CVEs from 2016
Total
8,453
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-9375 | medium | 5.9 | 5.9 | 10y ago | In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by… | |||
| CVE-2016-9374 | medium | 5.9 | 5.9 | 10y ago | In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet… | |||
| CVE-2016-9373 | medium | 5.9 | 5.9 | 10y ago | In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dc… | |||
| CVE-2016-9372 | medium | 5.9 | 5.9 | 10y ago | In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting… | |||
| CVE-2016-6438 | medium | 5.9 | 5.9 | 10y ago | A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line c… | |||
| CVE-2016-6437 | medium | 5.9 | 5.9 | 10y ago | A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to … | |||
| CVE-2016-5597 | medium | 5.9 | 5.9 | 10y ago | Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking. | |||
| CVE-2016-5527 | medium | 5.9 | 5.9 | 10y ago | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via unknown vectors, a different vu… | |||
| CVE-2016-7099 | medium | 5.9 | 5.9 | 10y ago | The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certifi… | |||
| CVE-2016-6025 | medium | 5.9 | 5.9 | 10y ago | The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to obtain access by leveraging an unattended workstati… | |||
| CVE-2016-6416 | medium | 5.9 | 5.9 | 10y ago | The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Manageme… | |||
| CVE-2016-7046 | medium | 5.9 | 5.9 | 10y ago | Undertow Uncaught Exception vulnerability | |||
| CVE-2016-6308 | medium | 5.9 | 5.9 | 10y ago | statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of servic… | |||
| CVE-2016-6307 | medium | 5.9 | 5.9 | 10y ago | The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consu… | |||
| CVE-2016-6306 | medium | 5.9 | 5.9 | 10y ago | The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s… | |||
| CVE-2016-6153 | medium | 5.9 | 5.9 | 10y ago | os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application… | |||
| CVE-2016-7142 | medium | 5.9 | 5.9 | 10y ago | The m_sasl module in InspIRCd before 2.0.23, when used with a service that supports SASL_EXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as … | |||
| CVE-2016-4722 | medium | 5.9 | 5.9 | 10y ago | The IDS - Connectivity component in Apple iOS before 10 and OS X before 10.12 allows man-in-the-middle attackers to conduct Call Relay spoofing attacks and cause a denial of service via unspecified v… | |||
| CVE-2016-6403 | medium | 5.9 | 5.9 | 10y ago | The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service via a crafted packet, aka Bug IDs CSCu… | |||
| CVE-2016-4741 | medium | 5.9 | 5.9 | 10y ago | The Assets component in Apple iOS before 10 allows man-in-the-middle attackers to block software updates via vectors related to lack of an HTTPS session for retrieving updates. | |||
| CVE-2016-7420 | medium | 5.9 | 5.9 | 10y ago | Crypto++ (aka cryptopp) through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow c… | |||
| CVE-2016-1277 | medium | 5.9 | 5.9 | 10y ago | Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D40, 12.3X48 before 12.3X48-D30, 13.3 before 13.3R9, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R6, 15.1 before 15.1F6… | |||
| CVE-2016-7180 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial … | |||
| CVE-2016-7179 | medium | 5.9 | 5.9 | 10y ago | Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (applicat… | |||
| CVE-2016-7178 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a … | |||
| CVE-2016-7177 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of … | |||
| CVE-2016-7176 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x before 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote attackers to cause a denial o… | |||
| CVE-2016-7175 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and… | |||
| CVE-2016-0397 | medium | 5.9 | 5.9 | 10y ago | WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic. | |||
| CVE-2016-6231 | medium | 5.9 | 5.9 | 10y ago | Kaspersky Safe Browser iOS before 1.7.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. | |||
| CVE-2016-5359 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 1.12.x before 1.12.12 mishandles offsets, which allows remote attackers to cause a denial of service (integer overflow and infinite … | |||
| CVE-2016-5358 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application … | |||
| CVE-2016-5357 | medium | 5.9 | 5.9 | 10y ago | wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial… | |||
| CVE-2016-5356 | medium | 5.9 | 5.9 | 10y ago | wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of se… | |||
| CVE-2016-5355 | medium | 5.9 | 5.9 | 10y ago | wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of … | |||
