CVEs from 2016
Total
8,461
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-0363 | high | 8.1 | 8.1 | 10y ago | The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.… | |||
| CVE-2016-4087 | high | 8.1 | 8.1 | 10y ago | Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of se… | |||
| CVE-2016-1671 | high | 8.1 | 8.1 | 10y ago | Google Chrome before 50.0.2661.102 on Android mishandles / (slash) and \ (backslash) characters, which allows attackers to conduct directory traversal attacks via a file: URL, related to net/base/esc… | |||
| CVE-2016-2014 | high | 8.1 | 8.1 | 10y ago | HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors. | |||
| CVE-2016-2346 | high | 8.1 | 8.1 | 10y ago | Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client… | |||
| CVE-2016-4054 | high | 8.1 | 8.1 | 10y ago | Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses. | |||
| CVE-2016-4052 | high | 8.1 | 8.1 | 10y ago | Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (… | |||
| CVE-2016-3693 | high | 8.1 | 8.1 | 10y ago | safemode gem allows context-dependent attackers to obtain sensitive information via the inspect method | |||
| CVE-2016-1651 | high | 8.1 | 8.1 | 10y ago | fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 50.0.2661.75, does not properly implement the sycc420_to_rgb and sycc422_to_rgb functions, which allows remote attackers … | |||
| CVE-2016-2409 | high | 8.1 | 8.1 | 10y ago | A Texas Instruments (TI) haptic kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this d… | |||
| CVE-2016-3171 | high | 8.1 | 8.1 | 10y ago | Drupal arbitrary code execution | |||
| CVE-2016-3169 | high | 8.1 | 8.1 | 10y ago | Drupal saving user accounts can sometimes grant the user all roles | |||
| CVE-2016-3162 | high | 8.1 | 8.1 | 10y ago | Drupal File upload access bypass and denial of service | |||
| CVE-2016-1866 | high | 8.1 | 8.1 | 10y ago | Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master dat… | |||
| CVE-2016-3675 | high | 8.1 | 8.1 | 10y ago | SQL injection vulnerability in Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to syste… | |||
| CVE-2016-1030 | high | 8.1 | 8.1 | 10y ago | Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecifi… | |||
| CVE-2016-1006 | high | 8.1 | 8.1 | 10y ago | Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data. | |||
| CVE-2016-2510 | high | 8.1 | 8.1 | 10y ago | Improper Input Validation in BeanShell | |||
| CVE-2016-1714 | high | 8.1 | 8.1 | 10y ago | The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_… | |||
| CVE-2016-1290 | high | 8.1 | 8.1 | 10y ago | The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gai… | |||
| CVE-2016-0636 | high | 8.1 | 8.1 | 10y ago | Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-componen… | |||
| CVE-2016-1762 | high | 8.1 | 8.1 | 10y ago | The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | |||
| CVE-2016-1993 | high | 8.1 | 8.1 | 10y ago | HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | |||
| CVE-2016-2342 | high | 8.1 | 8.1 | 10y ago | The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data… | |||
| CVE-2016-1526 | high | 8.1 | 8.1 | 10y ago | The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which… | |||
| CVE-2016-0036 | high | 8.1 | 8.1 | 10y ago | The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote authenticated users to execute arbitrary code v… | |||
| CVE-2016-1567 | high | 8.1 | 8.1 | 11y ago | chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arb… | |||
| CVE-2016-0858 | high | 8.1 | 8.1 | 11y ago | Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request. | |||
| CVE-2016-0778 | high | 8.1 | 8.1 | 11y ago | The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly m… | |||
| CVE-2016-0019 | high | 8.1 | 8.1 | 11y ago | The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password… | |||
| CVE-2016-9778 | high | — | 8.0 | — | An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulner… | |||
| CVE-2016-8615 | high | — | 8.0 | — | A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookie… | |||
| CVE-2016-8621 | high | — | 8.0 | — | The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short. | |||
| CVE-2016-8625 | high | — | 8.0 | — | curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong ho… | |||
