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22301
published_at	2026-04-09T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22321
published_at	2026-04-11T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22279
published_at	2026-04-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22219
published_at	2026-04-13T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22221
published_at	2026-04-16T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22216
published_at	2026-04-18T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.2217
published_at	2026-04-21T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.2203
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3710

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3710
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3710

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3712
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3712

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01197.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01197.html

reference_url	http://support.citrix.com/article/CTX212736
reference_id
reference_type
scores
url	http://support.citrix.com/article/CTX212736

reference_url	http://www.debian.org/security/2016/dsa-3573
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3573

reference_url	http://www.openwall.com/lists/oss-security/2016/05/09/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/05/09/3

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/90316
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90316

reference_url	http://www.securitytracker.com/id/1035794
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035794

reference_url	http://www.ubuntu.com/usn/USN-2974-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2974-1

reference_url	http://xenbits.xen.org/xsa/advisory-179.html
reference_id
reference_type
scores
url	http://xenbits.xen.org/xsa/advisory-179.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1331401
reference_id	1331401
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1331401

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823830
reference_id	823830
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823830

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver::::::::
reference_id	cpe:2.3:a:citrix:xenserver::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.0.0:::::::*
reference_id	cpe:2.3:a:hp:helion_openstack:2.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.0:::::::*
reference_id	cpe:2.3:a:hp:helion_openstack:2.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.2:::::::*
reference_id	cpe:2.3:a:hp:helion_openstack:2.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.4:::::::*
reference_id	cpe:2.3:a:hp:helion_openstack:2.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:helion_openstack:2.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.2::::::x86:
reference_id	cpe:2.3:a:oracle:vm_server:3.2::::::x86:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.2::::::x86:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.3::::::x86:
reference_id	cpe:2.3:a:oracle:vm_server:3.3::::::x86:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.3::::::x86:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.4::::::x86:
reference_id	cpe:2.3:a:oracle:vm_server:3.4::::::x86:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.4::::::x86:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc2::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc3::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc4::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:::::::*
reference_id	cpe:2.3:a:redhat:openstack:8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:3.0:::::::*
reference_id	cpe:2.3:a:redhat:virtualization:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-::::::
reference_id	cpe:2.3:o:oracle:linux:5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-::::::
reference_id	cpe:2.3:o:oracle:linux:6:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::
reference_id	cpe:2.3:o:oracle:linux:7:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-3710

reference_id

CVE-2016-3710

reference_type

scores

value	7.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-3710

reference_url	https://access.redhat.com/errata/RHSA-2016:0724
reference_id	RHSA-2016:0724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0724

reference_url	https://access.redhat.com/errata/RHSA-2016:0725
reference_id	RHSA-2016:0725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0725

reference_url	https://access.redhat.com/errata/RHSA-2016:0997
reference_id	RHSA-2016:0997
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0997

reference_url	https://access.redhat.com/errata/RHSA-2016:0999
reference_id	RHSA-2016:0999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0999

reference_url	https://access.redhat.com/errata/RHSA-2016:1000
reference_id	RHSA-2016:1000
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1000

reference_url	https://access.redhat.com/errata/RHSA-2016:1001
reference_id	RHSA-2016:1001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1001

reference_url	https://access.redhat.com/errata/RHSA-2016:1002
reference_id	RHSA-2016:1002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1002

reference_url	https://access.redhat.com/errata/RHSA-2016:1019
reference_id	RHSA-2016:1019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1019

reference_url	https://access.redhat.com/errata/RHSA-2016:1224
reference_id	RHSA-2016:1224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1224

reference_url	https://access.redhat.com/errata/RHSA-2016:1943
reference_id	RHSA-2016:1943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1943

reference_url	https://usn.ubuntu.com/2974-1/
reference_id	USN-2974-1
reference_type
scores
url	https://usn.ubuntu.com/2974-1/

reference_url	https://xenbits.xen.org/xsa/advisory-179.html
reference_id	XSA-179
reference_type
scores
url	https://xenbits.xen.org/xsa/advisory-179.html

