| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2016-2000 | HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote at... | S | |
| CVE-2016-2001 | HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain... | S | |
| CVE-2016-2002 | The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.... | S | |
| CVE-2016-2003 | HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x... | S | |
| CVE-2016-2004 | HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to e... | E | |
| CVE-2016-2005 | HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to ... | | |
| CVE-2016-2006 | HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to ... | | |
| CVE-2016-2007 | HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to ... | | |
| CVE-2016-2008 | HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to ... | | |
| CVE-2016-2009 | HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticat... | S | |
| CVE-2016-2010 | Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25... | S | |
| CVE-2016-2011 | Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25... | S | |
| CVE-2016-2012 | HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers t... | S | |
| CVE-2016-2013 | HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticat... | S | |
| CVE-2016-2014 | HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticat... | S | |
| CVE-2016-2015 | HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or mo... | M | |
| CVE-2016-2016 | Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxF... | S | |
| CVE-2016-2017 | HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive... | M | |
| CVE-2016-2018 | HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive informati... | M | |
| CVE-2016-2019 | HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive... | M | |
| CVE-2016-2020 | HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive... | M | |
| CVE-2016-2021 | HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive... | M | |
| CVE-2016-2022 | HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive... | M | |
| CVE-2016-2023 | HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified v... | S | |
| CVE-2016-2024 | HPE Insight Control before 7.5.1 allow remote attackers to obtain sensitive information, modify data... | M | |
| CVE-2016-2025 | HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to ob... | S | |
| CVE-2016-2026 | HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive informatio... | M | |
| CVE-2016-2027 | HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive informatio... | M | |
| CVE-2016-2028 | HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive ... | | |
| CVE-2016-2029 | HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive informatio... | | |
| CVE-2016-2030 | HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive... | M | |
| CVE-2016-2031 | Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient vali... | E | |
| CVE-2016-2032 | A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management i... | E | |
| CVE-2016-2033 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was asso... | R | |
| CVE-2016-2034 | SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0.... | | |
| CVE-2016-2035 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2036 | The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android ... | E | |
| CVE-2016-2037 | The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial... | | |
| CVE-2016-2038 | phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attac... | S | |
| CVE-2016-2039 | libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x bef... | S | |
| CVE-2016-2040 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x befo... | S | |
| CVE-2016-2041 | libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x befo... | S | |
| CVE-2016-2042 | phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive ... | S | |
| CVE-2016-2043 | Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in php... | S | |
| CVE-2016-2044 | libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote a... | S | |
| CVE-2016-2045 | Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows r... | S | |
| CVE-2016-2046 | Cross-site scripting (XSS) vulnerability in the UserPortal page in SOPHOS UTM before 9.353 allows re... | E | |
| CVE-2016-2047 | The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 1... | S | |
| CVE-2016-2048 | Django 1.9.x before 1.9.2, when ModelAdmin.save_as is set to True, allows remote authenticated users... | | |
| CVE-2016-2049 | examples/consumer/common.php in JanRain PHP OpenID library (aka php-openid) improperly checks the op... | | |
| CVE-2016-2050 | The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of... | | |
| CVE-2016-2051 | Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before... | | |
| CVE-2016-2052 | Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.... | | |
| CVE-2016-2053 | The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers ... | S | |
| CVE-2016-2054 | Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.2... | S | |
| CVE-2016-2055 | xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to r... | S | |
| CVE-2016-2056 | xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute ar... | S | |
| CVE-2016-2057 | lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an un... | S | |
| CVE-2016-2058 | Multiple cross-site scripting (XSS) vulnerabilities in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 a... | S | |
| CVE-2016-2059 | The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router ... | S | |
| CVE-2016-2060 | server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innova... | S | |
| CVE-2016-2061 | Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm ... | | |
| CVE-2016-2062 | The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GP... | S | |
| CVE-2016-2063 | Stack-based buffer overflow in the supply_lm_input_write function in drivers/thermal/supply_lm_core.... | S | |
| CVE-2016-2064 | sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3... | S | |
| CVE-2016-2065 | sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3... | S | |
| CVE-2016-2066 | Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm... | S | |
| CVE-2016-2067 | drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used... | S | |
| CVE-2016-2068 | The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovati... | S | |
| CVE-2016-2069 | Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain priv... | S | |
| CVE-2016-2070 | The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remo... | S | |
| CVE-2016-2071 | Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build ... | | |