| CVE-2016-8616 | high | — | 8.0 | — | A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an u… | |||
| CVE-2016-8619 | high | — | 8.0 | — | The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free. | |||
| CVE-2016-9591 | high | — | 8.0 | — | multiple issues in jasper | |||
| CVE-2016-8620 | high | — | 8.0 | — | The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. | |||
| CVE-2016-8617 | high | — | 8.0 | — | The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`. | |||
| CVE-2016-6328 | high | — | 8.0 | — | A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some criti… | |||
| CVE-2016-8624 | high | — | 8.0 | — | curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into connecting to a different ho… | |||
| CVE-2016-8623 | high | — | 8.0 | — | A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure. | |||
| CVE-2016-8618 | high | — | 8.0 | — | The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables. | |||
| CVE-2016-8622 | high | — | 8.0 | — | The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than … | |||
| CVE-2016-2124 | high | — | 8.0 | 5y ago | RHSA-2021:5082: samba security update (Important) | |||
| CVE-2016-5789 | high | 8.0 | 8.0 | 9y ago | A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. An attacker could perform actions with the same permissions as a victim user, provided the victim has an active sess… | |||
| CVE-2016-7507 | high | 8.0 | 8.0 | 9y ago | Cross-Site Request Forgery (CSRF) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to submit a request that could lead to the creation of an admin account in the application. | |||
| CVE-2016-9991 | high | 8.0 | 8.0 | 9y ago | IBM Sterling Order Management 9.2 through 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the … | |||
| CVE-2016-1161 | high | 8.0 | 8.0 | 9y ago | Cross-site request forgery (CSRF) vulnerability in ManageEngine Password Manager Pro before 8.5 (Build 8500). | |||
| CVE-2016-9351 | high | 7.0 | 8.0 | 9y ago | An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. The directory traversal/file upload error allows an attacker to upload and unpack a zip file. | |||
| CVE-2016-7904 | high | 8.0 | 8.0 | 10y ago | Cross-site request forgery (CSRF) vulnerability in CMS Made Simple before 2.1.6 allows remote attackers to hijack the authentication of administrators for requests that create accounts via an admin/a… | |||
| CVE-2016-8201 | high | 8.0 | 8.0 | 10y ago | A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traff… | |||
| CVE-2016-10010 | high | 7.0 | 8.0 | 10y ago | sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to … | |||
| CVE-2016-6664 | high | 7.0 | 8.0 | 10y ago | mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percon… | |||
| CVE-2016-6663 | high | 7.0 | 8.0 | 10y ago | Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server b… | |||
| CVE-2016-2884 | high | 8.0 | 8.0 | 10y ago | Cross-site request forgery (CSRF) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3.1, in an unspecified non-default configuration, allows remote authenticated users to hijac… | |||
| CVE-2016-2878 | high | 8.0 | 8.0 | 10y ago | Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote attackers to hijack the authentication of arbitrary users for r… | |||
| CVE-2016-2863 | high | 8.0 | 8.0 | 10y ago | Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Commerce 7.0 Feature Pack 8, 8.0.0.x before 8.0.0.10, and 8.0.1.x before 8.0.1.2 allows remote authenticated users to hijack the authe… | |||
| CVE-2016-0386 | high | 8.0 | 8.0 | 10y ago | Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the auth… | |||
| CVE-2016-3651 | high | 8.0 | 8.0 | 10y ago | Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors. | |||
| CVE-2016-4822 | high | 8.0 | 8.0 | 10y ago | Corega CG-WLBARGL devices allow remote authenticated users to execute arbitrary commands via unspecified vectors. | |||
| CVE-2016-4371 | high | 8.0 | 8.0 | 10y ago | HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery… | |||
| CVE-2016-4506 | high | 8.0 | 8.0 | 10y ago | Cross-site request forgery (CSRF) vulnerability on Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allows remote authenticated users to hijack the authentication of … | |||
| CVE-2016-4558 | high | 7.0 | 8.0 | 10y ago | The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a … | |||
