CVEs from 2016
Total
8,471
critical
critical 1,164
high
high 3,521
medium
medium 3,172
low
low 249
% Critical
13.7%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1245 | critical | 9.8 | 9.8 | 9y ago | It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSI… | |||
| CVE-2016-9400 | critical | 9.8 | 9.8 | 9y ago | The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code… | |||
| CVE-2016-9684 | critical | 9.8 | 9.8 | 9y ago | The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewc… | |||
| CVE-2016-9683 | critical | 9.8 | 9.8 | 9y ago | The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'exten… | |||
| CVE-2016-9682 | critical | 9.8 | 9.8 | 9y ago | The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the … | |||
| CVE-2016-9053 | critical | 9.8 | 9.8 | 9y ago | An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a… | |||
| CVE-2016-9051 | critical | 9.8 | 9.8 | 9y ago | An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-boun… | |||
| CVE-2016-7663 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "CoreFoundation" component. … | |||
| CVE-2016-7630 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "WebSheet" component, which allows attackers to bypass a sandbox protection mechanism via unspec… | |||
| CVE-2016-6875 | critical | 9.8 | 9.8 | 9y ago | Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | |||
| CVE-2016-6874 | critical | 9.8 | 9.8 | 9y ago | The array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, related to recursion. | |||
| CVE-2016-6873 | critical | 9.8 | 9.8 | 9y ago | Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | |||
| CVE-2016-6872 | critical | 9.8 | 9.8 | 9y ago | Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | |||
| CVE-2016-6871 | critical | 9.8 | 9.8 | 9y ago | Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow. | |||
| CVE-2016-6870 | critical | 9.8 | 9.8 | 9y ago | Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | |||
| CVE-2016-6233 | critical | 9.8 | 9.8 | 9y ago | Zend Framework Allows SQL Injection | |||
| CVE-2016-4861 | critical | 9.8 | 9.8 | 9y ago | Zend Framework Allows SQL Injection | |||
| CVE-2016-3694 | critical | 9.8 | 9.8 | 9y ago | Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands vi… | |||
| CVE-2016-0360 | critical | 9.8 | 9.8 | 9y ago | IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding … | |||
| CVE-2016-9369 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPor… | |||
| CVE-2016-9366 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPor… | |||
| CVE-2016-9333 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's… | |||
| CVE-2016-8567 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database… | |||
| CVE-2016-8378 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials. | |||
| CVE-2016-8364 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in IBHsoftec S7-SoftPLC prior to 4.12b. Object memory can read a network packet that is larger than the space that is available, a Heap-based Buffer Overflow. | |||
| CVE-2016-8348 | critical | 9.8 | 9.8 | 9y ago | An XML External Entity (XXE) issue was discovered in Emerson Liebert SiteScan Web Version 6.5, and prior. An attacker may enter malicious input to Liebert SiteScan through a weakly configured XML par… | |||
| CVE-2016-8347 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0. WDC does not limit authentication attempts that may allow a brute force attack method. | |||
| CVE-2016-8341 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's databa… | |||
| CVE-2016-5818 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device. | |||
| CVE-2016-5815 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. No authentication is confi… | |||
| CVE-2016-8859 | critical | 9.8 | 9.8 | 9y ago | Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write. | |||
| CVE-2016-7565 | critical | 9.8 | 9.8 | 9y ago | install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via shell metacharacters in the sc array parameter. | |||
| CVE-2016-5100 | critical | 9.8 | 9.8 | 9y ago | Froxlor guessable password reset token | |||
| CVE-2016-2788 | critical | 9.8 | 9.8 | 9y ago | MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to execute arbitrary code via vectors related to the mco ping command. | |||
| CVE-2016-5726 | critical | 9.8 | 9.8 | 9y ago | Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter. | |||
| CVE-2016-2148 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing. | |||
| CVE-2016-10192 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failur… | |||
| CVE-2016-10191 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by levera… | |||
| CVE-2016-10190 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a nega… | |||
| CVE-2016-9005 | critical | 9.8 | 9.8 | 9y ago | IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system. | |||
| CVE-2016-8954 | critical | 9.8 | 9.8 | 9y ago | IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. | |||
| CVE-2016-8418 | critical | 9.8 | 9.8 | 9y ago | A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to t… | |||
| CVE-2016-6667 | critical | 9.8 | 9.8 | 9y ago | NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows remote attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2016-5711 | critical | 9.8 | 9.8 | 9y ago | NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a non-unique certificate, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors. | |||
| CVE-2016-2403 | critical | 9.8 | 9.8 | 9y ago | Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind. | |||
| CVE-2016-7400 | critical | 9.8 | 9.8 | 9y ago | Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action,… | |||
| CVE-2016-6199 | critical | 9.8 | 9.8 | 9y ago | ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a crafted serialized object. | |||
| CVE-2016-6175 | critical | 9.8 | 9.8 | 9y ago | Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header. | |||
| CVE-2016-7447 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. | |||
| CVE-2016-7446 | critical | 9.8 | 9.8 | 9y ago | Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete… | |||
