CVEs from 2016
Total
8,436
critical
critical 1,165
high
high 3,521
medium
medium 3,172
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-10150 | critical | 9.8 | 9.8 | 10y ago | Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or poss… | |||
| CVE-2016-10098 | critical | 9.8 | 9.8 | 10y ago | An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands. | |||
| CVE-2016-6095 | critical | 9.8 | 9.8 | 10y ago | IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | |||
| CVE-2016-6090 | critical | 9.8 | 9.8 | 10y ago | IBM WebSphere Commerce contains an unspecified vulnerability that could allow disclosure of user personal data, performing of unauthorized administrative operations, and potentially causing a denial … | |||
| CVE-2016-5964 | critical | 9.8 | 9.8 | 10y ago | IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | |||
| CVE-2016-10164 | critical | 9.8 | 9.8 | 10y ago | Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or e… | |||
| CVE-2016-9420 | critical | 9.8 | 9.8 | 10y ago | MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to have unspecified impact via vectors related to "loose comparison false positives." | |||
| CVE-2016-9416 | critical | 9.8 | 9.8 | 10y ago | SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to execute arbitrary SQL commands via unspe… | |||
| CVE-2016-9412 | critical | 9.8 | 9.8 | 10y ago | MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy. | |||
| CVE-2016-9403 | critical | 9.8 | 9.8 | 10y ago | newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a missing permission check. | |||
| CVE-2016-9402 | critical | 9.8 | 9.8 | 10y ago | SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via uns… | |||
| CVE-2016-9132 | critical | 9.8 | 9.8 | 10y ago | In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect an… | |||
| CVE-2016-6604 | critical | 9.8 | 9.8 | 10y ago | NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382. | |||
| CVE-2016-10182 | critical | 9.8 | 9.8 | 10y ago | An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with ` characters. | |||
| CVE-2016-10178 | critical | 9.8 | 9.8 | 10y ago | An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/sh" command. | |||
| CVE-2016-10177 | critical | 9.8 | 9.8 | 10y ago | An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234. | |||
| CVE-2016-8575 | critical | 9.8 | 9.8 | 10y ago | The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482. | |||
| CVE-2016-8574 | critical | 9.8 | 9.8 | 10y ago | The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). | |||
| CVE-2016-7993 | critical | 9.8 | 9.8 | 10y ago | A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). | |||
| CVE-2016-7992 | critical | 9.8 | 9.8 | 10y ago | The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). | |||
| CVE-2016-7986 | critical | 9.8 | 9.8 | 10y ago | The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. | |||
| CVE-2016-7985 | critical | 9.8 | 9.8 | 10y ago | The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). | |||
| CVE-2016-7984 | critical | 9.8 | 9.8 | 10y ago | The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). | |||
| CVE-2016-7983 | critical | 9.8 | 9.8 | 10y ago | The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). | |||
| CVE-2016-7975 | critical | 9.8 | 9.8 | 10y ago | The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). | |||
| CVE-2016-7974 | critical | 9.8 | 9.8 | 10y ago | The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. | |||
| CVE-2016-7973 | critical | 9.8 | 9.8 | 10y ago | The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. | |||
| CVE-2016-7940 | critical | 9.8 | 9.8 | 10y ago | The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. | |||
| CVE-2016-7939 | critical | 9.8 | 9.8 | 10y ago | The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. | |||
| CVE-2016-7938 | critical | 9.8 | 9.8 | 10y ago | The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame(). | |||
| CVE-2016-7937 | critical | 9.8 | 9.8 | 10y ago | The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). | |||
| CVE-2016-7936 | critical | 9.8 | 9.8 | 10y ago | The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). | |||
| CVE-2016-7935 | critical | 9.8 | 9.8 | 10y ago | The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). | |||
| CVE-2016-7934 | critical | 9.8 | 9.8 | 10y ago | The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). | |||
