CVEs from 2016
Total
8,453
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8476 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8421 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8420 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8419 | high | 7.0 | 7.0 | 9y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-6043 | high | 7.0 | 7.0 | 10y ago | Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced. | |||
| CVE-2016-8221 | high | 7.0 | 7.0 | 10y ago | Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by a… | |||
| CVE-2016-8468 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in Binder could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate beca… | |||
| CVE-2016-8466 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Mode… | |||
| CVE-2016-8465 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Mode… | |||
| CVE-2016-8464 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Mode… | |||
| CVE-2016-8458 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2016-8457 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8456 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8455 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8454 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8453 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8452 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8451 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2016-8450 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8449 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High bec… | |||
| CVE-2016-8448 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context … | |||
| CVE-2016-8447 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context … | |||
| CVE-2016-8446 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context … | |||
| CVE-2016-8445 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context … | |||
| CVE-2016-8444 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-8435 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical… | |||
| CVE-2016-8434 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critic… | |||
| CVE-2016-8415 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8412 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-8399 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated a… | |||
| CVE-2016-8394 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2016-8393 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated … | |||
| CVE-2016-8392 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-8391 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-6791 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… | |||
| CVE-2016-6788 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High b… | |||
| CVE-2016-6785 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-6784 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-6783 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-6782 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-6781 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau… | |||
| CVE-2016-6780 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2016-6779 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2016-6778 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2016-6755 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig… | |||
| CVE-2016-5652 | high | 7.0 | 7.0 | 10y ago | An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code e… | |||
| CVE-2016-10088 | high | 7.0 | 7.0 | 10y ago | The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitra… | |||
| CVE-2016-6787 | high | 7.0 | 7.0 | 10y ago | kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka… | |||
| CVE-2016-6786 | high | 7.0 | 7.0 | 10y ago | kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka… | |||
| CVE-2016-9035 | high | 7.0 | 7.0 | 10y ago | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dea… | |||
| CVE-2016-9034 | high | 7.0 | 7.0 | 10y ago | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dea… | |||
| CVE-2016-9033 | high | 7.0 | 7.0 | 10y ago | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dea… | |||
| CVE-2016-9032 | high | 7.0 | 7.0 | 10y ago | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dea… | |||
| CVE-2016-6717 | high | 7.0 | 7.0 | 10y ago | An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malic… | |||
| CVE-2016-2985 | high | 7.0 | 7.0 | 10y ago | IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via craf… | |||
| CVE-2016-2984 | high | 7.0 | 7.0 | 10y ago | IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via craf… | |||
| CVE-2016-5625 | high | 7.0 | 7.0 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging. | |||
| CVE-2016-3890 | high | 7.0 | 7.0 | 10y ago | The Java Debug Wire Protocol (JDWP) implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations… | |||
| CVE-2016-6179 | high | 7.0 | 7.0 | 10y ago | The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before … | |||
| CVE-2016-6184 | high | 7.0 | 7.0 | 10y ago | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… | |||
| CVE-2016-6183 | high | 7.0 | 7.0 | 10y ago | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… | |||