| CVE-2016-10150 | critical | 9.8 | 9.8 | 9y ago | Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or poss… | |||
| CVE-2016-10098 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands. | |||
| CVE-2016-6095 | critical | 9.8 | 9.8 | 9y ago | IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | |||
| CVE-2016-6090 | critical | 9.8 | 9.8 | 9y ago | IBM WebSphere Commerce contains an unspecified vulnerability that could allow disclosure of user personal data, performing of unauthorized administrative operations, and potentially causing a denial … | |||
| CVE-2016-5964 | critical | 9.8 | 9.8 | 9y ago | IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | |||
| CVE-2016-10164 | critical | 9.8 | 9.8 | 9y ago | Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or e… | |||
| CVE-2016-9420 | critical | 9.8 | 9.8 | 9y ago | MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to have unspecified impact via vectors related to "loose comparison false positives." | |||
| CVE-2016-9416 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to execute arbitrary SQL commands via unspe… | |||
| CVE-2016-9412 | critical | 9.8 | 9.8 | 9y ago | MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy. | |||
| CVE-2016-9403 | critical | 9.8 | 9.8 | 9y ago | newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a missing permission check. | |||
| CVE-2016-9402 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via uns… | |||
| CVE-2016-9132 | critical | 9.8 | 9.8 | 10y ago | In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect an… | |||
| CVE-2016-6604 | critical | 9.8 | 9.8 | 10y ago | NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382. | |||
| CVE-2016-6267 | high | 8.8 | 9.8 | 10y ago | SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell meta… | |||
| CVE-2016-10182 | critical | 9.8 | 9.8 | 10y ago | An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with ` characters. | |||
| CVE-2016-10178 | critical | 9.8 | 9.8 | 10y ago | An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/sh" command. | |||
| CVE-2016-10177 | critical | 9.8 | 9.8 | 10y ago | An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234. | |||
| CVE-2016-8575 | critical | 9.8 | 9.8 | 10y ago | The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482. | |||
| CVE-2016-8574 | critical | 9.8 | 9.8 | 10y ago | The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). | |||
| CVE-2016-7993 | critical | 9.8 | 9.8 | 10y ago | A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). | |||
| CVE-2016-7992 | critical | 9.8 | 9.8 | 10y ago | The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). | |||
| CVE-2016-7986 | critical | 9.8 | 9.8 | 10y ago | The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. | |||
| CVE-2016-7985 | critical | 9.8 | 9.8 | 10y ago | The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). | |||
| CVE-2016-7984 | critical | 9.8 | 9.8 | 10y ago | The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). | |||
| CVE-2016-7983 | critical | 9.8 | 9.8 | 10y ago | The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). | |||
| CVE-2016-7975 | critical | 9.8 | 9.8 | 10y ago | The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). | |||
| CVE-2016-7974 | critical | 9.8 | 9.8 | 10y ago | The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. | |||
| CVE-2016-7973 | critical | 9.8 | 9.8 | 10y ago | The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. | |||
| CVE-2016-7940 | critical | 9.8 | 9.8 | 10y ago | The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. | |||
| CVE-2016-7939 | critical | 9.8 | 9.8 | 10y ago | The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. | |||
| CVE-2016-7938 | critical | 9.8 | 9.8 | 10y ago | The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame(). | |||
| CVE-2016-7937 | critical | 9.8 | 9.8 | 10y ago | The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). | |||
| CVE-2016-7936 | critical | 9.8 | 9.8 | 10y ago | The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). | |||
| CVE-2016-7935 | critical | 9.8 | 9.8 | 10y ago | The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). | |||
| CVE-2016-7934 | critical | 9.8 | 9.8 | 10y ago | The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). | |||
| CVE-2016-7933 | critical | 9.8 | 9.8 | 10y ago | The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). | |||
| CVE-2016-7932 | critical | 9.8 | 9.8 | 10y ago | The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). | |||
| CVE-2016-7931 | critical | 9.8 | 9.8 | 10y ago | The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). | |||
| CVE-2016-7930 | critical | 9.8 | 9.8 | 10y ago | The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). | |||
| CVE-2016-7929 | critical | 9.8 | 9.8 | 10y ago | The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). | |||
| CVE-2016-7928 | critical | 9.8 | 9.8 | 10y ago | The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). | |||
| CVE-2016-7927 | critical | 9.8 | 9.8 | 10y ago | The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). | |||
| CVE-2016-7926 | critical | 9.8 | 9.8 | 10y ago | The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). | |||
| CVE-2016-7925 | critical | 9.8 | 9.8 | 10y ago | The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). | |||
| CVE-2016-7924 | critical | 9.8 | 9.8 | 10y ago | The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). | |||
| CVE-2016-7923 | critical | 9.8 | 9.8 | 10y ago | The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). | |||
| CVE-2016-7922 | critical | 9.8 | 9.8 | 10y ago | The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). | |||
| CVE-2016-9636 | critical | 9.8 | 9.8 | 10y ago | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a deni… | |||
| CVE-2016-9635 | critical | 9.8 | 9.8 | 10y ago | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a deni… | |||
| CVE-2016-9634 | critical | 9.8 | 9.8 | 10y ago | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a deni… |