CVEs from 2016
Total
8,461
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8764 | medium | 6.4 | 6.4 | 9y ago | The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 a… | |||
| CVE-2016-9316 | medium | 5.4 | 6.4 | 9y ago | Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Bu… | |||
| CVE-2016-8353 | medium | 6.4 | 6.4 | 9y ago | An issue was discovered in OSIsoft PI Web API 2015 R2 (Version 1.5.1). There is a weakness in this product that may allow an attacker to access the PI system without the proper permissions. | |||
| CVE-2016-0890 | medium | 6.4 | 6.4 | 9y ago | EMC PowerPath Virtual (Management) Appliance 2.0, EMC PowerPath Virtual (Management) Appliance 2.0 SP1 is affected by a sensitive information disclosure vulnerability that may potentially be exploite… | |||
| CVE-2016-9962 | medium | 6.4 | 6.4 | 10y ago | RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-d… | |||
| CVE-2016-7165 | medium | 6.4 | 6.4 | 10y ago | A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), S… | |||
| CVE-2016-5572 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||
| CVE-2016-5497 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||
| CVE-2016-1609 | medium | 5.4 | 6.4 | 10y ago | Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTM… | |||
| CVE-2016-5458 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the Oracle Communications EAGLE Application Processor component in Oracle Communications Applications 16.0 allows remote authenticated users to affect confidentiality and… | |||
| CVE-2016-5454 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot. | |||
| CVE-2016-3572 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote authenticated users to … | |||
| CVE-2016-4507 | medium | 6.4 | 6.4 | 10y ago | SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2016-3652 | medium | 5.4 | 6.4 | 10y ago | Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web s… | |||
| CVE-2016-1596 | medium | 5.4 | 6.4 | 10y ago | Multiple cross-site scripting (XSS) vulnerabilities in Micro Focus Novell Service Desk before 7.2 allow remote authenticated users to inject arbitrary web script or HTML via a certain (1) user name, … | |||
| CVE-2016-3431 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and in… | |||
| CVE-2016-3420 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and in… | |||
| CVE-2016-3168 | medium | 6.4 | 6.4 | 10y ago | Drupal Reflected file download vulnerability | |||
| CVE-2016-3676 | medium | 6.4 | 6.4 | 10y ago | Huawei E3276s USB modems with software before E3276s-150TCPU-V200R002B436D09SP00C00 allow man-in-the-middle attackers to intercept, spoof, or modify network traffic via unspecified vectors related to… | |||
| CVE-2016-1358 | medium | 6.4 | 6.4 | 10y ago | Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote authenticated users to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration … | |||
| CVE-2016-0589 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. | |||
| CVE-2016-0581 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Approvals Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to AME … | |||
| CVE-2016-0578 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to… | |||
| CVE-2016-0576 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related t… | |||
| CVE-2016-0563 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown … | |||
| CVE-2016-0560 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf… | |||
| CVE-2016-0559 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf… | |||
| CVE-2016-0554 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Interaction Center Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality an… | |||
| CVE-2016-0553 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integr… | |||
| CVE-2016-0552 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf… | |||
| CVE-2016-0551 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf… | |||
| CVE-2016-0550 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality a… | |||
| CVE-2016-0549 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela… | |||
| CVE-2016-0548 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela… | |||
| CVE-2016-0547 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela… | |||
| CVE-2016-0545 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf… | |||
| CVE-2016-0544 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Archite… | |||
| CVE-2016-0543 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Preview. | |||
| CVE-2016-0537 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to P… | |||
| CVE-2016-0532 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality a… | |||
| CVE-2016-0530 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confiden… | |||
| CVE-2016-0529 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confiden… | |||
| CVE-2016-0528 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confiden… | |||
| CVE-2016-0527 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confiden… | |||
| CVE-2016-0525 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity… | |||
| CVE-2016-0524 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related… | |||
| CVE-2016-0518 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to G… | |||
| CVE-2016-0517 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to G… | |||
| CVE-2016-0516 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Quality component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to QA / Orde… | |||
| CVE-2016-0515 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to … | |||
| CVE-2016-0514 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to … | |||
| CVE-2016-0512 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to S… | |||
| CVE-2016-0511 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela… | |||
| CVE-2016-0510 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela… | |||
