2016 CVE Vulnerabilities
10,645 CVEs published in 2016.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2016-3101 | MEDIUM | 5.4 | 1.2% | Feb 9, 2017 | Cross-site scripting (XSS) vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to i... |
| CVE-2016-2781 | MEDIUM | 4.6 | 0.4% | Feb 7, 2017 | chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIO... |
| CVE-2016-6188 | MEDIUM | 6.5 | 2.1% | Feb 3, 2017 | Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of service (memory consumption) via a large number o... |
| CVE-2016-4571 | MEDIUM | 5.5 | 1.6% | Feb 3, 2017 | The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a de... |
| CVE-2016-4570 | MEDIUM | 5.5 | 1.6% | Feb 3, 2017 | The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial ... |
| CVE-2016-8216 | MEDIUM | 6.7 | 0.8% | Feb 3, 2017 | EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Da... |
| CVE-2016-0919 | MEDIUM | 6.1 | 1.4% | Feb 3, 2017 | EMC RSA Web Threat Detection version 5.0, RSA Web Threat Detection version 5.1, RSA Web Threat Detection version 5.1.2 h... |
| CVE-2016-0371 | MEDIUM | 5.5 | 0.3% | Feb 1, 2017 | The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application ... |
| CVE-2016-3022 | MEDIUM | 6.5 | 1.7% | Feb 1, 2017 | IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due... |
| CVE-2016-2050 | MEDIUM | 6.5 | 1.5% | Jan 31, 2017 | The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of service (out-of-bou... |
| CVE-2016-2402 | MEDIUM | 5.9 | 2.2% | Jan 30, 2017 | OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a c... |
| CVE-2016-2518 | MEDIUM | 5.3 | 15.2% | Jan 30, 2017 | The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-o... |
| CVE-2016-9401 | MEDIUM | 5.5 | 0.4% | Jan 23, 2017 | popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. |
| CVE-2016-7410 | MEDIUM | 5.5 | 1.5% | Jan 23, 2017 | The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (... |
| CVE-2016-4055 | MEDIUM | 6.5 | 9.9% | Jan 23, 2017 | The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of servi... |
| CVE-2016-7906 | MEDIUM | 5.5 | 1.7% | Jan 18, 2017 | magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a cr... |
| CVE-2016-7799 | MEDIUM | 6.5 | 3.6% | Jan 18, 2017 | MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds r... |
| CVE-2016-7101 | MEDIUM | 6.5 | 2.7% | Jan 18, 2017 | The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) v... |
| CVE-2016-9811 | MEDIUM | 4.7 | 2.3% | Jan 13, 2017 | The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc,... |
| CVE-2016-10027 | MEDIUM | 5.9 | 1.5% | Jan 12, 2017 | Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allow... |
| CVE-2016-10011 | MEDIUM | 6.2 | 1.1% | Jan 5, 2017 | authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which mig... |
| CVE-2016-9916 | MEDIUM | 6.5 | 0.4% | Dec 29, 2016 | Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial ... |
| CVE-2016-9915 | MEDIUM | 6.5 | 0.4% | Dec 29, 2016 | Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial... |
| CVE-2016-9914 | MEDIUM | 6.5 | 0.4% | Dec 29, 2016 | Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of ser... |
| CVE-2016-9913 | MEDIUM | 6.5 | 0.4% | Dec 29, 2016 | Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privi... |
Check if your code is affected by 2016 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now