CVEs from 2016
Total
8,465
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8443 | high | 7.8 | 7.8 | 10y ago | Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: Q… | |||
| CVE-2016-8442 | high | 7.8 | 7.8 | 10y ago | Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-316259… | |||
| CVE-2016-8441 | high | 7.8 | 7.8 | 10y ago | Possible buffer overflow in the hypervisor. Inappropriate usage of a static array could lead to a buffer overrun. Product: Android. Versions: Kernel 3.18. Android ID: A-31625904. References: QC-CR#10… | |||
| CVE-2016-8436 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Crit… | |||
| CVE-2016-8433 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical d… | |||
| CVE-2016-8432 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8431 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8430 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8429 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8428 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8427 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8426 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8425 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8424 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8423 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critic… | |||
| CVE-2016-8422 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critic… | |||
| CVE-2016-6790 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This i… | |||
| CVE-2016-6789 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This i… | |||
| CVE-2016-6777 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-6776 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-6775 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-6772 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate becau… | |||
| CVE-2016-6768 | high | 7.8 | 7.8 | 10y ago | A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This is… | |||
| CVE-2016-6762 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rat… | |||
| CVE-2016-6761 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated a… | |||
| CVE-2016-6760 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated a… | |||
| CVE-2016-6759 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated a… | |||
| CVE-2016-6758 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated a… | |||
| CVE-2016-5684 | high | 7.8 | 7.8 | 10y ago | An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resultin… | |||
| CVE-2016-5646 | high | 7.8 | 7.8 | 10y ago | An exploitable heap overflow vulnerability exists in the Compound Binary File Format (CBFF) parser functionality of Lexmark Perceptive Document Filters library. A specially crafted CBFF file can caus… | |||
| CVE-2016-4298 | high | 7.8 | 7.8 | 10y ago | When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a list of elements using a length from the file. When… | |||
| CVE-2016-4296 | high | 7.8 | 7.8 | 10y ago | When opening a Hangul Hcell Document (.cell) and processing a record that uses the CSSValFormat object, Hancom Office 2014 will search for an underscore ("_") character at the end of the string and w… | |||
| CVE-2016-4295 | high | 7.8 | 7.8 | 10y ago | When opening a Hangul Hcell Document (.cell) and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 201… | |||
| CVE-2016-4294 | high | 7.8 | 7.8 | 10y ago | When opening a Hangul Hcell Document (.cell) and processing a property record within the Workbook stream, Hancom Office 2014 will attempt to allocate space for an element using a length from the file… | |||
| CVE-2016-4292 | high | 7.8 | 7.8 | 10y ago | When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will use a static size to allocate a heap buffer yet explicitly trust a size from the fi… | |||
| CVE-2016-4291 | high | 7.8 | 7.8 | 10y ago | When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overfl… | |||
| CVE-2016-4290 | high | 7.8 | 7.8 | 10y ago | When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a block of data within the file. When calculating thi… | |||
| CVE-2016-9754 | high | 7.8 | 7.8 | 10y ago | The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain pri… | |||
| CVE-2016-10012 | high | 7.8 | 7.8 | 10y ago | The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local use… | |||
| CVE-2016-10081 | high | 7.8 | 7.8 | 10y ago | /usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action. | |||
| CVE-2016-7086 | high | 7.8 | 7.8 | 10y ago | The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the… | |||
| CVE-2016-7085 | high | 7.8 | 7.8 | 10y ago | Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via… | |||
| CVE-2016-7084 | high | 7.8 | 7.8 | 10y ago | tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execu… | |||
| CVE-2016-7083 | high | 7.8 | 7.8 | 10y ago | VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary co… | |||
| CVE-2016-7082 | high | 7.8 | 7.8 | 10y ago | VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary co… | |||
| CVE-2016-7081 | high | 7.8 | 7.8 | 10y ago | Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allo… | |||
| CVE-2016-7080 | high | 7.8 | 7.8 | 10y ago | The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vect… | |||
| CVE-2016-7079 | high | 7.8 | 7.8 | 10y ago | The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vect… | |||
| CVE-2016-2246 | high | 7.8 | 7.8 | 10y ago | HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspe… | |||
| CVE-2016-9806 | high | 7.8 | 7.8 | 10y ago | Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified oth… | |||
| CVE-2016-9794 | high | 7.8 | 7.8 | 10y ago | Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or … | |||
| CVE-2016-9793 | high | 7.8 | 7.8 | 10y ago | The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory … | |||
