2016 CVE Vulnerabilities
10,645 CVEs published in 2016.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2016-4370 | HIGH | 8.8 | 2.3% | Jun 9, 2016 | HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to ex... |
| CVE-2016-4450 | HIGH | 7.5 | 16.4% | Jun 7, 2016 | os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service... |
| CVE-2016-1391 | HIGH | 8.8 | 1.6% | Jun 4, 2016 | Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Netw... |
| CVE-2016-5126 | HIGH | 7.8 | 0.7% | Jun 1, 2016 | Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause... |
| CVE-2016-3697 | HIGH | 7.8 | 0.4% | Jun 1, 2016 | libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a po... |
| CVE-2016-0879 | HIGH | 7.5 | 2.2% | May 31, 2016 | Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing t... |
| CVE-2016-0878 | HIGH | 7.5 | 1.8% | May 31, 2016 | Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by se... |
| CVE-2016-0877 | HIGH | 7.5 | 1.8% | May 31, 2016 | Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (m... |
| CVE-2016-0876 | HIGH | 7.5 | 1.1% | May 31, 2016 | Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a co... |
| CVE-2016-0875 | HIGH | 7.5 | 1.8% | May 31, 2016 | Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a craft... |
| CVE-2016-4001 | HIGH | 8.6 | 4.9% | May 23, 2016 | Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet c... |
| CVE-2016-3958 | HIGH | 7.8 | 0.4% | May 23, 2016 | Untrusted search path vulnerability in Go before 1.5.4 and 1.6.x before 1.6.1 on Windows allows local users to gain priv... |
| CVE-2016-4951 | HIGH | 7.8 | 0.5% | May 23, 2016 | The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, wh... |
| CVE-2016-4913 | HIGH | 7.8 | 0.5% | May 23, 2016 | The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate na... |
| CVE-2016-4805 | HIGH | 7.8 | 0.5% | May 23, 2016 | Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cau... |
| CVE-2016-4794 | HIGH | 7.8 | 0.5% | May 23, 2016 | Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of serv... |
| CVE-2016-4568 | HIGH | 7.8 | 0.4% | May 23, 2016 | drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of servic... |
| CVE-2016-4565 | HIGH | 7.8 | 0.5% | May 23, 2016 | The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows... |
| CVE-2016-4558 | HIGH | 7 | 0.9% | May 23, 2016 | The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a deni... |
| CVE-2016-4557 | HIGH | 7.8 | 10.2% | May 23, 2016 | The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly mai... |
| CVE-2016-4343 | HIGH | 8.8 | 4.2% | May 22, 2016 | The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ... |
| CVE-2016-1834 | HIGH | 7.8 | 4.6% | May 20, 2016 | Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X b... |
| CVE-2016-3674 | HIGH | 7.5 | 8.4% | May 17, 2016 | Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Drive... |
| CVE-2016-3627 | HIGH | 7.5 | 7.1% | May 17, 2016 | The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dep... |
| CVE-2016-1669 | HIGH | 8.8 | 4.2% | May 14, 2016 | The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not... |
Check if your code is affected by 2016 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now