CVEs from 2016
Total
8,454
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-3803 | high | 7.8 | 7.8 | 10y ago | The kernel filesystem implementation in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 28588434. | |||
| CVE-2016-3802 | high | 7.8 | 7.8 | 10y ago | The kernel filesystem implementation in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28271368. | |||
| CVE-2016-3801 | high | 7.8 | 7.8 | 10y ago | The MediaTek GPS driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28174914 and MediaTek internal bug … | |||
| CVE-2016-3800 | high | 7.8 | 7.8 | 10y ago | The MediaTek video driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28175027 and MediaTek internal bu… | |||
| CVE-2016-3799 | high | 7.8 | 7.8 | 10y ago | The MediaTek video driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28175025 and MediaTek internal bu… | |||
| CVE-2016-3798 | high | 7.8 | 7.8 | 10y ago | The MediaTek hardware sensor driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28174490 and MediaTek i… | |||
| CVE-2016-3797 | high | 7.8 | 7.8 | 10y ago | The Qualcomm Wi-Fi driver in Android before 2016-07-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28085680 and Qualcomm internal bug C… | |||
| CVE-2016-3796 | high | 7.8 | 7.8 | 10y ago | The MediaTek power driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29008443 and MediaTek internal bu… | |||
| CVE-2016-3795 | high | 7.8 | 7.8 | 10y ago | The MediaTek power driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28085222 and MediaTek internal bu… | |||
| CVE-2016-3793 | high | 7.8 | 7.8 | 10y ago | The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28026625. | |||
| CVE-2016-3792 | high | 7.8 | 7.8 | 10y ago | CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-07-05 on Nexus 7 (2013) devices mishandles userspace data copying, which allows attackers to gain privileges via a … | |||
| CVE-2016-3775 | high | 7.8 | 7.8 | 10y ago | The kernel filesystem implementation in Android before 2016-07-05 on Nexus 5X, Nexus 6, Nexus 6P, Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka … | |||
| CVE-2016-3774 | high | 7.8 | 7.8 | 10y ago | The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008609 and MediaTek internal bug ALPS… | |||
| CVE-2016-3773 | high | 7.8 | 7.8 | 10y ago | The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008363 and MediaTek internal bug ALPS… | |||
| CVE-2016-3772 | high | 7.8 | 7.8 | 10y ago | The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008188 and MediaTek internal bug ALPS… | |||
| CVE-2016-3771 | high | 7.8 | 7.8 | 10y ago | The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29007611 and MediaTek internal bug ALPS… | |||
| CVE-2016-3770 | high | 7.8 | 7.8 | 10y ago | The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28346752 and MediaTek internal bug ALPS… | |||
| CVE-2016-3769 | high | 7.8 | 7.8 | 10y ago | The NVIDIA video driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28376656. | |||
| CVE-2016-3768 | high | 7.8 | 7.8 | 10y ago | The Qualcomm performance component in Android before 2016-07-05 on Nexus 5, 6, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 281… | |||
| CVE-2016-3767 | high | 7.8 | 7.8 | 10y ago | The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28169363 and MediaTek internal bu… | |||
| CVE-2016-3762 | high | 7.8 | 7.8 | 10y ago | The sockets subsystem in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application that uses (1) the AF_MSM_IPC socket cl… | |||
| CVE-2016-3758 | high | 7.8 | 7.8 | 10y ago | Multiple buffer overflows in libdex/OptInvocation.cpp in DexClassLoader in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to gain privileg… | |||
| CVE-2016-3752 | high | 7.8 | 7.8 | 10y ago | internal/app/ChooserActivity.java in the ChooserTarget service in Android 6.x before 2016-07-01 mishandles target security checks, which allows attackers to gain privileges via a crafted application,… | |||
| CVE-2016-3751 | high | 7.8 | 7.8 | 10y ago | Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a cr… | |||
| CVE-2016-3750 | high | 7.8 | 7.8 | 10y ago | libs/binder/Parcel.cpp in the Parcels Framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate the return value of the dup syste… | |||
| CVE-2016-3747 | high | 7.8 | 7.8 | 10y ago | Use-after-free vulnerability in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain… | |||
