2016 CVE Vulnerabilities
10,645 CVEs published in 2016.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2016-11077 | LOW | 2.7 | 0.6% | Jun 19, 2020 | An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change... |
| CVE-2016-11027 | LOW | 2.4 | 0.1% | Apr 7, 2020 | An issue was discovered on Samsung mobile devices with M(6.0) software. In the Shade Locked state, a physically proximat... |
| CVE-2016-1544 | LOW | 3.3 | 0.9% | Feb 6, 2020 | nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion). |
| CVE-2016-6586 | LOW | 3.7 | 1.3% | Jan 8, 2020 | A security bypass vulnerability exists in Symantec Norton Mobile Security for Android before 3.16, which could let a mal... |
| CVE-2016-4980 | LOW | 2.5 | 0.3% | Nov 27, 2019 | A password generation weakness exists in xquest through 2016-06-13. |
| CVE-2016-4983 | LOW | 3.3 | 0.4% | Nov 5, 2019 | A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files. |
| CVE-2016-1000002 | LOW | 2.4 | 0.5% | Nov 5, 2019 | gdm3 3.14.2 and possibly later has an information leak before screen lock |
| CVE-2016-4455 | LOW | 3.3 | 0.4% | Apr 14, 2017 | The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) fo... |
| CVE-2016-9085 | LOW | 3.3 | 0.4% | Feb 3, 2017 | Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors. |
| CVE-2016-8217 | LOW | 3.7 | 1.5% | Feb 3, 2017 | EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could... |
| CVE-2016-9908 | LOW | 3.3 | 0.4% | Dec 23, 2016 | Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. I... |
| CVE-2016-1000033 | LOW | 3.7 | 0.8% | Oct 25, 2016 | Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting... |
| CVE-2016-5429 | LOW | 3.7 | 1.3% | Sep 3, 2016 | jose-php before 2.2.1 does not use constant-time operations for HMAC comparison, which makes it easier for remote attack... |
| CVE-2016-0380 | LOW | 3.3 | 0.3% | Aug 8, 2016 | IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file per... |
| CVE-2016-5849 | LOW | 2.5 | 0.3% | Jul 4, 2016 | Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database s... |
| CVE-2016-3419 | LOW | 3.3 | 0.3% | Apr 21, 2016 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors relate... |
| CVE-2016-2091 | LOW | 3.3 | 0.9% | Feb 8, 2016 | The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of serv... |
Check if your code is affected by 2016 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now