2016 CVE Vulnerabilities
10,645 CVEs published in 2016.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2016-2147 | HIGH | 7.5 | 8.1% | Feb 9, 2017 | Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of servi... |
| CVE-2016-10044 | HIGH | 7.8 | 0.3% | Feb 7, 2017 | The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which mak... |
| CVE-2016-10165 | HIGH | 7.1 | 2.8% | Feb 3, 2017 | The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive informati... |
| CVE-2016-9108 | HIGH | 7.5 | 2.8% | Feb 3, 2017 | Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd546... |
| CVE-2016-8212 | HIGH | 7.5 | 1.9% | Feb 3, 2017 | An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. There is an Improper OCSP Validation Vulnerab... |
| CVE-2016-8211 | HIGH | 7.5 | 3.0% | Feb 3, 2017 | EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protecti... |
| CVE-2016-7798 | HIGH | 7.5 | 3.2% | Jan 30, 2017 | The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the ... |
| CVE-2016-6270 | HIGH | 8.8 | 6.1% | Jan 30, 2017 | The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile ... |
| CVE-2016-6268 | HIGH | 7.8 | 1.0% | Jan 30, 2017 | Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local... |
| CVE-2016-6267 | HIGH | 8.8 | 54.9% | Jan 30, 2017 | SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330... |
| CVE-2016-6266 | HIGH | 8.8 | 8.2% | Jan 30, 2017 | ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before... |
| CVE-2016-6167 | HIGH | 7.8 | 0.8% | Jan 30, 2017 | Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduc... |
| CVE-2016-10186 | HIGH | 7.5 | 4.2% | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules. |
| CVE-2016-10185 | HIGH | 7.5 | 4.2% | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. A secure_mode=no line exists in /var/miniupnpd.conf. |
| CVE-2016-10184 | HIGH | 7.5 | 5.6% | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal. |
| CVE-2016-10183 | HIGH | 7.5 | 5.6% | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal. |
| CVE-2016-10181 | HIGH | 7.5 | 3.9% | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for CfgType=get_homeCfg req... |
| CVE-2016-10180 | HIGH | 7.5 | 4.4% | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding. |
| CVE-2016-10179 | HIGH | 7.5 | 4.9% | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607. |
| CVE-2016-9795 | HIGH | 7.8 | 0.5% | Jan 27, 2017 | The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and ... |
| CVE-2016-6264 | HIGH | 7.5 | 2.7% | Jan 27, 2017 | Integer signedness error in libc/string/arm/memset.S in uClibc and uClibc-ng before 1.0.16 allows context-dependent atta... |
| CVE-2016-5827 | HIGH | 7.5 | 3.1% | Jan 27, 2017 | The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-b... |
| CVE-2016-9453 | HIGH | 7.8 | 2.6% | Jan 27, 2017 | The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds... |
| CVE-2016-10003 | HIGH | 7.5 | 4.8% | Jan 27, 2017 | Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in... |
| CVE-2016-9050 | HIGH | 8.2 | 2.9% | Jan 26, 2017 | An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database... |
Check if your code is affected by 2016 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now