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-3710

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7r2x-vm78-gkb3

url VCID-8tn1-kvxa-m3ex

vulnerability_id VCID-8tn1-kvxa-m3ex

summary QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks

references

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2585.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2585.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0621.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0621.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3712.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3712.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3712

reference_id

reference_type

scores

value	0.00138
scoring_system	epss
scoring_elements	0.33311
published_at	2026-05-07T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33354
published_at	2026-04-29T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33244
published_at	2026-05-05T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33604
published_at	2026-04-01T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33934
published_at	2026-04-02T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33966
published_at	2026-04-04T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.3382
published_at	2026-04-07T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33863
published_at	2026-04-08T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33895
published_at	2026-04-09T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33894
published_at	2026-04-11T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33852
published_at	2026-04-12T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33827
published_at	2026-04-13T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33865
published_at	2026-04-16T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.3385
published_at	2026-04-18T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33818
published_at	2026-04-21T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33457
published_at	2026-04-24T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33437
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3712

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3710
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3710

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3712
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3712

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.5
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01196.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01196.html

reference_url	http://support.citrix.com/article/CTX212736
reference_id
reference_type
scores
url	http://support.citrix.com/article/CTX212736

reference_url	http://www.debian.org/security/2016/dsa-3573
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3573

reference_url	http://www.openwall.com/lists/oss-security/2016/05/09/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/05/09/4

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/90314
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90314

reference_url	http://www.securitytracker.com/id/1035794
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035794

reference_url	http://www.ubuntu.com/usn/USN-2974-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2974-1

reference_url	http://xenbits.xen.org/xsa/advisory-179.html
reference_id
reference_type
scores
url	http://xenbits.xen.org/xsa/advisory-179.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1318712
reference_id	1318712
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1318712

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823830
reference_id	823830
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823830

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver::::::::
reference_id	cpe:2.3:a:citrix:xenserver::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc2::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc3::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc4::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.3::::::x86:
reference_id	cpe:2.3:o:oracle:vm_server:3.3::::::x86:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.3::::::x86:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4::::::x86:
reference_id	cpe:2.3:o:oracle:vm_server:3.4::::::x86:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4::::::x86:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-3712

reference_id

CVE-2016-3712

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-3712

reference_url	https://access.redhat.com/errata/RHSA-2016:2585
reference_id	RHSA-2016:2585
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2585

reference_url	https://access.redhat.com/errata/RHSA-2017:0621
reference_id	RHSA-2017:0621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0621

reference_url	https://usn.ubuntu.com/2974-1/
reference_id	USN-2974-1
reference_type
scores
url	https://usn.ubuntu.com/2974-1/

reference_url	https://xenbits.xen.org/xsa/advisory-179.html
reference_id	XSA-179
reference_type
scores
url	https://xenbits.xen.org/xsa/advisory-179.html

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-3712

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8tn1-kvxa-m3ex

url VCID-9zeb-77t6-57cx

vulnerability_id VCID-9zeb-77t6-57cx

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3a15cc0e1ee7168db0782133d2607a6bfa422d66
reference_id
reference_type
scores
url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3a15cc0e1ee7168db0782133d2607a6bfa422d66

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4001.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4001.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4001

reference_id

reference_type

scores

value	0.09366
scoring_system	epss
scoring_elements	0.92815
published_at	2026-05-07T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92792
published_at	2026-04-29T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92802
published_at	2026-05-05T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92748
published_at	2026-04-01T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92754
published_at	2026-04-02T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92759
published_at	2026-04-04T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92757
published_at	2026-04-07T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92766
published_at	2026-04-08T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92771
published_at	2026-04-09T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92776
published_at	2026-04-11T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92775
published_at	2026-04-13T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92786
published_at	2026-04-16T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92787
published_at	2026-04-18T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92791
published_at	2026-04-21T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92797
published_at	2026-04-24T12:55:00Z

value	0.09366
scoring_system	epss
scoring_elements	0.92798
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4001

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4001
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4001

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01334.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01334.html

reference_url	http://www.openwall.com/lists/oss-security/2016/04/11/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/04/11/4

reference_url	http://www.openwall.com/lists/oss-security/2016/04/12/6
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/04/12/6

reference_url	http://www.securityfocus.com/bid/85976
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/85976

reference_url	http://www.ubuntu.com/usn/USN-2974-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2974-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1325884
reference_id	1325884
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1325884

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821038
reference_id	821038
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821038

