| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2016-1000000 | Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection... | | |
| CVE-2016-1000001 | flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect... | S | |
| CVE-2016-1000002 | gdm3 3.14.2 and possibly later has an information leak before screen lock... | E | |
| CVE-2016-1000003 | Mirror Manager version 0.7.2 and older is vulnerable to remote code execution in the checkin code.... | S | |
| CVE-2016-1000004 | Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode an... | S | |
| CVE-2016-1000005 | mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to ... | S | |
| CVE-2016-1000006 | hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__cons... | | |
| CVE-2016-1000007 | Pagure 2.2.1 XSS in raw file endpoint... | S | |
| CVE-2016-1000009 | TP-LINK lost control of two domains, www.tplinklogin.net and tplinkextender.net. Please note that th... | | |
| CVE-2016-1000013 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10531. Reason: This candida... | R | |
| CVE-2016-1000014 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-3956. Reason: This candidate... | R | |
| CVE-2016-1000021 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10538. Reason: This candidat... | R | |
| CVE-2016-1000022 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10539. Reason: This candidat... | R | |
| CVE-2016-1000023 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10540. Reason: This candida... | R | |
| CVE-2016-1000025 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10542. Reason: This candida... | R | |
| CVE-2016-1000027 | Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue i... | E | |
| CVE-2016-1000028 | Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nes... | | |
| CVE-2016-1000029 | Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nes... | | |
| CVE-2016-1000030 | Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to im... | S | |
| CVE-2016-1000031 | Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution... | | |
| CVE-2016-1000032 | TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a missing nonce allowing attackers ... | | |
| CVE-2016-1000033 | Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification valid... | | |
| CVE-2016-1000037 | Pagure: XSS possible in file attachment endpoint... | S | |
| CVE-2016-1000100 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5385. Reason: This candidate... | R | |
| CVE-2016-1000101 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5386. Reason: This candidate... | R | |
| CVE-2016-1000102 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5387. Reason: This candidate... | R | |
| CVE-2016-1000103 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2016-1000104 | A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07.... | | |
| CVE-2016-1000105 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2016-1000106 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5388. Reason: This candidate... | R | |
| CVE-2016-1000107 | inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not pro... | | |
| CVE-2016-1000108 | yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and theref... | S | |
| CVE-2016-1000109 | HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not ... | E S | |
| CVE-2016-1000110 | The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name c... | | |
| CVE-2016-1000111 | Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and th... | S | |
| CVE-2016-1000112 | Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin... | E | |
| CVE-2016-1000113 | XSS and SQLi in huge IT gallery v1.1.5 for Joomla... | E | |
| CVE-2016-1000114 | XSS in huge IT gallery v1.1.5 for Joomla... | E | |
| CVE-2016-1000115 | Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS... | E | |
| CVE-2016-1000116 | Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS... | E | |
| CVE-2016-1000117 | XSS & SQLi in HugeIT slideshow v1.0.4... | E | |
| CVE-2016-1000118 | XSS & SQLi in HugeIT slideshow v1.0.4... | E | |
| CVE-2016-1000119 | SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla... | E | |
| CVE-2016-1000120 | SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla... | E | |
| CVE-2016-1000121 | XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension... | E | |
| CVE-2016-1000122 | XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension... | E | |
| CVE-2016-1000123 | Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla... | E | |
| CVE-2016-1000124 | Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6... | E | |
| CVE-2016-1000125 | Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla... | E | |
| CVE-2016-1000126 | Reflected XSS in wordpress plugin admin-font-editor v1.8... | E | |
| CVE-2016-1000127 | Reflected XSS in wordpress plugin ajax-random-post v2.00... | E | |
| CVE-2016-1000128 | Reflected XSS in wordpress plugin anti-plagiarism v3.60... | E | |
| CVE-2016-1000129 | Reflected XSS in wordpress plugin defa-online-image-protector v3.3... | E | |
| CVE-2016-1000130 | Reflected XSS in wordpress plugin e-search v1.0... | E | |
| CVE-2016-1000131 | Reflected XSS in wordpress plugin e-search v1.0... | E | |
| CVE-2016-1000132 | Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8... | E S | |
| CVE-2016-1000133 | Reflected XSS in wordpress plugin forget-about-shortcode-buttons v1.1.1... | E | |
| CVE-2016-1000134 | Reflected XSS in wordpress plugin hdw-tube v1.2... | E | |
| CVE-2016-1000135 | Reflected XSS in wordpress plugin hdw-tube v1.2... | E | |
| CVE-2016-1000136 | Reflected XSS in wordpress plugin heat-trackr v1.0... | E | |
| CVE-2016-1000137 | Reflected XSS in wordpress plugin hero-maps-pro v2.1.0... | E | |
| CVE-2016-1000138 | Reflected XSS in wordpress plugin indexisto v1.0.5... | E | |
| CVE-2016-1000139 | Reflected XSS in wordpress plugin infusionsoft v1.5.11... | E S | |
| CVE-2016-1000140 | Reflected XSS in wordpress plugin new-year-firework v1.1.9... | E | |
| CVE-2016-1000141 | Reflected XSS in wordpress plugin page-layout-builder v1.9.3... | E | |
| CVE-2016-1000142 | Reflected XSS in wordpress plugin parsi-font v4.2.5... | E | |
| CVE-2016-1000143 | Reflected XSS in wordpress plugin photoxhibit v2.1.8... | E | |