| CVE-2016-6182 | high | 7.0 | 7.0 | 10y ago | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… | |||
| CVE-2016-6181 | high | 7.0 | 7.0 | 10y ago | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… | |||
| CVE-2016-6180 | high | 7.0 | 7.0 | 10y ago | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… | |||
| CVE-2016-3319 | high | 7.0 | 7.0 | 10y ago | The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "… | |||
| CVE-2016-3848 | high | 7.0 | 7.0 | 10y ago | The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28919417. | |||
| CVE-2016-3846 | high | 7.0 | 7.0 | 10y ago | The Serial Peripheral Interface driver in Android before 2016-08-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 28817378. | |||
| CVE-2016-4639 | high | 7.0 | 7.0 | 10y ago | Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors. | |||
| CVE-2016-3584 | high | 7.0 | 7.0 | 10y ago | Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Libadimalloc. | |||
| CVE-2016-3757 | high | 7.0 | 7.0 | 10y ago | The print_maps function in toolbox/lsof.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows user-assisted attackers to gain privileges via a crafte… | |||
| CVE-2016-2867 | high | 7.0 | 7.0 | 10y ago | IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the runAsUser feature, which allows local users to obtain root group privileges via unspecified vectors. | |||
| CVE-2016-0263 | high | 7.0 | 7.0 | 10y ago | IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapp… | |||
| CVE-2016-1435 | high | 7.0 | 7.0 | 10y ago | Cisco 8800 phones with software 11.0(1) do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014. | |||
| CVE-2016-2462 | high | 7.0 | 7.0 | 10y ago | OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspec… | |||
| CVE-2016-2461 | high | 7.0 | 7.0 | 10y ago | OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspeci… | |||
| CVE-2016-2456 | high | 7.0 | 7.0 | 10y ago | The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27275187. | |||
| CVE-2016-2453 | high | 7.0 | 7.0 | 10y ago | The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27549705. | |||
| CVE-2016-2446 | high | 7.0 | 7.0 | 10y ago | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354. | |||
| CVE-2016-2445 | high | 7.0 | 7.0 | 10y ago | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079. | |||
| CVE-2016-2444 | high | 7.0 | 7.0 | 10y ago | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332. | |||
| CVE-2016-2443 | high | 7.0 | 7.0 | 10y ago | The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525. | |||
| CVE-2016-2442 | high | 7.0 | 7.0 | 10y ago | The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907. | |||
| CVE-2016-2441 | high | 7.0 | 7.0 | 10y ago | The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602. | |||
| CVE-2016-2059 | high | 7.0 | 7.0 | 10y ago | The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contri… | |||
| CVE-2016-0822 | high | 7.0 | 7.0 | 10y ago | The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324. | |||
| CVE-2016-8016 | low | 3.4 | 4.4 | 9y ago | Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a UR… | |||
| CVE-2016-4486 | low | 3.3 | 4.3 | 10y ago | The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from … | |||
| CVE-2016-3716 | low | 3.3 | 4.3 | 10y ago | The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. | |||
| CVE-2016-3325 | low | 3.1 | 4.1 | 10y ago | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | |||
| CVE-2016-4534 | low | 3.0 | 4.0 | 10y ago | The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and… | |||
| CVE-2016-3159 | low | 3.8 | 3.8 | 10y ago | The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensiti… | |||
| CVE-2016-3158 | low | 3.8 | 3.8 | 10y ago | The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive … | |||
| CVE-2016-0238 | low | 3.7 | 3.7 | 9y ago | IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the mi… | |||
| CVE-2016-6102 | low | 3.7 | 3.7 | 9y ago | IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, r… | |||
| CVE-2016-7577 | low | 3.7 | 3.7 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "FaceTime" component, which allows remote attackers to trigger… | |||
| CVE-2016-8344 | low | 3.7 | 3.7 | 9y ago | An issue was discovered in Honeywell Experion Process Knowledge System (PKS) platform: Experion PKS, Release 3xx and prior, Experion PKS, Release 400, Experion PKS, Release 410, Experion PKS, Release… | |||
| CVE-2016-8217 | low | 3.7 | 3.7 | 10y ago | EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which… | |||
| CVE-2016-5953 | low | 3.7 | 3.7 | 10y ago | IBM Sterling Order Management transmits the session identifier within the URL. When a user is unable to view a certain view due to not being allowed permissions, the website responds with an error pa… | |||
| CVE-2016-3045 | low | 3.7 | 3.7 | 10y ago | IBM Security Access Manager for Web stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referer he… | |||
| CVE-2016-0297 | low | 3.7 | 3.7 | 10y ago | IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote attacker to obtain sensitive information due to a missing HTTP Strict-Transport-Security Header through man in the mi… |