Total
65641 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-3449 | 1 Oracle | 2 Jdk, Jre | 2023-12-10 | 7.6 HIGH | 8.3 HIGH |
| Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment. | |||||
| CVE-2016-0977 | 5 Adobe, Apple, Google and 2 more | 13 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 10 more | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. | |||||
| CVE-2016-3075 | 4 Canonical, Fedoraproject, Gnu and 1 more | 4 Ubuntu Linux, Fedora, Glibc and 1 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name. | |||||
| CVE-2016-0048 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | |||||
| CVE-2016-5578 | 1 Oracle | 1 Outside In Technology | 2023-12-10 | 7.5 HIGH | 8.6 HIGH |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-5558, CVE-2016-5574, CVE-2016-5577, CVE-2016-5579, and CVE-2016-5588. | |||||
| CVE-2016-2489 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
| The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407629. | |||||
| CVE-2016-7107 | 1 Huawei | 1 Uma | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors. | |||||
| CVE-2015-5038 | 1 Ibm | 1 Connections | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 does not properly detect recursion during XML entity expansion, which allows remote attackers to cause a denial of service (CPU consumption and application crash) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | |||||
| CVE-2016-3842 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
| The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28377352 and Qualcomm internal bug CR1002974. | |||||
| CVE-2016-8335 | 1 Iceni | 1 Argus | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable stack based buffer overflow vulnerability exists in the ipNameAdd functionality of Iceni Argus Version 6.6.04 (Sep 7 2012) NK - Linux x64 and Version 6.6.04 (Nov 14 2014) NK - Windows x64. A specially crafted pdf file can cause a buffer overflow resulting in arbitrary code execution. An attacker can send/provide malicious pdf file to trigger this vulnerability. | |||||
| CVE-2016-2569 | 1 Squid-cache | 1 Squid | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header. | |||||
| CVE-2016-2474 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
| The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603. | |||||
| CVE-2016-3946 | 1 Sap | 1 Sapconsole | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461. | |||||
| CVE-2015-4956 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2023-12-10 | 6.5 MEDIUM | 7.4 HIGH |
| The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to execute unspecified OS commands via unknown vectors. | |||||
| CVE-2016-5536 | 1 Oracle | 1 Platform Security For Java | 2023-12-10 | 6.5 MEDIUM | 7.6 HIGH |
| Unspecified vulnerability in the Oracle Platform Security for Java component in Oracle Fusion Middleware 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2016-8281. | |||||
| CVE-2016-6378 | 1 Cisco | 1 Ios Xe | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853. | |||||
| CVE-2015-6856 | 1 Dell | 1 Pre-boot Authentication Driver | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call. | |||||
| CVE-2016-3699 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Mrg, Linux | 2023-12-10 | 6.9 MEDIUM | 7.4 HIGH |
| The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd. | |||||
| CVE-2016-3210 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
| The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | |||||
| CVE-2015-8616 | 1 Php | 1 Php | 2023-12-10 | 7.5 HIGH | 8.6 HIGH |
| Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collator_sort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging the relationships between a key buffer and a destroyed array. | |||||