| CVE-2016-1000144 | Reflected XSS in wordpress plugin photoxhibit v2.1.8... | E | |
| CVE-2016-1000145 | Reflected XSS in wordpress plugin pondol-carousel v1.0... | E | |
| CVE-2016-1000146 | Reflected XSS in wordpress plugin pondol-formmail v1.1... | E | |
| CVE-2016-1000147 | Reflected XSS in wordpress plugin recipes-writer v1.0.4... | E | |
| CVE-2016-1000148 | Reflected XSS in wordpress plugin s3-video v0.983... | E | |
| CVE-2016-1000149 | Reflected XSS in wordpress plugin simpel-reserveren v3.5.2... | E | |
| CVE-2016-1000150 | Reflected XSS in wordpress plugin simplified-content v1.0.0... | E | |
| CVE-2016-1000151 | Reflected XSS in wordpress plugin tera-charts v1.0... | E | |
| CVE-2016-1000152 | Reflected XSS in wordpress plugin tidio-form v1.0... | E | |
| CVE-2016-1000153 | Reflected XSS in wordpress plugin tidio-gallery v1.1... | E | |
| CVE-2016-1000154 | Reflected XSS in wordpress plugin whizz v1.0.7... | E | |
| CVE-2016-1000155 | Reflected XSS in wordpress plugin wpsolr-search-engine v7.6... | E | |
| CVE-2016-1000156 | Mailcwp remote file upload vulnerability incomplete fix v1.100... | E | |
| CVE-2016-1000213 | Ruckus Wireless H500 web management interface CSRF... | | |
| CVE-2016-1000214 | Ruckus Wireless H500 web management interface authentication bypass... | | |
| CVE-2016-1000215 | Ruckus Wireless H500 web management interface denial of service... | | |
| CVE-2016-1000216 | Ruckus Wireless H500 web management interface authenticated command injection... | E | |
| CVE-2016-1000217 | Zotpress plugin for WordPress SQLi in zp_get_account()... | E | |
| CVE-2016-1000218 | Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF vulnerability that could allow an atta... | | |
| CVE-2016-1000219 | Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and author... | | |
| CVE-2016-1000220 | Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that would allow an attacker to execu... | | |
| CVE-2016-1000221 | Logstash prior to version 2.3.4, Elasticsearch Output plugin would log to file HTTP authorization he... | | |
| CVE-2016-1000222 | Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will creat... | | |
| CVE-2016-1000229 | swagger-ui has XSS in key names... | | |
| CVE-2016-1000232 | NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP reques... | S | |
| CVE-2016-1000236 | Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used... | S | |
| CVE-2016-1000237 | sanitize-html before 1.4.3 has XSS.... | | |
| CVE-2016-1000258 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10325. Reason: This candida... | R | |
| CVE-2016-1000259 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10326. Reason: This candida... | R | |
| CVE-2016-1000268 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-7510. Reason: This candid... | R | |
| CVE-2016-1000271 | Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQ... | E | |
| CVE-2016-1000276 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-1000010. Reason: This cand... | R | |
| CVE-2016-1000282 | Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versi... | E S | |
| CVE-2016-1000306 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-1000307. Reason: This candi... | R | |
| CVE-2016-1000307 | Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Re... | | |
| CVE-2016-1000338 | In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encodin... | S | |
| CVE-2016-1000339 | In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was... | S | |
| CVE-2016-1000340 | In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in t... | S | |
| CVE-2016-1000341 | In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to... | S | |
| CVE-2016-1000342 | In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encod... | S | |
| CVE-2016-1000343 | In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a we... | S | |
| CVE-2016-1000344 | In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use ... | S | |
| CVE-2016-1000345 | In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to pa... | S | |
| CVE-2016-1000346 | In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not full... | S | |
| CVE-2016-1000348 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10211. Reason: This candida... | R | |
| CVE-2016-1000349 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10209. Reason: This candida... | R | |
| CVE-2016-1000350 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10222. Reason: This candida... | R | |
| CVE-2016-1000351 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10226. Reason: This candida... | R | |
| CVE-2016-1000352 | In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use ... | S | |
| CVE-2016-1000360 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9847. Reason: This candida... | R | |
| CVE-2016-1000361 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9848. Reason: This candida... | R | |
| CVE-2016-1000362 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9849. Reason: This candida... | R | |
| CVE-2016-1000363 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9850. Reason: This candida... | R | |
| CVE-2016-1000364 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9851. Reason: This candida... | R | |
| CVE-2016-1000365 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9852, CVE-2016-9853, CVE-20... | R | |
| CVE-2016-1000366 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9856, CVE-2016-9857. Reaso... | R | |
| CVE-2016-1000367 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9858, CVE-2016-9859, CVE-20... | R | |
| CVE-2016-1000368 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9861. Reason: This candida... | R | |
| CVE-2016-1000369 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9862. Reason: This candida... | R | |
| CVE-2016-1000370 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9863. Reason: This candida... | R | |
| CVE-2016-1000371 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9864. Reason: This candida... | R | |
| CVE-2016-1000372 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9865. Reason: This candida... | R | |
| CVE-2016-1000373 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9866. Reason: This candida... | R | |
| CVE-2016-1000393 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10220. Reason: This candida... | R |