2016 CVE Vulnerabilities
10,645 CVEs published in 2016.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2016-10178 | CRITICAL | 9.8 | 7.3% | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/s... |
| CVE-2016-10177 | CRITICAL | 9.8 | 6.9% | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with... |
| CVE-2016-10174 | CRITICAL | 9.8 | 83.5% | Jan 30, 2017 | The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cg... |
| CVE-2016-9054 | CRITICAL | 9.8 | 7.7% | Jan 26, 2017 | An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Serv... |
| CVE-2016-9052 | CRITICAL | 9.8 | 7.7% | Jan 26, 2017 | An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Serv... |
| CVE-2016-10160 | CRITICAL | 9.8 | 7.3% | Jan 24, 2017 | Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 all... |
| CVE-2016-7567 | CRITICAL | 9.8 | 12.4% | Jan 23, 2017 | Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have... |
| CVE-2016-3147 | CRITICAL | 9.8 | 5.7% | Jan 23, 2017 | Buffer overflow in the collector.exe listener of the Landesk Management Suite 10.0.0.271 and earlier allows remote attac... |
| CVE-2016-8204 | CRITICAL | 9.8 | 7.1% | Jan 14, 2017 | A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and ... |
| CVE-2016-2090 | CRITICAL | 9.8 | 3.2% | Jan 13, 2017 | Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via ... |
| CVE-2016-10141 | CRITICAL | 9.8 | 3.6% | Jan 13, 2017 | An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before... |
| CVE-2016-7480 | CRITICAL | 9.8 | 41.6% | Jan 11, 2017 | The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a ke... |
| CVE-2016-10045 | CRITICAL | 9.8 | 98.0% | Dec 30, 2016 | The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail comman... |
| CVE-2016-10033 | CRITICAL | 9.8 | 99.7% | Dec 30, 2016 | The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra para... |
| CVE-2016-7886 | CRITICAL | 9.8 | 6.3% | Dec 15, 2016 | Adobe InDesign version 11.4.1 and earlier, Adobe InDesign Server 11.0.0 and earlier have an exploitable memory corruptio... |
| CVE-2016-7951 | CRITICAL | 9.8 | 2.4% | Dec 13, 2016 | Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access o... |
| CVE-2016-6520 | CRITICAL | 9.1 | 4.1% | Dec 13, 2016 | Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact... |
| CVE-2016-9427 | CRITICAL | 9.8 | 4.1% | Dec 12, 2016 | Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (h... |
| CVE-2016-6829 | CRITICAL | 9.8 | 2.4% | Dec 9, 2016 | The trove service user in (1) Openstack deployment (aka crowbar-openstack) and (2) Trove Barclamp (aka barclamp-trove an... |
| CVE-2016-9157 | CRITICAL | 9.8 | 3.3% | Dec 5, 2016 | A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Serv... |
| CVE-2016-9555 | CRITICAL | 9.8 | 9.1% | Nov 28, 2016 | The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for th... |
| CVE-2016-9535 | CRITICAL | 9.8 | 4.8% | Nov 22, 2016 | tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or b... |
| CVE-2016-8339 | CRITICAL | 9.8 | 14.8% | Oct 28, 2016 | A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out o... |
| CVE-2016-7117 | CRITICAL | 9.8 | 24.3% | Oct 10, 2016 | Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remo... |
| CVE-2016-5343 | CRITICAL | 9.8 | 3.3% | Oct 10, 2016 | drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm I... |
Check if your code is affected by 2016 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now