2016 CVE Vulnerabilities

10,645 CVEs published in 2016.

CRITICAL217

2.0%

7.0%

4.5%

0.2%

86.3%

Filter:HIGHClear

CVE ID	Severity	CVSS	EPSS	Published	Description
CVE-2016-10951	HIGH	7.2	1.9%	Sep 13, 2019	The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter.
CVE-2016-10950	HIGH	8.8	1.9%	Sep 13, 2019	The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter.
CVE-2016-10949	HIGH	8.8	1.6%	Sep 13, 2019	The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization.
CVE-2016-10948	HIGH	8.1	1.7%	Sep 13, 2019	The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function.
CVE-2016-10947	HIGH	7.2	1.5%	Sep 13, 2019	The Post Indexer plugin before 3.0.6.2 for WordPress has SQL injection via the period parameter by a super admin.
CVE-2016-10946	HIGH	8.8	0.8%	Sep 13, 2019	The wp-d3 plugin before 2.4.1 for WordPress has CSRF.
CVE-2016-10945	HIGH	8.8	0.8%	Sep 13, 2019	The PageLines theme 1.1.4 for WordPress has wp-admin/admin-post.php?page=pagelines CSRF.
CVE-2016-10944	HIGH	8.8	0.7%	Sep 13, 2019	The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF.
CVE-2016-10943	HIGH	7.2	1.9%	Sep 13, 2019	The zx-csv-upload plugin 1 for WordPress has SQL injection via the id parameter.
CVE-2016-10940	HIGH	7.2	5.5%	Sep 13, 2019	The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter.
CVE-2016-10939	HIGH	7.2	1.6%	Sep 13, 2019	The xtremelocator plugin 1.5 for WordPress has SQL injection via the id parameter.
CVE-2016-10937	HIGH	7.5	0.9%	Sep 8, 2019	IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.
CVE-2016-10905	HIGH	7.8	0.6%	Aug 19, 2019	An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gf...
CVE-2016-10884	HIGH	8.8	0.7%	Aug 14, 2019	The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues.
CVE-2016-10874	HIGH	8.8	0.7%	Aug 12, 2019	The wp-database-backup plugin before 4.3.3 for WordPress has CSRF.
CVE-2016-5431	HIGH	7.5	0.8%	Aug 7, 2019	The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS ...
CVE-2016-10766	HIGH	8.8	0.6%	Jul 29, 2019	edx-platform before 2016-06-06 allows CSRF.
CVE-2016-1573	HIGH	7.8	0.4%	Apr 22, 2019	Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in p...
CVE-2016-2123	HIGH	8.8	6.2%	Nov 1, 2018	A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem...
CVE-2016-6328	HIGH	8.1	1.5%	Oct 31, 2018	A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can ...
CVE-2016-9045	HIGH	8.8	2.2%	Sep 17, 2018	A code execution vulnerability exists in ProcessMaker Enterprise Core 3.0.1.7-community. A specially crafted web request...
CVE-2016-9048	HIGH	7.4	0.8%	Sep 10, 2018	Multiple exploitable SQL Injection vulnerabilities exists in ProcessMaker Enterprise Core 3.0.1.7-community. Specially c...
CVE-2016-9044	HIGH	8.8	3.8%	Sep 7, 2018	An exploitable command execution vulnerability exists in Information Builders WebFOCUS Business Intelligence Portal 8.1 ...
CVE-2016-7048	HIGH	8.1	4.9%	Aug 20, 2018	The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote at...
CVE-2016-9487	HIGH	7.8	1.3%	Jul 13, 2018	EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation....

Check if your code is affected by 2016 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now