CVEs from 2016
Total
8,453
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1333 | medium | 6.5 | 6.5 | 10y ago | Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers allows remote authenticated users to cause a denial of service (device reload) via an SNMP request for unspecified BRIDGE MIB OI… | |||
| CVE-2016-1153 | medium | 6.5 | 6.5 | 10y ago | customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service via unspecified vectors, a different vulnerability than CVE-2015-8489. | |||
| CVE-2016-1330 | medium | 6.5 | 6.5 | 10y ago | Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service (device reload) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuy27746. | |||
| CVE-2016-1523 | medium | 6.5 | 6.5 | 10y ago | The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows… | |||
| CVE-2016-2073 | medium | 6.5 | 6.5 | 10y ago | The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document. | |||
| CVE-2016-0881 | medium | 6.5 | 6.5 | 10y ago | EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository informati… | |||
| CVE-2016-2089 | medium | 6.5 | 6.5 | 11y ago | The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image. | |||
| CVE-2016-1308 | medium | 6.5 | 6.5 | 11y ago | SQL injection vulnerability in Cisco Unified Communications Manager 10.5(2.13900.9) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227. | |||
| CVE-2016-2213 | medium | 6.5 | 6.5 | 11y ago | The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service (out-of-bounds array read access) via crafted JPEG 2000 data. | |||
| CVE-2016-1938 | medium | 6.5 | 6.5 | 11y ago | The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier fo… | |||
| CVE-2016-1933 | medium | 6.5 | 6.5 | 11y ago | Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted G… | |||
| CVE-2016-1924 | medium | 6.5 | 6.5 | 11y ago | The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image. | |||
| CVE-2016-1923 | medium | 6.5 | 6.5 | 11y ago | Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafte… | |||
| CVE-2016-1618 | medium | 6.5 | 6.5 | 11y ago | Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper cryptographicallyRandomValues random number generator is used, which makes it easier for remote attackers to defeat … | |||
| CVE-2016-1615 | medium | 6.5 | 6.5 | 11y ago | The Omnibox implementation in Google Chrome before 48.0.2564.82 allows remote attackers to spoof a document's origin via unspecified vectors. | |||
| CVE-2016-0502 | medium | 6.5 | 6.5 | 11y ago | Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. | |||
| CVE-2016-0489 | medium | — | 6.5 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote authenticated users to affect confidentiality… | |||
| CVE-2016-0442 | medium | — | 6.5 | 11y ago | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote authenticated users to affect confidentiality… | |||
| CVE-2016-1867 | medium | 6.5 | 6.5 | 11y ago | The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image. | |||
| CVE-2016-0777 | medium | 6.5 | 6.5 | 11y ago | The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmiss… | |||
| CVE-2016-1569 | medium | 6.5 | 6.5 | 11y ago | FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter. | |||
| CVE-2016-8764 | medium | 6.4 | 6.4 | 9y ago | The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 a… | |||
| CVE-2016-9316 | medium | 5.4 | 6.4 | 9y ago | Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Bu… | |||
| CVE-2016-8353 | medium | 6.4 | 6.4 | 9y ago | An issue was discovered in OSIsoft PI Web API 2015 R2 (Version 1.5.1). There is a weakness in this product that may allow an attacker to access the PI system without the proper permissions. | |||
| CVE-2016-0890 | medium | 6.4 | 6.4 | 10y ago | EMC PowerPath Virtual (Management) Appliance 2.0, EMC PowerPath Virtual (Management) Appliance 2.0 SP1 is affected by a sensitive information disclosure vulnerability that may potentially be exploite… | |||
| CVE-2016-9962 | medium | 6.4 | 6.4 | 10y ago | RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-d… | |||
| CVE-2016-7165 | medium | 6.4 | 6.4 | 10y ago | A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), S… | |||
| CVE-2016-5572 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||
| CVE-2016-5497 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||
| CVE-2016-1609 | medium | 5.4 | 6.4 | 10y ago | Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTM… | |||
| CVE-2016-5458 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the Oracle Communications EAGLE Application Processor component in Oracle Communications Applications 16.0 allows remote authenticated users to affect confidentiality and… | |||
| CVE-2016-5454 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot. | |||
| CVE-2016-3572 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote authenticated users to … | |||
| CVE-2016-4507 | medium | 6.4 | 6.4 | 10y ago | SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2016-3652 | medium | 5.4 | 6.4 | 10y ago | Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web s… | |||
| CVE-2016-1596 | medium | 5.4 | 6.4 | 10y ago | Multiple cross-site scripting (XSS) vulnerabilities in Micro Focus Novell Service Desk before 7.2 allow remote authenticated users to inject arbitrary web script or HTML via a certain (1) user name, … | |||
| CVE-2016-3431 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and in… | |||
| CVE-2016-3420 | medium | 6.4 | 6.4 | 10y ago | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and in… | |||
| CVE-2016-3168 | medium | 6.4 | 6.4 | 10y ago | Drupal Reflected file download vulnerability | |||
| CVE-2016-3676 | medium | 6.4 | 6.4 | 10y ago | Huawei E3276s USB modems with software before E3276s-150TCPU-V200R002B436D09SP00C00 allow man-in-the-middle attackers to intercept, spoof, or modify network traffic via unspecified vectors related to… | |||