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4001

reference_id

CVE-2016-4001

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4001

reference_url	https://security.gentoo.org/glsa/201609-01
reference_id	GLSA-201609-01
reference_type
scores
url	https://security.gentoo.org/glsa/201609-01

reference_url	https://usn.ubuntu.com/2974-1/
reference_id	USN-2974-1
reference_type
scores
url	https://usn.ubuntu.com/2974-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-4001

risk_score 3.9

exploitability 0.5

weighted_severity 7.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9zeb-77t6-57cx

url VCID-aa98-tyaq-3kew

vulnerability_id VCID-aa98-tyaq-3kew

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2197.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2197.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2197

reference_id

reference_type

scores

value	0.00111
scoring_system	epss
scoring_elements	0.29138
published_at	2026-05-07T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29626
published_at	2026-04-08T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29693
published_at	2026-04-02T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29744
published_at	2026-04-04T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29563
published_at	2026-04-07T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29664
published_at	2026-04-09T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29666
published_at	2026-04-11T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29622
published_at	2026-04-12T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29571
published_at	2026-04-13T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.2959
published_at	2026-04-16T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29564
published_at	2026-04-18T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29519
published_at	2026-04-21T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29403
published_at	2026-04-24T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29289
published_at	2026-04-26T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29224
published_at	2026-04-29T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29077
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2197

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1302057
reference_id	1302057
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1302057

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813194
reference_id	813194
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813194

reference_url	https://security.gentoo.org/glsa/201604-01
reference_id	GLSA-201604-01
reference_type
scores
url	https://security.gentoo.org/glsa/201604-01

reference_url	https://usn.ubuntu.com/2891-1/
reference_id	USN-2891-1
reference_type
scores
url	https://usn.ubuntu.com/2891-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-2197

risk_score 0.6

exploitability 0.5

weighted_severity 1.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aa98-tyaq-3kew

url VCID-bqnq-bar5-nfgr

vulnerability_id VCID-bqnq-bar5-nfgr

summary Qemu: usb: Infinite loop vulnerability in usb_ehci using siTD process

references

reference_url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1ae3f2f178087711f9591350abad133525ba93f2
reference_id
reference_type
scores
url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1ae3f2f178087711f9591350abad133525ba93f2

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4037.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4037.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4037

reference_id

reference_type

scores

value	0.00093
scoring_system	epss
scoring_elements	0.25802
published_at	2026-05-07T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.25851
published_at	2026-04-29T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.25744
published_at	2026-05-05T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.261
published_at	2026-04-01T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26181
published_at	2026-04-02T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26223
published_at	2026-04-04T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.25994
published_at	2026-04-07T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26061
published_at	2026-04-08T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26113
published_at	2026-04-09T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26123
published_at	2026-04-11T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26077
published_at	2026-04-12T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26017
published_at	2026-04-13T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26021
published_at	2026-04-16T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.25998
published_at	2026-04-18T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.25964
published_at	2026-04-21T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.25903
published_at	2026-04-24T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.25899
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4037

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4037
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4037

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.5
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02691.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02691.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02734.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02734.html

reference_url	http://www.openwall.com/lists/oss-security/2016/04/18/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/04/18/3

reference_url	http://www.openwall.com/lists/oss-security/2016/04/18/6
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/04/18/6

reference_url	http://www.securityfocus.com/bid/86283
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/86283

reference_url	http://www.ubuntu.com/usn/USN-2974-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2974-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1325129
reference_id	1325129
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1325129

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822344
reference_id	822344
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822344

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc2::::::
reference_id	cpe:2.3:a:qemu:qemu:2.6.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.6.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4037

reference_id

CVE-2016-4037

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:C

value	6.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4037

reference_url	https://usn.ubuntu.com/2974-1/
reference_id	USN-2974-1
reference_type
scores
url	https://usn.ubuntu.com/2974-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-4037

risk_score 2.7

exploitability 0.5

weighted_severity 5.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bqnq-bar5-nfgr

url VCID-fcgm-hbbm-qyhj

vulnerability_id VCID-fcgm-hbbm-qyhj

summary Qemu: usb: multiple eof_timers in ohci module leads to null pointer dereference

references

reference_url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=fa1298c2d623522eda7b4f1f721fcb935abb7360
reference_id
reference_type
scores
url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=fa1298c2d623522eda7b4f1f721fcb935abb7360