| CVE-2016-3746 | high | 7.8 | 7.8 | 10y ago | Use-after-free vulnerability in the mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain… | |||
| CVE-2016-2508 | high | 7.8 | 7.8 | 10y ago | media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate certain track da… | |||
| CVE-2016-2507 | high | 7.8 | 7.8 | 10y ago | Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows … | |||
| CVE-2016-2505 | high | 7.8 | 7.8 | 10y ago | mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not validate a certain section length, which allows remote attackers to execute arbitrary code or cause a … | |||
| CVE-2016-2503 | high | 7.8 | 7.8 | 10y ago | The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal … | |||
| CVE-2016-2502 | high | 7.8 | 7.8 | 10y ago | drivers/usb/gadget/f_serial.c in the Qualcomm USB driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a large size in a GSER_IOCTL ioctl call, aka A… | |||
| CVE-2016-2501 | high | 7.8 | 7.8 | 10y ago | The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 27890772 and Q… | |||
| CVE-2016-2068 | high | 7.8 | 7.8 | 10y ago | The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain… | |||
| CVE-2016-2067 | high | 7.8 | 7.8 | 10y ago | drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mis… | |||
| CVE-2016-4324 | high | 7.8 | 7.8 | 10y ago | Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens. | |||
| CVE-2016-0287 | high | 7.8 | 7.8 | 10y ago | IBM i Access 7.1 on Windows allows local users to discover registry passwords via unspecified vectors. | |||
| CVE-2016-4560 | high | 7.8 | 7.8 | 10y ago | Untrusted search path vulnerability in Flexera InstallAnywhere allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file. | |||
| CVE-2016-5304 | medium | 6.8 | 7.8 | 10y ago | Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites… | |||
| CVE-2016-2211 | high | 7.8 | 7.8 | 10y ago | The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SE… | |||
| CVE-2016-5249 | high | 7.8 | 7.8 | 10y ago | Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a nam… | |||
| CVE-2016-5231 | high | 7.8 | 7.8 | 10y ago | Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete use… | |||
| CVE-2016-5829 | high | 7.8 | 7.8 | 10y ago | Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly hav… | |||
| CVE-2016-5828 | high | 7.8 | 7.8 | 10y ago | The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service… | |||
| CVE-2016-4440 | high | 7.8 | 7.8 | 10y ago | arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of… | |||
| CVE-2016-0758 | high | 7.8 | 7.8 | 10y ago | Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. | |||
| CVE-2016-0301 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a… | |||
| CVE-2016-0279 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a… | |||
| CVE-2016-0278 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a… | |||
| CVE-2016-0277 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a… | |||
| CVE-2016-5723 | high | 7.8 | 7.8 | 10y ago | Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors. | |||
| CVE-2016-4802 | high | 7.8 | 7.8 | 10y ago | Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking atta… | |||
| CVE-2016-2363 | high | 7.8 | 7.8 | 10y ago | Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command … | |||
| CVE-2016-3231 | high | 7.8 | 7.8 | 10y ago | The Standard Collector service in Windows Diagnostics Hub mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows Diagnostics Hub Elevation of … | |||
| CVE-2016-3221 | high | 7.8 | 7.8 | 10y ago | The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 a… | |||
| CVE-2016-3218 | high | 7.8 | 7.8 | 10y ago | The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 a… | |||
| CVE-2016-3203 | high | 7.8 | 7.8 | 10y ago | Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remo… | |||
| CVE-2016-5338 | high | 7.8 | 7.8 | 10y ago | The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QE… | |||
| CVE-2016-2826 | high | 7.8 | 7.8 | 10y ago | The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local u… | |||
| CVE-2016-2493 | high | 7.8 | 7.8 | 10y ago | The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, … | |||
| CVE-2016-2492 | high | 7.8 | 7.8 | 10y ago | The MediaTek power-management driver in Android before 2016-06-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 28085410. | |||
| CVE-2016-2491 | high | 7.8 | 7.8 | 10y ago | The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27556408. | |||
| CVE-2016-2490 | high | 7.8 | 7.8 | 10y ago | The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27533373. | |||
