2016 CVE Vulnerabilities
10,645 CVEs published in 2016.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2016-3113 | MEDIUM | 6.1 | 2.7% | Aug 7, 2017 | Cross-site scripting (XSS) vulnerability in ovirt-engine allows remote attackers to inject arbitrary web script or HTML. |
| CVE-2016-5394 | MEDIUM | 6.1 | 2.6% | Jul 19, 2017 | In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() meth... |
| CVE-2016-0764 | MEDIUM | 6.2 | 0.3% | Jul 17, 2017 | Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Li... |
| CVE-2016-8219 | MEDIUM | 6.5 | 1.0% | Jun 13, 2017 | An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to ... |
| CVE-2016-2192 | MEDIUM | 6.5 | 0.9% | Jun 6, 2017 | PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own. |
| CVE-2016-0767 | MEDIUM | 6.5 | 0.9% | Jun 6, 2017 | PostgreSQL PL/Java before 1.5.0 allows remote authenticated users with USAGE permission on the public schema to alter th... |
| CVE-2016-2165 | MEDIUM | 6.5 | 0.9% | May 25, 2017 | The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions prior to 1.5... |
| CVE-2016-10374 | MEDIUM | 5.5 | 0.3% | May 17, 2017 | perltidy through 20160302, as used by perlcritic, check-all-the-things, and other software, relies on the current workin... |
| CVE-2016-4877 | MEDIUM | 5.4 | 0.9% | May 12, 2017 | Cross-site scripting vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote authenticated attack... |
| CVE-2016-4839 | MEDIUM | 5.5 | 1.7% | May 12, 2017 | The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for... |
| CVE-2016-2126 | MEDIUM | 6.5 | 6.6% | May 11, 2017 | Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Att... |
| CVE-2016-7055 | MEDIUM | 5.9 | 14.3% | May 4, 2017 | There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.... |
| CVE-2016-4840 | MEDIUM | 5.9 | 1.1% | Apr 21, 2017 | Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL ce... |
| CVE-2016-4830 | MEDIUM | 5.9 | 1.0% | Apr 21, 2017 | Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1.16.1 and earlier do not verify SSL certificates. |
| CVE-2016-1184 | MEDIUM | 5.9 | 1.0% | Apr 21, 2017 | Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not validate SSL certificates. |
| CVE-2016-4075 | MEDIUM | 6.1 | 1.2% | Apr 21, 2017 | Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the displayed URL via a crafted HTML document, related... |
| CVE-2016-7538 | MEDIUM | 6.5 | 3.4% | Apr 20, 2017 | coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted fil... |
| CVE-2016-7536 | MEDIUM | 6.5 | 2.7% | Apr 20, 2017 | magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted ... |
| CVE-2016-7535 | MEDIUM | 6.5 | 3.3% | Apr 20, 2017 | coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD... |
| CVE-2016-7534 | MEDIUM | 6.5 | 3.3% | Apr 20, 2017 | The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a cra... |
| CVE-2016-7532 | MEDIUM | 6.5 | 2.9% | Apr 20, 2017 | coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD ... |
| CVE-2016-7530 | MEDIUM | 6.5 | 3.3% | Apr 20, 2017 | The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or o... |
| CVE-2016-7527 | MEDIUM | 6.5 | 2.5% | Apr 20, 2017 | coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file... |
| CVE-2016-7526 | MEDIUM | 6.5 | 3.8% | Apr 20, 2017 | coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted fil... |
| CVE-2016-7525 | MEDIUM | 6.5 | 3.1% | Apr 20, 2017 | Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-b... |
Check if your code is affected by 2016 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now