CVEs from 2016
Total
8,454
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-5855 | medium | 4.7 | 4.7 | 9y ago | In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough. | |||
| CVE-2016-5854 | medium | 4.7 | 4.7 | 9y ago | In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace. | |||
| CVE-2016-5347 | medium | 4.7 | 4.7 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver. | |||
| CVE-2016-4984 | medium | 4.7 | 4.7 | 9y ago | /usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition … | |||
| CVE-2016-4982 | medium | 4.7 | 4.7 | 9y ago | authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it. | |||
| CVE-2016-10296 | medium | 4.7 | 4.7 | 9y ago | An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderat… | |||
| CVE-2016-10295 | medium | 4.7 | 4.7 | 9y ago | An information disclosure vulnerability in the Qualcomm LED driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because … | |||
| CVE-2016-10294 | medium | 4.7 | 4.7 | 9y ago | An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becaus… | |||
| CVE-2016-10293 | medium | 4.7 | 4.7 | 9y ago | An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becaus… | |||
| CVE-2016-9473 | medium | 4.7 | 4.7 | 9y ago | Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attackers to trick a victim by displaying a malicious page for legitimate … | |||
| CVE-2016-8478 | medium | 4.7 | 4.7 | 9y ago | An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becaus… | |||
| CVE-2016-8477 | medium | 4.7 | 4.7 | 9y ago | An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becau… | |||
| CVE-2016-8416 | medium | 4.7 | 4.7 | 9y ago | An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becaus… | |||
| CVE-2016-8413 | medium | 4.7 | 4.7 | 9y ago | An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becau… | |||
| CVE-2016-7650 | medium | 4.7 | 4.7 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "Safari Reader" component, which allows remote attackers to co… | |||
| CVE-2016-7111 | medium | 4.7 | 4.7 | 9y ago | MantisBT XSS through weak CSP when using Gravatar plugin | |||
| CVE-2016-5918 | medium | 4.7 | 4.7 | 9y ago | IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed. | |||
| CVE-2016-8414 | medium | 4.7 | 4.7 | 9y ago | An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. This issu… | |||
| CVE-2016-1919 | medium | 4.7 | 4.7 | 10y ago | Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack. | |||
| CVE-2016-9811 | medium | 4.7 | 4.7 | 10y ago | The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via … | |||
| CVE-2016-8475 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in the HTC input driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it … | |||
| CVE-2016-8474 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate be… | |||
| CVE-2016-8473 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate be… | |||
| CVE-2016-8472 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it f… | |||
| CVE-2016-8471 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it f… | |||
| CVE-2016-8470 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it f… | |||
| CVE-2016-8469 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it fir… | |||
| CVE-2016-8410 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becaus… | |||
| CVE-2016-8409 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because … | |||
| CVE-2016-8408 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because … | |||
| CVE-2016-8407 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside… | |||
| CVE-2016-8406 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside… | |||
| CVE-2016-8405 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside… | |||
| CVE-2016-8404 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside… | |||
| CVE-2016-8403 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside… | |||
| CVE-2016-8402 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside… | |||
| CVE-2016-8401 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside… | |||
| CVE-2016-8395 | medium | 4.7 | 4.7 | 10y ago | A denial of service vulnerability in the NVIDIA camera driver could enable an attacker to cause a local permanent denial of service, which may require reflashing the operating system to repair the de… | |||
| CVE-2016-6774 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in Package Manager could enable a local malicious application to bypass operating system protections that isolate application data from other applications. Thi… | |||
| CVE-2016-6757 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels.… | |||
| CVE-2016-6756 | medium | 4.7 | 4.7 | 10y ago | An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels.… | |||
| CVE-2016-6213 | medium | 4.7 | 4.7 | 10y ago | fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock)… | |||
| CVE-2016-3685 | medium | 4.7 | 4.7 | 10y ago | SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration info… | |||
| CVE-2016-3684 | medium | 4.7 | 4.7 | 10y ago | SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging k… | |||
| CVE-2016-6723 | medium | 4.7 | 4.7 | 10y ago | A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a remote atta… | |||
| CVE-2016-7218 | medium | 4.7 | 4.7 | 10y ago | Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,… | |||
| CVE-2016-8289 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB. | |||
| CVE-2016-7959 | medium | 4.7 | 4.7 | 10y ago | Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to… | |||
| CVE-2016-6136 | medium | 4.7 | 4.7 | 10y ago | Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call … | |||
| CVE-2016-5253 | medium | 4.7 | 4.7 | 10y ago | The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link. | |||
| CVE-2016-5459 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the Siebel Core - Common Components component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect integrity via vectors relate… | |||
| CVE-2016-5450 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect integrity via vectors related to UIF Ope… | |||
| CVE-2016-5443 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection. | |||