| CVE-2016-0490 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integ… | |||
| CVE-2016-0488 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integ… | |||
| CVE-2016-0487 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integ… | |||
| CVE-2016-2980 | medium | 6.3 | 6.3 | 9y ago | The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. IBM X-Fo… | |||
| CVE-2016-5063 | medium | 5.3 | 6.3 | 9y ago | The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote attackers to bypass authorization checks and make an RPC call via unspecified vecto… | |||
| CVE-2016-8007 | medium | 6.3 | 6.3 | 9y ago | Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific condi… | |||
| CVE-2016-9955 | medium | 6.3 | 6.3 | 9y ago | The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consu… | |||
| CVE-2016-8350 | medium | 6.3 | 6.3 | 9y ago | An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware… | |||
| CVE-2016-5372 | medium | 6.3 | 6.3 | 9y ago | Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact… | |||
| CVE-2016-9873 | medium | 6.3 | 6.3 | 9y ago | EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authenti… | |||
| CVE-2016-5990 | medium | 6.3 | 6.3 | 10y ago | IBM Security Privileged Identity Manager Virtual Appliance allows an authenticated user to upload malicious files that would be automatically executed by the server. | |||
| CVE-2016-5939 | medium | 6.3 | 6.3 | 10y ago | IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the… | |||
| CVE-2016-8299 | medium | 6.3 | 6.3 | 10y ago | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.… | |||
| CVE-2016-5545 | medium | 6.3 | 6.3 | 10y ago | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily explo… | |||
| CVE-2016-5221 | medium | 6.3 | 6.3 | 10y ago | multiple issues in chromium | |||
| CVE-2016-5219 | medium | 6.3 | 6.3 | 10y ago | multiple issues in chromium | |||
| CVE-2016-5216 | medium | 6.3 | 6.3 | 10y ago | multiple issues in chromium | |||
| CVE-2016-5215 | medium | 6.3 | 6.3 | 10y ago | multiple issues in chromium | |||
| CVE-2016-7169 | medium | 6.3 | 6.3 | 10y ago | Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authent… | |||
| CVE-2016-5190 | medium | 6.3 | 6.3 | 10y ago | multiple issues in chromium | |||
| CVE-2016-6628 | medium | 6.3 | 6.3 | 10y ago | phpMyAdmin Reflected File Download attack | |||
| CVE-2016-0325 | medium | 6.3 | 6.3 | 10y ago | IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 … | |||
| CVE-2016-5604 | medium | 6.3 | 6.3 | 10y ago | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors r… | |||
| CVE-2016-5601 | medium | 6.3 | 6.3 | 10y ago | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors r… | |||
| CVE-2016-3388 | medium | 5.3 | 6.3 | 10y ago | Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsof… | |||
| CVE-2016-7777 | medium | 6.3 | 6.3 | 10y ago | Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks o… | |||
| CVE-2016-3302 | medium | 6.3 | 6.3 | 10y ago | Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607, when the lock screen is enabled, do not properly restrict the loading of web content, which allows … | |||
| CVE-2016-2837 | medium | 6.3 | 6.3 | 10y ago | Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remo… | |||
| CVE-2016-4652 | medium | 6.3 | 6.3 | 10y ago | CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain sensitive information from kernel memory and consequently gain privileges, or cause a denial of service (out-of-bounds read), vi… | |||
| CVE-2016-3563 | medium | 6.3 | 6.3 | 10y ago | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors r… | |||
| CVE-2016-5787 | medium | 6.3 | 6.3 | 10y ago | General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors. | |||
| CVE-2016-0899 | medium | 6.3 | 6.3 | 10y ago | EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Con… | |||
| CVE-2016-5728 | medium | 6.3 | 6.3 | 10y ago | Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel mem… | |||
| CVE-2016-0914 | medium | 6.3 | 6.3 | 10y ago | EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Do… | |||
| CVE-2016-0894 | medium | 6.3 | 6.3 | 10y ago | EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to bypass intended object access restrictions via a modified parameter. | |||
| CVE-2016-1200 | medium | 6.3 | 6.3 | 10y ago | The management screen in LOCKON EC-CUBE 3.0.7 through 3.0.9 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2016-1… | |||
| CVE-2016-2111 | medium | 6.3 | 6.3 | 10y ago | The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a se… | |||
| CVE-2016-2301 | medium | 6.3 | 6.3 | 10y ago | SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2016-3963 | medium | 5.3 | 6.3 | 10y ago | Siemens SCALANCE S613 allows remote attackers to cause a denial of service (web-server outage) via traffic to TCP port 443. | |||
| CVE-2016-2277 | medium | 6.3 | 6.3 | 10y ago | IAB.exe in Rockwell Automation Integrated Architecture Builder (IAB) before 9.6.0.8 and 9.7.x before 9.7.0.2 allows remote attackers to execute arbitrary code via a crafted project file. | |||
| CVE-2016-1176 | medium | 6.3 | 6.3 | 10y ago | Buffer overflow in the ActiveX control in Sharp EVA Animeter allows remote attackers to execute arbitrary code via a crafted web page. | |||
| CVE-2016-1737 | medium | 6.3 | 6.3 | 10y ago | Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file. | |||
| CVE-2016-1975 | medium | 6.3 | 6.3 | 10y ago | Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service … | |||
| CVE-2016-1638 | medium | 6.3 | 6.3 | 10y ago | extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass inte… | |||
| CVE-2016-0763 | medium | 6.3 | 6.3 | 10y ago | Improper Verification of Source of a Communication Channel in Apache Tomcat | |||
| CVE-2016-1628 | medium | 6.3 | 6.3 | 10y ago | pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of se… |