2016 CVE Vulnerabilities
10,645 CVEs published in 2016.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2016-6578 | HIGH | 8.8 | 0.9% | Jul 13, 2018 | CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a global cross-site request forgery (CSRF) vulnerability... |
| CVE-2016-9079 | HIGH | 7.5 | 87.9% | Jun 11, 2018 | A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been dis... |
| CVE-2016-8390 | HIGH | 7.8 | 1.3% | Jun 4, 2018 | An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.1... |
| CVE-2016-10690 | HIGH | 8.1 | 1.7% | Jun 4, 2018 | openframe-ascii-image module is an openframe plugin which adds support for ascii images via fim. openframe-ascii-image d... |
| CVE-2016-10688 | HIGH | 8.1 | 1.7% | Jun 4, 2018 | Haxe 3 : The Cross-Platform Toolkit (a fork from David Mouton's damoebius/haxe-npm) haxe3 downloads resources over HTTP,... |
| CVE-2016-10663 | HIGH | 8.1 | 2.2% | Jun 4, 2018 | wixtoolset is a Node module wrapper around the wixtoolset binaries wixtoolset downloads binary resources over HTTP, whic... |
| CVE-2016-1000338 | HIGH | 7.5 | 1.8% | Jun 1, 2018 | In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on ve... |
| CVE-2016-10595 | HIGH | 8.1 | 1.6% | Jun 1, 2018 | jdf-sass is a fork from node-sass, jdf use only. jdf-sass downloads executable resources over HTTP, which leaves it vuln... |
| CVE-2016-10583 | HIGH | 8.1 | 2.5% | Jun 1, 2018 | closure-utils is Utilities for Closure Library based projects. closure-utils downloads binary resources over HTTP, which... |
| CVE-2016-10560 | HIGH | 8.1 | 1.7% | May 31, 2018 | galenframework-cli is the node wrapper for the Galen Framework. galenframework-cli below 2.3.1 download binary resources... |
| CVE-2016-10524 | HIGH | 8.2 | 0.8% | May 31, 2018 | i18n-node-angular is a module used to interact between i18n and angular without using additional resources. A REST API e... |
| CVE-2016-10521 | HIGH | 7.5 | 1.1% | May 31, 2018 | jshamcrest is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in t... |
| CVE-2016-10520 | HIGH | 7.5 | 1.2% | May 31, 2018 | jadedown is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in. |
| CVE-2016-10680 | HIGH | 8.1 | 0.7% | May 29, 2018 | adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloa... |
| CVE-2016-10658 | HIGH | 8.1 | 1.7% | May 29, 2018 | native-opencv is the OpenCV library installed via npm native-opencv downloads binary resources over HTTP, which leaves i... |
| CVE-2016-9043 | HIGH | 7.8 | 2.8% | Apr 24, 2018 | An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Eng... |
| CVE-2016-9038 | HIGH | 7.8 | 0.3% | Apr 24, 2018 | An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A sp... |
| CVE-2016-8732 | HIGH | 7.8 | 0.6% | Apr 24, 2018 | Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. We... |
| CVE-2016-8730 | HIGH | 7.8 | 2.2% | Apr 24, 2018 | An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.... |
| CVE-2016-8729 | HIGH | 7.8 | 1.7% | Apr 24, 2018 | An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF ... |
| CVE-2016-8728 | HIGH | 7.8 | 1.9% | Apr 24, 2018 | An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A... |
| CVE-2016-8384 | HIGH | 8.8 | 1.5% | Apr 24, 2018 | An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter. |
| CVE-2016-8383 | HIGH | 8.8 | 2.2% | Apr 24, 2018 | An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter... |
| CVE-2016-9587 | HIGH | 8.1 | 17.9% | Apr 24, 2018 | Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent fr... |
| CVE-2016-9952 | HIGH | 8.1 | 1.3% | Mar 12, 2018 | The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using... |
Check if your code is affected by 2016 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now