| CVE-2016-7933 | critical | 9.8 | 9.8 | 10y ago | The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). | |||
| CVE-2016-7932 | critical | 9.8 | 9.8 | 10y ago | The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). | |||
| CVE-2016-7931 | critical | 9.8 | 9.8 | 10y ago | The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). | |||
| CVE-2016-7930 | critical | 9.8 | 9.8 | 10y ago | The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). | |||
| CVE-2016-7929 | critical | 9.8 | 9.8 | 10y ago | The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). | |||
| CVE-2016-7928 | critical | 9.8 | 9.8 | 10y ago | The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). | |||
| CVE-2016-7927 | critical | 9.8 | 9.8 | 10y ago | The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). | |||
| CVE-2016-7926 | critical | 9.8 | 9.8 | 10y ago | The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). | |||
| CVE-2016-7925 | critical | 9.8 | 9.8 | 10y ago | The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). | |||
| CVE-2016-7924 | critical | 9.8 | 9.8 | 10y ago | The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). | |||
| CVE-2016-7923 | critical | 9.8 | 9.8 | 10y ago | The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). | |||
| CVE-2016-7922 | critical | 9.8 | 9.8 | 10y ago | The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). | |||
| CVE-2016-9636 | critical | 9.8 | 9.8 | 10y ago | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a deni… | |||
| CVE-2016-9635 | critical | 9.8 | 9.8 | 10y ago | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a deni… | |||
| CVE-2016-9634 | critical | 9.8 | 9.8 | 10y ago | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a deni… | |||
| CVE-2016-8411 | critical | 9.8 | 9.8 | 10y ago | Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775. | |||
| CVE-2016-9054 | critical | 9.8 | 9.8 | 10y ago | An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow… | |||
| CVE-2016-9052 | critical | 9.8 | 9.8 | 10y ago | An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow… | |||
| CVE-2016-6912 | critical | 9.8 | 9.8 | 10y ago | Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values. | |||
| CVE-2016-9307 | critical | 9.8 | 9.8 | 10y ago | Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files. | |||
| CVE-2016-9306 | critical | 9.8 | 9.8 | 10y ago | Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files. | |||
| CVE-2016-9305 | critical | 9.8 | 9.8 | 10y ago | Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain acce… | |||
| CVE-2016-9303 | critical | 9.8 | 9.8 | 10y ago | Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files. | |||
| CVE-2016-10160 | critical | 9.8 | 9.8 | 10y ago | Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possib… | |||
| CVE-2016-9081 | critical | 9.8 | 9.8 | 10y ago | Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors. | |||
| CVE-2016-7036 | critical | 9.8 | 9.8 | 10y ago | python-jose before 1.3.2 allows attackers to have unspecified impact by leveraging failure to use a constant time comparison for HMAC keys. | |||
| CVE-2016-6517 | critical | 9.8 | 9.8 | 10y ago | Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified impact via a %2E%2E (encoded dot dot) in the minifierBundleDir parameter to barebone.jsp. | |||
| CVE-2016-6164 | critical | 9.8 | 9.8 | 10y ago | Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors … | |||
| CVE-2016-5873 | critical | 9.8 | 9.8 | 10y ago | Buffer overflow in the HTTP URL parsing functions in pecl_http before 3.0.1 might allow remote attackers to execute arbitrary code via non-printable characters in a URL. | |||
| CVE-2016-5742 | critical | 9.8 | 9.8 | 10y ago | SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x before 6.1.3 and 6.2.x before 6.2.6 and Movable Type Open Source 5.2.13 and earlier allows remote attackers t… | |||
| CVE-2016-3177 | critical | 9.8 | 9.8 | 10y ago | Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors. | |||
| CVE-2016-3147 | critical | 9.8 | 9.8 | 10y ago | Buffer overflow in the collector.exe listener of the Landesk Management Suite 10.0.0.271 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a lar… | |||
| CVE-2016-2783 | critical | 9.8 | 9.8 | 10y ago | Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attack… | |||