| CVE-2016-2489 | high | 7.8 | 7.8 | 10y ago | The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407629. | |||
| CVE-2016-2488 | high | 7.8 | 7.8 | 10y ago | The Qualcomm camera driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27600832. | |||
| CVE-2016-2487 | high | 7.8 | 7.8 | 10y ago | libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstr… | |||
| CVE-2016-2486 | high | 7.8 | 7.8 | 10y ago | mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate the relationship between allocated… | |||
| CVE-2016-2485 | high | 7.8 | 7.8 | 10y ago | libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allo… | |||
| CVE-2016-2484 | high | 7.8 | 7.8 | 10y ago | libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allo… | |||
| CVE-2016-2483 | high | 7.8 | 7.8 | 10y ago | The mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gai… | |||
| CVE-2016-2482 | high | 7.8 | 7.8 | 10y ago | The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gai… | |||
| CVE-2016-2481 | high | 7.8 | 7.8 | 10y ago | The mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gai… | |||
| CVE-2016-2480 | high | 7.8 | 7.8 | 10y ago | The mm-video-v4l2 vidc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate certain OMX parameter data structures,… | |||
| CVE-2016-2479 | high | 7.8 | 7.8 | 10y ago | The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gai… | |||
| CVE-2016-2478 | high | 7.8 | 7.8 | 10y ago | mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attack… | |||
| CVE-2016-2477 | high | 7.8 | 7.8 | 10y ago | mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attack… | |||
| CVE-2016-2476 | high | 7.8 | 7.8 | 10y ago | mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted … | |||
| CVE-2016-2475 | high | 7.8 | 7.8 | 10y ago | The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges for certain system… | |||
| CVE-2016-2474 | high | 7.8 | 7.8 | 10y ago | The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603. | |||
| CVE-2016-2472 | high | 7.8 | 7.8 | 10y ago | The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27776888. | |||
| CVE-2016-2471 | high | 7.8 | 7.8 | 10y ago | The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27773913. | |||
| CVE-2016-2470 | high | 7.8 | 7.8 | 10y ago | The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27662174. | |||
| CVE-2016-2469 | high | 7.8 | 7.8 | 10y ago | The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27531992. | |||
| CVE-2016-2468 | high | 7.8 | 7.8 | 10y ago | The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454. | |||
| CVE-2016-2467 | high | 7.8 | 7.8 | 10y ago | The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010. | |||
| CVE-2016-2466 | high | 7.8 | 7.8 | 10y ago | The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka internal bug 27947307. | |||
| CVE-2016-2465 | high | 7.8 | 7.8 | 10y ago | The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865. | |||
| CVE-2016-2464 | high | 7.8 | 7.8 | 10y ago | libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of … | |||
| CVE-2016-2066 | high | 7.8 | 7.8 | 10y ago | Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attacker… | |||
| CVE-2016-2061 | high | 7.8 | 7.8 | 10y ago | Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers… | |||
| CVE-2016-1420 | high | 7.8 | 7.8 | 10y ago | The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access vi… | |||
| CVE-2016-1418 | high | 7.8 | 7.8 | 10y ago | Cisco Aironet Access Point Software 8.2(100.0) on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug I… | |||
| CVE-2016-1403 | high | 7.8 | 7.8 | 10y ago | CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005. | |||
| CVE-2016-1390 | high | 7.8 | 7.8 | 10y ago | Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2… | |||
| CVE-2016-3096 | high | 7.8 | 7.8 | 10y ago | The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /… | |||
| CVE-2016-5126 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code vi… | |||
| CVE-2016-3697 | high | 7.8 | 7.8 | 10y ago | libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric use… | |||
| CVE-2016-2175 | high | 7.8 | 7.8 | 10y ago | High severity vulnerability that affects org.apache.pdfbox:pdfbox | |||
| CVE-2016-4118 | high | 7.8 | 7.8 | 10y ago | Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors. | |||
| CVE-2016-3681 | high | 7.8 | 7.8 | 10y ago | Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to… |