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2391.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2391.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2391

reference_id

reference_type

scores

value	0.00053
scoring_system	epss
scoring_elements	0.16286
published_at	2026-05-07T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16302
published_at	2026-04-29T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16169
published_at	2026-05-05T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16393
published_at	2026-04-01T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16576
published_at	2026-04-02T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16638
published_at	2026-04-04T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16437
published_at	2026-04-07T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16523
published_at	2026-04-08T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16577
published_at	2026-04-09T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16558
published_at	2026-04-11T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16518
published_at	2026-04-12T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16459
published_at	2026-04-13T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16399
published_at	2026-04-16T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.1642
published_at	2026-04-18T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16456
published_at	2026-04-21T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16349
published_at	2026-04-24T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16346
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2391

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2391
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2391

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03374.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03374.html

reference_url	http://www.openwall.com/lists/oss-security/2016/02/16/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/02/16/2

reference_url	http://www.securityfocus.com/bid/83263
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/83263

reference_url	http://www.ubuntu.com/usn/USN-2974-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2974-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1304794
reference_id	1304794
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1304794

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815009
reference_id	815009
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815009

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2391

reference_id

CVE-2016-2391

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2391

reference_url	https://usn.ubuntu.com/2974-1/
reference_id	USN-2974-1
reference_type
scores
url	https://usn.ubuntu.com/2974-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-2391

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcgm-hbbm-qyhj

url VCID-ghre-ztj1-nbhh

vulnerability_id VCID-ghre-ztj1-nbhh

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=415ab35a441eca767d033a2702223e785b9d5190
reference_id
reference_type
scores
url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=415ab35a441eca767d033a2702223e785b9d5190

reference_url	http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html
reference_id
reference_type
scores
url	http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2841.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2841.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2841

reference_id

reference_type

scores

value	0.00061
scoring_system	epss
scoring_elements	0.1873
published_at	2026-05-07T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.18766
published_at	2026-04-29T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.18646
published_at	2026-05-05T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19017
published_at	2026-04-01T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19152
published_at	2026-04-02T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19204
published_at	2026-04-04T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.1892
published_at	2026-04-07T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.18999
published_at	2026-04-08T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19053
published_at	2026-04-09T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19059
published_at	2026-04-11T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19013
published_at	2026-04-12T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.18961
published_at	2026-04-13T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.18914
published_at	2026-04-16T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.18928
published_at	2026-04-18T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.18939
published_at	2026-04-21T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.18831
published_at	2026-04-24T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.1881
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2841

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg06126.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg06126.html

reference_url	http://www.openwall.com/lists/oss-security/2016/03/02/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/03/02/8

reference_url	http://www.securityfocus.com/bid/84028
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84028

reference_url	http://www.ubuntu.com/usn/USN-2974-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2974-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1303106
reference_id	1303106
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1303106

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817181
reference_id	817181
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817181

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2841

reference_id

CVE-2016-2841

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	6.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2841

reference_url	https://security.gentoo.org/glsa/201609-01
reference_id	GLSA-201609-01
reference_type
scores
url	https://security.gentoo.org/glsa/201609-01

reference_url	https://usn.ubuntu.com/2974-1/
reference_id	USN-2974-1
reference_type
scores
url	https://usn.ubuntu.com/2974-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-2841

risk_score 2.7

exploitability 0.5

weighted_severity 5.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ghre-ztj1-nbhh

url VCID-m549-2ra5-2fct

vulnerability_id VCID-m549-2ra5-2fct

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2198.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2198.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2198

reference_id

reference_type

scores

value	0.00104
scoring_system	epss
scoring_elements	0.27971
published_at	2026-05-07T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28482
published_at	2026-04-01T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28577
published_at	2026-04-02T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.2862
published_at	2026-04-04T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28423
published_at	2026-04-07T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.2849
published_at	2026-04-12T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28531
published_at	2026-04-09T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28533
published_at	2026-04-11T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28441
published_at	2026-04-13T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28458
published_at	2026-04-16T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28435
published_at	2026-04-18T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28383
published_at	2026-04-21T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28258
published_at	2026-04-24T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28146
published_at	2026-04-26T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28068
published_at	2026-04-29T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.27909
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2198

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2198
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2198

