VIR Vulnerability Intelligence Relay

CVEs from 2016

8,461 normalized CVEs published or assigned in this year.

Total
8,461
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%

Top vendors

Top products

  • phpmyadmin 3,382
  • php 1,748
  • squid 1,549
  • samba 1,093
  • drupal 868
  • firefox 757
  • moodle 700
  • openssl 664

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2016-3674 unknown 6y ago XML External Entity Injection in XStream
CVE-2016-8750 unknown 8y ago Moderate severity vulnerability that affects org.apache.karaf:apache-karaf
CVE-2016-10726 unknown 8y ago High severity vulnerability that affects org.dspace:dspace-xmlui
CVE-2016-1000345 unknown 8y ago Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
CVE-2016-1000344 unknown 8y ago In Bouncy Castle JCE Provider the DHIES implementation allowed the use of ECB mode
CVE-2016-8609 unknown 8y ago Improper Authentication in org.keycloak:keycloak-core
CVE-2016-8629 unknown 8y ago Moderate severity vulnerability that affects org.keycloak:keycloak-core
CVE-2016-1000352 unknown 8y ago In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode
CVE-2016-1000346 unknown 8y ago In Bouncy Castle JCE Provider the other party DH public key is not fully validated
CVE-2016-1000343 unknown 8y ago In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values
CVE-2016-1000342 unknown 8y ago In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification
CVE-2016-1000341 unknown 8y ago Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
CVE-2016-1000340 unknown 8y ago The Bouncy Castle JCE Provider carry a propagation bug
CVE-2016-1000339 unknown 8y ago Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
CVE-2016-1000338 unknown 8y ago In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate
CVE-2016-10707 unknown 9y ago Denial of Service in jquery