Search for vulnerabilities
Vulnerability details: VCID-q7bf-8cx9-ckff
Vulnerability ID VCID-q7bf-8cx9-ckff
Aliases CVE-2016-1839
Summary
Status Published
Exploitability 2.0
Weighted Severity 3.2
Risk 6.4
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-125 Out-of-bounds Read
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-122 Heap-based Buffer Overflow
System Score Found at
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.03399 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.0349 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
epss 0.04129 https://api.first.org/data/v1/epss?cve=CVE-2016-1839
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json
https://api.first.org/data/v1/epss?cve=CVE-2016-1839
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1338703 https://bugzilla.redhat.com/show_bug.cgi?id=1338703
CVE-2016-1839 Exploit https://code.google.com/p/google-security-research/issues/detail?id=637
CVE-2016-1839 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt
CVE-2016-1839 https://nvd.nist.gov/vuln/detail/CVE-2016-1839
RHSA-2016:1292 https://access.redhat.com/errata/RHSA-2016:1292
RHSA-2016:2957 https://access.redhat.com/errata/RHSA-2016:2957
USN-2994-1 https://usn.ubuntu.com/2994-1/
Data source Exploit-DB
Date added Feb. 24, 2016
Description libxml2 - xmlDictAddString Heap Buffer Overread
Ransomware campaign use Known
Source publication date Feb. 24, 2016
Exploit type dos
Platform linux
Source update date Feb. 24, 2016
Source URL https://code.google.com/p/google-security-research/issues/detail?id=637
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.86949
EPSS Score 0.03399
Published At Aug. 5, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:34:46.008768+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/2994-1/ 37.0.0