| CVE-2016-5354 | medium | 5.9 | 5.9 | 10y ago | The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||
| CVE-2016-5353 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows remote attackers to cause a denial of… | |||
| CVE-2016-5352 | medium | 5.9 | 5.9 | 10y ago | epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.4 mishandles certain length values, which allows remote attackers to cause a denial of service (application crash) via a… | |||
| CVE-2016-5351 | medium | 5.9 | 5.9 | 10y ago | epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOL_RSN_KEY, which allows remote attackers to cause a denial of … | |||
| CVE-2016-6513 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service (application cras… | |||
| CVE-2016-6511 | medium | 5.9 | 5.9 | 10y ago | epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (OpenFlow dissector large loop) via a crafted packet. | |||
| CVE-2016-6510 | medium | 5.9 | 5.9 | 10y ago | Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer … | |||
| CVE-2016-6509 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote attackers to cause a denial of service (appli… | |||
| CVE-2016-6508 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of servi… | |||
| CVE-2016-6507 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||
| CVE-2016-6506 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||
| CVE-2016-1276 | medium | 5.9 | 5.9 | 10y ago | Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D23, 12.3X48 before 12.3X48-D25, and 15.1X49 before 15.1X49-D40 on a High-End SRX-Series chassis system with one or more Application Layer … | |||
| CVE-2016-3612 | medium | 5.9 | 5.9 | 10y ago | Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core. | |||
| CVE-2016-3588 | medium | 5.9 | 5.9 | 10y ago | Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB. | |||
| CVE-2016-3525 | medium | 5.9 | 5.9 | 10y ago | Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality via vectors related to Cookie Management. | |||
| CVE-2016-5655 | medium | 5.9 | 5.9 | 10y ago | Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. | |||
| CVE-2016-2775 | medium | 5.9 | 5.9 | 10y ago | ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash… | |||
| CVE-2016-1546 | medium | 5.9 | 5.9 | 10y ago | The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a … | |||
| CVE-2016-4955 | medium | 5.9 | 5.9 | 10y ago | ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packe… | |||
| CVE-2016-2079 | medium | 5.9 | 5.9 | 10y ago | VMware NSX Edge 6.1 before 6.1.7 and 6.2 before 6.2.3 and vCNS Edge 5.5 before 5.5.4.3, when the SSL-VPN feature is configured, allow remote attackers to obtain sensitive information via unspecified … | |||
| CVE-2016-0365 | medium | 5.9 | 5.9 | 10y ago | IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1, when agent-relay Codestation artifact caching is enabled, allows remote attackers to bypass authentication … | |||
| CVE-2016-5435 | medium | 5.9 | 5.9 | 10y ago | Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networkin… | |||
| CVE-2016-4429 | medium | 5.9 | 5.9 | 10y ago | Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecif… | |||
| CVE-2016-3094 | medium | 5.9 | 5.9 | 10y ago | Improper Input Validation in org.apache.qpid:qpid-broker | |||
| CVE-2016-0907 | medium | 5.9 | 5.9 | 10y ago | EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allow… | |||
| CVE-2016-0306 | medium | 5.9 | 5.9 | 10y ago | IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.41, 8.0 before 8.0.0.13, and 8.5 before 8.5.5.10, when FIPS 140-2 is enabled, misconfigures TLS, which allows man-in-the-middle attackers to ob… | |||
| CVE-2016-1115 | medium | 5.9 | 5.9 | 10y ago | Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 mishandles wildcards in name fields of X.509 certificates, which might allow man-in-the-middle attackers to spoof se… | |||
| CVE-2016-0149 | medium | 5.9 | 5.9 | 10y ago | Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows man-in-the-middle attackers to obtain sensitive cleartext information via vectors involving injection of cleartext … | |||
| CVE-2016-4008 | medium | 5.9 | 5.9 | 10y ago | The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infini… | |||
| CVE-2016-4421 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (deep recursion, stack consumption… | |||
| CVE-2016-4420 | medium | 5.9 | 5.9 | 10y ago | The NFS dissector in Wireshark 2.x before 2.0.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||
| CVE-2016-4419 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-spice.c in the SPICE dissector in Wireshark 2.x before 2.0.2 mishandles capability data, which allows remote attackers to cause a denial of service (large loop) via a crafted p… | |||