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301643
reference_id	1301643
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301643

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813193
reference_id	813193
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813193

reference_url	https://security.gentoo.org/glsa/201604-01
reference_id	GLSA-201604-01
reference_type
scores
url	https://security.gentoo.org/glsa/201604-01

reference_url	https://usn.ubuntu.com/2891-1/
reference_id	USN-2891-1
reference_type
scores
url	https://usn.ubuntu.com/2891-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-2198

risk_score 0.6

exploitability 0.5

weighted_severity 1.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m549-2ra5-2fct

url VCID-nhc4-1zw4-mfgq

vulnerability_id VCID-nhc4-1zw4-mfgq

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=fe3c546c5ff2a6210f9a4d8561cc64051ca8603e
reference_id
reference_type
scores
url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=fe3c546c5ff2a6210f9a4d8561cc64051ca8603e

reference_url	http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html
reference_id
reference_type
scores
url	http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2538.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2538.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2538

reference_id

reference_type

scores

value	0.00088
scoring_system	epss
scoring_elements	0.24891
published_at	2026-05-07T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.2482
published_at	2026-05-05T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25159
published_at	2026-04-01T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25239
published_at	2026-04-02T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25278
published_at	2026-04-04T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25052
published_at	2026-04-07T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25121
published_at	2026-04-08T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25165
published_at	2026-04-09T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25178
published_at	2026-04-11T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25136
published_at	2026-04-12T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25083
published_at	2026-04-13T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25094
published_at	2026-04-16T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25085
published_at	2026-04-18T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25057
published_at	2026-04-21T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.24997
published_at	2026-04-24T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.24986
published_at	2026-04-26T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.24941
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2538

reference_url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html

reference_url	https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03658.html
reference_id
reference_type
scores
url	https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03658.html

reference_url	http://www.openwall.com/lists/oss-security/2016/02/22/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/02/22/3

reference_url	http://www.securityfocus.com/bid/83336
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/83336

reference_url	http://www.ubuntu.com/usn/USN-2974-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2974-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1303120
reference_id	1303120
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1303120

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815680
reference_id	815680
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815680

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2538

reference_id

CVE-2016-2538

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:P

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2538

reference_url	https://security.gentoo.org/glsa/201604-01
reference_id	GLSA-201604-01
reference_type
scores
url	https://security.gentoo.org/glsa/201604-01

reference_url	https://usn.ubuntu.com/2974-1/
reference_id	USN-2974-1
reference_type
scores
url	https://usn.ubuntu.com/2974-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-2538

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nhc4-1zw4-mfgq

url VCID-rcec-z3z9-guhk

vulnerability_id VCID-rcec-z3z9-guhk

summary Qemu: net: out of bounds read in net_checksum_calculate()

references

reference_url	http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=362786f14a753d8a5256ef97d7c10ed576d6572b
reference_id
reference_type
scores
url	http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=362786f14a753d8a5256ef97d7c10ed576d6572b

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2670.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2670.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2671.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2671.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2704.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2704.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2705.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2705.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2706.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2706.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0083.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0083.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0309.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0309.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0334.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0334.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0344.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0344.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0350.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0350.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2857.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2857.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2857

reference_id

reference_type

scores

value	0.00058
scoring_system	epss
scoring_elements	0.18164
published_at	2026-04-01T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.17903
published_at	2026-05-07T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.17994
published_at	2026-04-26T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.17957
published_at	2026-04-29T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.17811
published_at	2026-05-05T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18321
published_at	2026-04-02T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18375
published_at	2026-04-04T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18077
published_at	2026-04-07T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18161
published_at	2026-04-08T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18217
published_at	2026-04-09T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18221
published_at	2026-04-11T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18174
published_at	2026-04-12T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18123
published_at	2026-04-13T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18065
published_at	2026-04-16T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18078
published_at	2026-04-18T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18111
published_at	2026-04-21T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18018
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2857

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:P/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html

reference_url	http://www.openwall.com/lists/oss-security/2016/03/03/9
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/03/03/9

reference_url	http://www.openwall.com/lists/oss-security/2016/03/07/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/03/07/3

reference_url	http://www.securityfocus.com/bid/84130
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84130

reference_url	http://www.ubuntu.com/usn/USN-2974-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2974-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1296567
reference_id	1296567
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1296567

