2016 CVE Vulnerabilities
10,645 CVEs published in 2016.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2016-8710 | HIGH | 7.8 | 3.4% | Jan 26, 2017 | An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted ... |
| CVE-2016-10159 | HIGH | 7.5 | 7.6% | Jan 24, 2017 | Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 all... |
| CVE-2016-9446 | HIGH | 7.5 | 3.6% | Jan 23, 2017 | The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensiti... |
| CVE-2016-9445 | HIGH | 7.5 | 3.7% | Jan 23, 2017 | Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via l... |
| CVE-2016-9381 | HIGH | 7.5 | 0.3% | Jan 23, 2017 | Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data o... |
| CVE-2016-6668 | HIGH | 7.5 | 3.7% | Jan 23, 2017 | The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 befor... |
| CVE-2016-5198 | HIGH | 8.8 | 34.7% | Jan 19, 2017 | V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac ... |
| CVE-2016-6497 | HIGH | 7.5 | 5.7% | Jan 18, 2017 | main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP en... |
| CVE-2016-6823 | HIGH | 7.5 | 4.8% | Jan 18, 2017 | Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (c... |
| CVE-2016-7434 | HIGH | 7.5 | 52.9% | Jan 13, 2017 | The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a craf... |
| CVE-2016-7426 | HIGH | 7.5 | 12.4% | Jan 13, 2017 | NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is... |
| CVE-2016-9882 | HIGH | 7.5 | 1.7% | Jan 13, 2017 | An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-release versions prior to... |
| CVE-2016-8399 | HIGH | 7 | 2.3% | Jan 12, 2017 | An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to... |
| CVE-2016-9131 | HIGH | 7.5 | 40.6% | Jan 12, 2017 | named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to c... |
| CVE-2016-9754 | HIGH | 7.8 | 0.5% | Jan 5, 2017 | The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.... |
| CVE-2016-10012 | HIGH | 7.8 | 1.3% | Jan 5, 2017 | The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure... |
| CVE-2016-10010 | HIGH | 7 | 4.2% | Jan 5, 2017 | sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which ... |
| CVE-2016-10009 | HIGH | 7.3 | 37.4% | Jan 5, 2017 | Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute... |
| CVE-2016-10088 | HIGH | 7 | 0.4% | Dec 30, 2016 | The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where th... |
| CVE-2016-9806 | HIGH | 7.8 | 0.4% | Dec 28, 2016 | Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local us... |
| CVE-2016-9794 | HIGH | 7.8 | 0.3% | Dec 28, 2016 | Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel ... |
| CVE-2016-9793 | HIGH | 7.8 | 1.6% | Dec 28, 2016 | The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbu... |
| CVE-2016-9777 | HIGH | 7.8 | 0.4% | Dec 28, 2016 | KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows... |
| CVE-2016-9576 | HIGH | 7.8 | 0.4% | Dec 28, 2016 | The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the typ... |
| CVE-2016-6787 | HIGH | 7 | 0.4% | Dec 28, 2016 | kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrati... |
Check if your code is affected by 2016 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now