| CVE-2016-1661 | high | 8.0 | 8.0 | 10y ago | Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers… | |||
| CVE-2016-1531 | high | 7.0 | 8.0 | 10y ago | Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument. | |||
| CVE-2016-1757 | high | 7.0 | 8.0 | 10y ago | Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||
| CVE-2016-1991 | high | 8.0 | 8.0 | 10y ago | HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download… | |||
| CVE-2016-1489 | high | 8.0 | 8.0 | 11y ago | Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network… | |||
| CVE-2016-9379 | high | 7.9 | 7.9 | 10y ago | The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes… | |||
| CVE-2016-5563 | high | 7.9 | 7.9 | 10y ago | Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote administrators t… | |||
| CVE-2016-2243 | high | 7.9 | 7.9 | 10y ago | Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access. | |||
| CVE-2016-1255 | high | 7.8 | 7.8 | 9y ago | The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, i… | |||
| CVE-2016-6804 | high | 7.8 | 7.8 | 9y ago | The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated pr… | |||
| CVE-2016-6803 | high | 7.8 | 7.8 | 9y ago | An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan … | |||
| CVE-2016-5002 | high | 7.8 | 7.8 | 9y ago | Apache XML-RPC XXE Vulnerability | |||
| CVE-2016-4922 | high | 7.8 | 7.8 | 9y ago | Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow unauthorized access to the operating system. This may allow any user with permiss… | |||
| CVE-2016-4434 | high | 7.8 | 7.8 | 9y ago | Apache Tika does not properly initialize the XML parser or choose handlers | |||
| CVE-2016-5759 | high | 7.8 | 7.8 | 9y ago | The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root. | |||
| CVE-2016-2972 | high | 7.8 | 7.8 | 9y ago | IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. IBM X-Force ID: 113855. | |||
| CVE-2016-10389 | high | 7.8 | 7.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a … | |||
| CVE-2016-5864 | high | 7.8 | 7.8 | 9y ago | In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer overfl… | |||
| CVE-2016-5863 | high | 7.8 | 7.8 | 9y ago | In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses. | |||
| CVE-2016-10402 | high | 7.8 | 7.8 | 9y ago | Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer ov… | |||
| CVE-2016-7062 | high | 7.8 | 7.8 | 9y ago | rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage Console Node 2 x86_64 allows local users to obtain the password as cleartext. | |||
| CVE-2016-10395 | high | 7.8 | 7.8 | 9y ago | In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licen… | |||
| CVE-2016-10342 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler. | |||
| CVE-2016-10341 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended. | |||
| CVE-2016-10340 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler. | |||
| CVE-2016-10338 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing. | |||
| CVE-2016-7838 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in WinSparkle versions prior to 0.5.3 allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||
| CVE-2016-7837 | high | 7.8 | 7.8 | 9y ago | Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities. | |||
| CVE-2016-7818 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in Installers for Specification check program (social insurance) Ver. 9.00 and earlier, TODOKESHO print program Ver. 5.00 and earlier, Device data encryption progr… | |||
| CVE-2016-4902 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.0.1 and earlier, The Public Certification Service for… | |||
| CVE-2016-4973 | high | 7.8 | 7.8 | 9y ago | Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Si… | |||
| CVE-2016-8228 | high | 7.8 | 7.8 | 9y ago | In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges. | |||
| CVE-2016-5735 | high | 7.8 | 7.8 | 9y ago | Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow. | |||
| CVE-2016-1876 | high | 7.8 | 7.8 | 9y ago | The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors. | |||
| CVE-2016-7804 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2016-4901 | high | 7.8 | 7.8 | 9y ago | Untrusted search path vulnerability in The installer of e-Tax Software all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. |