| CVE-2016-1358 | medium | 6.4 | 6.4 | 10y ago | Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote authenticated users to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration … | |||
| CVE-2016-0589 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. | |||
| CVE-2016-0581 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Approvals Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to AME … | |||
| CVE-2016-0578 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to… | |||
| CVE-2016-0576 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related t… | |||
| CVE-2016-0563 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown … | |||
| CVE-2016-0560 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf… | |||
| CVE-2016-0559 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf… | |||
| CVE-2016-0554 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Interaction Center Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality an… | |||
| CVE-2016-0553 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integr… | |||
| CVE-2016-0552 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf… | |||
| CVE-2016-0551 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf… | |||
| CVE-2016-0550 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality a… | |||
| CVE-2016-0549 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela… | |||
| CVE-2016-0548 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela… | |||
| CVE-2016-0547 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela… | |||
| CVE-2016-0545 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect conf… | |||
| CVE-2016-0544 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Archite… | |||
| CVE-2016-0543 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Preview. | |||
| CVE-2016-0537 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to P… | |||
| CVE-2016-0532 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality a… | |||
| CVE-2016-0530 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confiden… | |||
| CVE-2016-0529 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confiden… | |||
| CVE-2016-0528 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confiden… | |||
| CVE-2016-0527 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confiden… | |||
| CVE-2016-0525 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity… | |||
| CVE-2016-0524 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related… | |||
| CVE-2016-0518 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to G… | |||
| CVE-2016-0517 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to G… | |||
| CVE-2016-0516 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Quality component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to QA / Orde… | |||
| CVE-2016-0515 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to … | |||
| CVE-2016-0514 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to … | |||
| CVE-2016-0512 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to S… | |||
| CVE-2016-0511 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela… | |||
| CVE-2016-0510 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors rela… | |||
| CVE-2016-0490 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integ… | |||
| CVE-2016-0488 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integ… | |||
| CVE-2016-0487 | medium | — | 6.4 | 11y ago | Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integ… | |||
| CVE-2016-2980 | medium | 6.3 | 6.3 | 9y ago | The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. IBM X-Fo… | |||
| CVE-2016-5063 | medium | 5.3 | 6.3 | 9y ago | The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote attackers to bypass authorization checks and make an RPC call via unspecified vecto… | |||
| CVE-2016-8007 | medium | 6.3 | 6.3 | 9y ago | Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific condi… | |||
| CVE-2016-9955 | medium | 6.3 | 6.3 | 9y ago | The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consu… | |||
| CVE-2016-8350 | medium | 6.3 | 6.3 | 9y ago | An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware… | |||
| CVE-2016-5372 | medium | 6.3 | 6.3 | 9y ago | Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact… | |||
| CVE-2016-9873 | medium | 6.3 | 6.3 | 10y ago | EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authenti… | |||
| CVE-2016-5990 | medium | 6.3 | 6.3 | 10y ago | IBM Security Privileged Identity Manager Virtual Appliance allows an authenticated user to upload malicious files that would be automatically executed by the server. | |||
| CVE-2016-5939 | medium | 6.3 | 6.3 | 10y ago | IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the… | |||
| CVE-2016-8299 | medium | 6.3 | 6.3 | 10y ago | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.… | |||
| CVE-2016-5545 | medium | 6.3 | 6.3 | 10y ago | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily explo… | |||
| CVE-2016-5221 | medium | 6.3 | 6.3 | 10y ago | multiple issues in chromium | |||
| CVE-2016-5219 | medium | 6.3 | 6.3 | 10y ago | multiple issues in chromium | |||
| CVE-2016-5216 | medium | 6.3 | 6.3 | 10y ago | multiple issues in chromium | |||
| CVE-2016-5215 | medium | 6.3 | 6.3 | 10y ago | multiple issues in chromium | |||
| CVE-2016-7169 | medium | 6.3 | 6.3 | 10y ago | Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authent… | |||
| CVE-2016-5190 | medium | 6.3 | 6.3 | 10y ago | multiple issues in chromium | |||
| CVE-2016-6628 | medium | 6.3 | 6.3 | 10y ago | phpMyAdmin Reflected File Download attack | |||
| CVE-2016-0325 | medium | 6.3 | 6.3 | 10y ago | IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 … | |||
| CVE-2016-5604 | medium | 6.3 | 6.3 | 10y ago | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors r… | |||
| CVE-2016-5601 | medium | 6.3 | 6.3 | 10y ago | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors r… | |||
| CVE-2016-3388 | medium | 5.3 | 6.3 | 10y ago | Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsof… |