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817182
reference_id	817182
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817182

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:::::::*
reference_id	cpe:2.3:a:redhat:openstack:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:::::::*
reference_id	cpe:2.3:a:redhat:openstack:8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:9:::::::*
reference_id	cpe:2.3:a:redhat:openstack:9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:3.0:::::::*
reference_id	cpe:2.3:a:redhat:virtualization:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:::::::*
reference_id	cpe:2.3:a:redhat:virtualization:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2857

reference_id

CVE-2016-2857

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:P

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2857

reference_url	https://access.redhat.com/errata/RHSA-2016:2670
reference_id	RHSA-2016:2670
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2670

reference_url	https://access.redhat.com/errata/RHSA-2016:2671
reference_id	RHSA-2016:2671
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2671

reference_url	https://access.redhat.com/errata/RHSA-2016:2704
reference_id	RHSA-2016:2704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2704

reference_url	https://access.redhat.com/errata/RHSA-2016:2705
reference_id	RHSA-2016:2705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2705

reference_url	https://access.redhat.com/errata/RHSA-2016:2706
reference_id	RHSA-2016:2706
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2706

reference_url	https://access.redhat.com/errata/RHSA-2017:0083
reference_id	RHSA-2017:0083
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0083

reference_url	https://access.redhat.com/errata/RHSA-2017:0309
reference_id	RHSA-2017:0309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0309

reference_url	https://access.redhat.com/errata/RHSA-2017:0334
reference_id	RHSA-2017:0334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0334

reference_url	https://access.redhat.com/errata/RHSA-2017:0344
reference_id	RHSA-2017:0344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0344

reference_url	https://access.redhat.com/errata/RHSA-2017:0350
reference_id	RHSA-2017:0350
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0350

reference_url	https://usn.ubuntu.com/2974-1/
reference_id	USN-2974-1
reference_type
scores
url	https://usn.ubuntu.com/2974-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-2857

risk_score 3.8

exploitability 0.5

weighted_severity 7.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rcec-z3z9-guhk

url VCID-vgab-s8sr-53d9

vulnerability_id VCID-vgab-s8sr-53d9

summary

Multiple vulnerabilities have been found in QEMU, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=60253ed1e6ec6d8e5ef2efe7bf755f475dce9956
reference_id
reference_type
scores
url	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=60253ed1e6ec6d8e5ef2efe7bf755f475dce9956

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2858.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2858.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2858

reference_id

reference_type

scores

value	0.00124
scoring_system	epss
scoring_elements	0.31153
published_at	2026-05-07T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31235
published_at	2026-04-29T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31083
published_at	2026-05-05T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31637
published_at	2026-04-01T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31769
published_at	2026-04-02T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31813
published_at	2026-04-04T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31631
published_at	2026-04-07T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31683
published_at	2026-04-08T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31712
published_at	2026-04-09T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31716
published_at	2026-04-11T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31675
published_at	2026-04-12T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31639
published_at	2026-04-13T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31673
published_at	2026-04-16T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31651
published_at	2026-04-18T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31619
published_at	2026-04-21T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31442
published_at	2026-04-24T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31316
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2858

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.5
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html

reference_url	http://www.openwall.com/lists/oss-security/2016/03/04/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/03/04/1

reference_url	http://www.openwall.com/lists/oss-security/2016/03/07/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/03/07/4

reference_url	http://www.securityfocus.com/bid/84134
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84134

reference_url	http://www.ubuntu.com/usn/USN-2974-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2974-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1314676
reference_id	1314676
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1314676

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817183
reference_id	817183
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817183

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::
reference_id	cpe:2.3:a:qemu:qemu::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2858

reference_id

CVE-2016-2858

reference_type

scores

value	1.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2858

reference_url	https://security.gentoo.org/glsa/201604-01
reference_id	GLSA-201604-01
reference_type
scores
url	https://security.gentoo.org/glsa/201604-01

reference_url	https://usn.ubuntu.com/2974-1/
reference_id	USN-2974-1
reference_type
scores
url	https://usn.ubuntu.com/2974-1/

fixed_packages

url	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:2.6%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

aliases CVE-2016-2858

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vgab-s8sr-53d9

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.6%252Bdfsg-1%3Fdistro=trixie

Package Instance