| CVE-2016-3559 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors re… | |||
| CVE-2016-3558 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors re… | |||
| CVE-2016-3534 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the Oracle Installed Base component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors … | |||
| CVE-2016-3533 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the Oracle Knowledge Management component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via ve… | |||
| CVE-2016-3523 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vec… | |||
| CVE-2016-3496 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Enterprise Manager Grid Control 11.1.1.7, and 11.1.1.9 allows remote attackers to affect confidentiality … | |||
| CVE-2016-3451 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity via vectors related to Web. | |||
| CVE-2016-3258 | medium | 4.7 | 4.7 | 10y ago | Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanis… | |||
| CVE-2016-6130 | medium | 4.7 | 4.7 | 10y ago | Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a c… | |||
| CVE-2016-5709 | medium | 4.7 | 4.7 | 10y ago | SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute for… | |||
| CVE-2016-4963 | medium | 4.7 | 4.7 | 10y ago | The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the… | |||
| CVE-2016-2053 | medium | 4.7 | 4.7 | 10y ago | The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mish… | |||
| CVE-2016-3435 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect availability via vectors related to P… | |||
| CVE-2016-3434 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors rela… | |||
| CVE-2016-0676 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to the kernel. | |||
| CVE-2016-0663 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Performance Schema. | |||
| CVE-2016-0661 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options. | |||
| CVE-2016-0655 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors r… | |||
| CVE-2016-0642 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated. | |||
| CVE-2016-0623 | medium | 4.7 | 4.7 | 10y ago | Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect integrity via vectors related to the Automated Installer sub-component. | |||
| CVE-2016-1947 | medium | 4.7 | 4.7 | 11y ago | Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of re… | |||
| CVE-2016-1943 | medium | 4.7 | 4.7 | 11y ago | Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method. | |||
| CVE-2016-1141 | medium | 4.7 | 4.7 | 11y ago | KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. | |||
| CVE-2016-1138 | medium | 4.7 | 4.7 | 11y ago | CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to inject arbitrary HTTP headers via unspecified vectors. | |||
| CVE-2016-7060 | medium | 4.6 | 4.6 | 9y ago | The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate attackers to obtain sensitive password information by reading the d… | |||
| CVE-2016-4032 | medium | 4.6 | 4.6 | 9y ago | Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-… | |||
| CVE-2016-5011 | medium | 4.6 | 4.6 | 9y ago | The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS p… | |||
| CVE-2016-8776 | medium | 4.6 | 4.6 | 9y ago | Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some … | |||
| CVE-2016-5933 | medium | 4.6 | 4.6 | 9y ago | IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223. | |||
| CVE-2016-7638 | medium | 4.6 | 4.6 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Find My iPhone" component, which allows physically proximate attackers to disable this componen… | |||
| CVE-2016-7634 | medium | 4.6 | 4.6 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Accessibility" component, which accepts spoken passwords without considering that they are loca… | |||
| CVE-2016-7597 | medium | 4.6 | 4.6 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "SpringBoard" component, which allows physically proximate attackers to maintain the unlocked st… | |||
| CVE-2016-2781 | medium | 4.6 | 4.6 | 9y ago | chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | |||
| CVE-2016-6769 | medium | 4.6 | 4.6 | 10y ago | An elevation of privilege vulnerability in Smart Lock could enable a local malicious user to access Smart Lock settings without a PIN. This issue is rated as Moderate because it first requires physic… | |||
| CVE-2016-3004 | medium | 4.6 | 4.6 | 10y ago | Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to hijack the authentication of arbitrary use… | |||
| CVE-2016-4595 | medium | 4.6 | 4.6 | 10y ago | Safari Login AutoFill in Apple OS X before 10.11.6 allows physically proximate attackers to discover passwords by reading the screen during the login procedure. | |||
| CVE-2016-1851 | medium | 4.6 | 4.6 | 10y ago | The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vect… | |||
| CVE-2016-3951 | medium | 4.6 | 4.6 | 10y ago | Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified ot… | |||
| CVE-2016-3689 | medium | 4.6 | 4.6 | 10y ago | The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device… | |||
| CVE-2016-3138 | medium | 4.6 | 4.6 | 10y ago | The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) v… | |||
| CVE-2016-3137 | medium | 4.6 | 4.6 | 10y ago | drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device withou… | |||
| CVE-2016-2187 | medium | 4.6 | 4.6 | 10y ago | The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash)… | |||
| CVE-2016-2186 | medium | 4.6 | 4.6 | 10y ago | The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system… | |||
| CVE-2016-2185 | medium | 4.6 | 4.6 | 10y ago | The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and sy… | |||
| CVE-2016-3145 | medium | 4.6 | 4.6 | 10y ago | Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows ph… | |||
| CVE-2016-3457 | medium | 4.6 | 4.6 | 10y ago | Unspecified vulnerability in the PeopleSoft Enterprise HCM ePerformance component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via vecto… | |||
| CVE-2016-0449 | medium | — | 4.6 | 11y ago | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confident… |