VIR Vulnerability Intelligence Relay

CVEs from 2016

8,439 normalized CVEs published or assigned in this year.

Total
8,439
critical
critical 1,165
high
high 3,521
medium
medium 3,172
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%

Top vendors

Top products

  • phpmyadmin 3,382
  • php 1,748
  • squid 1,549
  • samba 1,093
  • drupal 868
  • firefox 757
  • moodle 700
  • openssl 664

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2016-8629 unknown 8y ago Moderate severity vulnerability that affects org.keycloak:keycloak-core
CVE-2016-1000352 unknown 8y ago In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode
CVE-2016-1000346 unknown 8y ago In Bouncy Castle JCE Provider the other party DH public key is not fully validated
CVE-2016-1000343 unknown 8y ago In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values
CVE-2016-1000342 unknown 8y ago In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification
CVE-2016-1000341 unknown 8y ago Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
CVE-2016-1000340 unknown 8y ago The Bouncy Castle JCE Provider carry a propagation bug
CVE-2016-1000339 unknown 8y ago Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
CVE-2016-1000338 unknown 8y ago In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate
CVE-2016-10707 unknown 9y ago Denial of Service in jquery
CVE-2016-10931 unknown 10y ago An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for host…