| CVE-2016-4418 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (buffer over-read and application … | |||
| CVE-2016-4417 | medium | 5.9 | 5.9 | 10y ago | Off-by-one error in epan/dissectors/packet-gsm_abis_oml.c in the GSM A-bis OML dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (… | |||
| CVE-2016-4416 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service (buffer over… | |||
| CVE-2016-4415 | medium | 5.9 | 5.9 | 10y ago | wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 2.x before 2.0.2 incorrectly increases a certain octet count, which allows remote attackers to cause a denial of service (heap-based buff… | |||
| CVE-2016-4085 | medium | 5.9 | 5.9 | 10y ago | Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or p… | |||
| CVE-2016-4084 | medium | 5.9 | 5.9 | 10y ago | Integer signedness error in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 allows remote attackers to cause a denial of service (integer overflow and applicati… | |||
| CVE-2016-4083 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 does not ensure that data is available before array allocation, which allows remote attackers to cause a denial … | |||
| CVE-2016-4082 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause… | |||
| CVE-2016-4081 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of s… | |||
| CVE-2016-4080 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 misparses timestamp fields, which allows remote attackers to cause a denial of service (o… | |||
| CVE-2016-4079 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of servi… | |||
| CVE-2016-4078 | medium | 5.9 | 5.9 | 10y ago | The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not properly restrict element lists, which allows remote attackers to cause a denial of service (deep recursio… | |||
| CVE-2016-4077 | medium | 5.9 | 5.9 | 10y ago | epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on incorrect special-case handling of truncated Tvb data structures, which allows remote attackers to cause a denial of service (use… | |||
| CVE-2016-4076 | medium | 5.9 | 5.9 | 10y ago | epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of ser… | |||
| CVE-2016-4006 | medium | 5.9 | 5.9 | 10y ago | epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service (stack memory consumption and… | |||
| CVE-2016-2115 | medium | 5.9 | 5.9 | 10y ago | Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB c… | |||
| CVE-2016-2114 | medium | 5.9 | 5.9 | 10y ago | The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle att… | |||
| CVE-2016-2112 | medium | 5.9 | 5.9 | 10y ago | The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-midd… | |||
| CVE-2016-2110 | medium | 5.9 | 5.9 | 10y ago | The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by mo… | |||
| CVE-2016-0695 | medium | 5.9 | 5.9 | 10y ago | Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. | |||
| CVE-2016-0677 | medium | 5.9 | 5.9 | 10y ago | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. | |||
| CVE-2016-2390 | medium | 5.9 | 5.9 | 10y ago | The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows… | |||
| CVE-2016-1273 | medium | 5.9 | 5.9 | 10y ago | Juniper Junos OS before 13.2X51-D40, 14.x before 14.1X53-D30, and 15.x before 15.1X53-D20 on QFX5100 and QFX10002 switches do not have sufficient entropy, which makes it easier for remote attackers t… | |||
| CVE-2016-0787 | medium | 5.9 | 5.9 | 10y ago | The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH … | |||
| CVE-2016-0739 | medium | 5.9 | 5.9 | 10y ago | libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-i… | |||
| CVE-2016-3686 | medium | 5.9 | 5.9 | 10y ago | The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x before 11.6.0 HF6 and BIG-IP Edge Gateway 11.0.0 through 11.3.0 might allow remote attackers to obtain sensitive SessionId information by levera… | |||
| CVE-2016-0887 | medium | 5.9 | 5.9 | 10y ago | EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2… | |||
| CVE-2016-4004 | medium | 4.9 | 5.9 | 10y ago | Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file param… | |||
| CVE-2016-3166 | medium | 5.9 | 5.9 | 10y ago | Drupal CRLF injection vulnerability in the drupal_set_header function | |||
| CVE-2016-1346 | medium | 5.9 | 5.9 | 10y ago | The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequ… | |||
| CVE-2016-1344 | medium | 5.9 | 5.9 | 10y ago | The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417. | |||
| CVE-2016-1788 | medium | 5.9 | 5.9 | 10y ago | Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachmen… | |||
| CVE-2016-1731 | medium | 5.9 | 5.9 | 10y ago | Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream. |