| CVE-2016-9777 | high | 7.8 | 7.8 | 10y ago | KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of… | |||
| CVE-2016-9755 | high | 7.8 | 7.8 | 10y ago | The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly h… | |||
| CVE-2016-9576 | high | 7.8 | 7.8 | 10y ago | The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel me… | |||
| CVE-2016-8707 | high | 7.8 | 7.8 | 10y ago | An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular c… | |||
| CVE-2016-7502 | high | 7.8 | 7.8 | 10y ago | The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavs_decode. | |||
| CVE-2016-7450 | high | 7.8 | 7.8 | 10y ago | The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a malformed AIFF file. | |||
| CVE-2016-6671 | high | 7.8 | 7.8 | 10y ago | The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted SWF file. | |||
| CVE-2016-9675 | high | 7.8 | 7.8 | 10y ago | openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code. | |||
| CVE-2016-7300 | high | 7.8 | 7.8 | 10y ago | Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft (MAU) Office Elevation of Privilege Vuln… | |||
| CVE-2016-7298 | high | 7.8 | 7.8 | 10y ago | Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption)… | |||
| CVE-2016-7292 | high | 7.8 | 7.8 | 10y ago | The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Win… | |||
| CVE-2016-7289 | high | 7.8 | 7.8 | 10y ago | Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnera… | |||
| CVE-2016-7275 | high | 7.8 | 7.8 | 10y ago | Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loadin… | |||
| CVE-2016-7271 | high | 7.8 | 7.8 | 10y ago | The Secure Kernel Mode implementation in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to bypass the virtual trust level (VTL) protection mechanism via a crafte… | |||
| CVE-2016-7266 | high | 7.8 | 7.8 | 10y ago | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel 2016 for Mac mishandle a registry check, which allows u… | |||
| CVE-2016-7263 | high | 7.8 | 7.8 | 10y ago | Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Mem… | |||
| CVE-2016-7260 | high | 7.8 | 7.8 | 10y ago | The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 160… | |||
| CVE-2016-7259 | high | 7.8 | 7.8 | 10y ago | The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Wind… | |||
| CVE-2016-9950 | high | 7.8 | 7.8 | 10y ago | An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package sp… | |||
| CVE-2016-9949 | high | 7.8 | 7.8 | 10y ago | An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers t… | |||
| CVE-2016-8825 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where the size of an input buffer is not validated, leading … | |||
| CVE-2016-8824 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where improper access controls allow a regular user to write… | |||
| CVE-2016-8823 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgDdiEscape where the size of an input buffer is not validated leading to a denial of s… | |||
| CVE-2016-8822 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x600000E, 0x600000F, and 0x6000010 where a value passed … | |||
| CVE-2016-8821 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgDdiEscape where improper access controls may allow a user to access arbitrary physica… | |||
| CVE-2016-8819 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a handle to a kernel object may be returned to the us… | |||
| CVE-2016-8818 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a pointer passed from a user to the driver is used without va… | |||
| CVE-2016-8817 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used witho… | |||
| CVE-2016-8816 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used witho… | |||
| CVE-2016-8815 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a value passed from a user to the driver is used witho… | |||
| CVE-2016-8814 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, … | |||
| CVE-2016-8813 | high | 7.8 | 7.8 | 10y ago | All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, … | |||
| CVE-2016-9566 | high | 7.8 | 7.8 | 10y ago | base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged … | |||
| CVE-2016-9031 | high | 7.8 | 7.8 | 10y ago | An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when de… | |||
| CVE-2016-9215 | high | 7.8 | 7.8 | 10y ago | A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. More Information: CSCva38434. Known Affected Releas… | |||
| CVE-2016-9192 | high | 7.8 | 7.8 | 10y ago | A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to t… | |||
| CVE-2016-6470 | high | 7.8 | 7.8 | 10y ago | A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb81344. Kno… | |||
| CVE-2016-6449 | high | 7.8 | 7.8 | 10y ago | A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAM… | |||
| CVE-2016-2334 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. | |||
| CVE-2016-6706 | high | 7.8 | 7.8 | 10y ago | An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a … | |||
| CVE-2016-6699 | high | 7.8 | 7.8 | 10y ago | A remote code execution vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media… | |||
| CVE-2016-5647 | high | 7.8 | 7.8 | 10y ago | The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash)… | |||
| CVE-2016-9120 | high | 7.8 | 7.8 | 10y ago | Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by cal… | |||
| CVE-2016-8102 | high | 7.8 | 7.8 | 10y ago | Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges. | |||
| CVE-2016-9638 | high | 7.8 | 7.8 | 10y ago | In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable. … | |||
| CVE-2016-2946 | high | 7.8 | 7.8 | 10y ago | Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gai… | |||
| CVE-2016-2871 | high | 7.8 | 7.8 | 10y ago | IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file. | |||
| CVE-2016-2948 | high | 7.8 | 7.8 | 10y ago | IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors. |