| CVE-2016-2242 | critical | 9.8 | 9.8 | 10y ago | Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to execute arbitrary code via the sc parameter to install/index.php. | |||
| CVE-2016-1925 | critical | 9.8 | 9.8 | 10y ago | Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer… | |||
| CVE-2016-10157 | critical | 9.8 | 9.8 | 10y ago | Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries to load CSUNSAPI.dll without supplying the complete path. The issue is aggravated because the mentioned DLL is missing from the inst… | |||
| CVE-2016-7794 | critical | 9.8 | 9.8 | 10y ago | sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository name. | |||
| CVE-2016-9679 | critical | 9.8 | 9.8 | 10y ago | Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer. | |||
| CVE-2016-9678 | critical | 9.8 | 9.8 | 10y ago | Use-after-free vulnerability in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2016-9676 | critical | 9.8 | 9.8 | 10y ago | Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2016-7996 | critical | 9.8 | 9.8 | 10y ago | Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. | |||
| CVE-2016-8205 | critical | 9.8 | 9.8 | 10y ago | A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious fi… | |||
| CVE-2016-8204 | critical | 9.8 | 9.8 | 10y ago | A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a s… | |||
| CVE-2016-2090 | critical | 9.8 | 9.8 | 10y ago | Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow. | |||
| CVE-2016-10141 | critical | 9.8 | 9.8 | 10y ago | An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expres… | |||
| CVE-2016-3152 | critical | 9.8 | 9.8 | 10y ago | Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image. | |||
| CVE-2016-3149 | critical | 9.8 | 9.8 | 10y ago | Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 allow remote attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2016-8606 | critical | 9.8 | 9.8 | 10y ago | The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack. | |||
| CVE-2016-7791 | critical | 9.8 | 9.8 | 10y ago | Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload an evil 'exploit.tar.gz' file to the website, then extract it by visiting '/install… | |||
| CVE-2016-7790 | critical | 9.8 | 9.8 | 10y ago | Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload 'php' file to the website through uploader_paste.php, then overwrite /framework/con… | |||
| CVE-2016-8459 | critical | 9.8 | 9.8 | 10y ago | Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-3257… | |||
| CVE-2016-8440 | critical | 9.8 | 9.8 | 10y ago | Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31… | |||
| CVE-2016-8439 | critical | 9.8 | 9.8 | 10y ago | Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: … | |||
| CVE-2016-8438 | critical | 9.8 | 9.8 | 10y ago | Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Androi… | |||
| CVE-2016-8437 | critical | 9.8 | 9.8 | 10y ago | Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1… | |||
| CVE-2016-8398 | critical | 9.8 | 9.8 | 10y ago | Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. Refere… | |||
| CVE-2016-10131 | critical | 9.8 | 9.8 | 10y ago | CodeIgniter arbitrary code execution | |||
| CVE-2016-7479 | critical | 9.8 | 9.8 | 10y ago | In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain ar… | |||
| CVE-2016-7480 | critical | 9.8 | 9.8 | 10y ago | The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or caus… | |||
| CVE-2016-6830 | critical | 9.8 | 9.8 | 10y ago | The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve() call. This would allow user-s… | |||
| CVE-2016-10126 | critical | 9.8 | 9.8 | 10y ago | Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP … | |||
| CVE-2016-9885 | critical | 9.8 | 9.8 | 10y ago | An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x versions prior to 1.7.1. The gfsh (Geode Shell) endpoint, used by operators and application developers to co… | |||
| CVE-2016-8705 | critical | 9.8 | 9.8 | 10y ago | Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and le… | |||
| CVE-2016-8704 | critical | 9.8 | 9.8 | 10y ago | An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow a… | |||
| CVE-2016-4336 | critical | 9.8 | 9.8 | 10y ago | An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow… | |||
| CVE-2016-2339 | critical | 9.8 | 9.8 | 10y ago | An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is m… |