| CVE-2016-2072 | The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetSc... | | |
| CVE-2016-2073 | The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of s... | | |
| CVE-2016-2074 | Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x... | S | |
| CVE-2016-2075 | Cross-site scripting (XSS) vulnerability in VMware vRealize Business Advanced and Enterprise 8.x bef... | | |
| CVE-2016-2076 | Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vC... | | |
| CVE-2016-2077 | VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly acce... | | |
| CVE-2016-2078 | Cross-site scripting (XSS) vulnerability in the Web Client in VMware vCenter Server 5.1 before updat... | E | |
| CVE-2016-2079 | VMware NSX Edge 6.1 before 6.1.7 and 6.2 before 6.2.3 and vCNS Edge 5.5 before 5.5.4.3, when the SSL... | S | |
| CVE-2016-2080 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2081 | Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 all... | S | |
| CVE-2016-2082 | Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.... | S | |
| CVE-2016-2083 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2084 | F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build... | | |
| CVE-2016-2085 | The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 doe... | S | |
| CVE-2016-2086 | Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow r... | S | |
| CVE-2016-2087 | Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read ... | E | |
| CVE-2016-2088 | resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote... | | |
| CVE-2016-2089 | The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denia... | | |
| CVE-2016-2090 | Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have uns... | S | |
| CVE-2016-2091 | The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to ca... | E | |
| CVE-2016-2094 | The HTTPS NIO Connector allows remote attackers to cause a denial of service (thread consumption) by... | | |
| CVE-2016-2097 | Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1... | S | |
| CVE-2016-2098 | Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows r... | E S | |
| CVE-2016-2099 | Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier... | | |
| CVE-2016-2100 | Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify,... | | |
| CVE-2016-2101 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2016-2102 | HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network.... | | |
| CVE-2016-2103 | Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to... | | |
| CVE-2016-2104 | Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to... | | |
| CVE-2016-2105 | Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t an... | S | |
| CVE-2016-2106 | Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t ... | | |
| CVE-2016-2107 | The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory ... | E S | |
| CVE-2016-2108 | The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to... | | |
| CVE-2016-2109 | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL ... | | |
| CVE-2016-2110 | The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, an... | S | |
| CVE-2016-2111 | The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2,... | S | |
| CVE-2016-2112 | The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x be... | S | |
| CVE-2016-2113 | Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificat... | S | |
| CVE-2016-2114 | The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.... | S | |
| CVE-2016-2115 | Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB sig... | S | |
| CVE-2016-2116 | Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote at... | | |
| CVE-2016-2117 | The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.... | | |
| CVE-2016-2118 | The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.... | | |
| CVE-2016-2119 | libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 al... | | |
| CVE-2016-2120 | An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 ... | | |
| CVE-2016-2121 | A permissions flaw was found in redis, which sets weak permissions on certain files and directories ... | | |
| CVE-2016-2122 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2016-2123 | A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an ... | S | |
| CVE-2016-2124 | A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw t... | S | |
| CVE-2016-2125 | It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets wh... | S | |
| CVE-2016-2126 | Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of th... | | |
| CVE-2016-2127 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2128 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2129 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2130 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2131 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2132 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2133 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2134 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2135 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2136 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2137 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2138 | In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xss_clean() in... | E S | |
| CVE-2016-2139 | In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in $file_link in ... | E S | |
| CVE-2016-2140 | The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (libe... | S | |
| CVE-2016-2141 | It was found that JGroups did not require necessary headers for encrypt and auth protocols from new ... | S | |
| CVE-2016-2142 | Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-co... | | |
| CVE-2016-2143 | The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four... | S | |
| CVE-2016-2144 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-0284. Reason: This candidate... | R | |
| CVE-2016-2145 | The am_read_post_data function in mod_auth_mellon before 0.11.1 does not check if the ap_get_client_... | S | |
| CVE-2016-2146 | The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data re... | S | |
| CVE-2016-2147 | Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cau... | E S | |
| CVE-2016-2148 | Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attack... | E S | |
| CVE-2016-2149 | Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to read log files from another na... | | |
| CVE-2016-2150 | SPICE allows local guest OS users to read from or write to arbitrary host memory locations via craft... | | |
| CVE-2016-2151 | user/index.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.... | | |
| CVE-2016-2152 | Multiple cross-site scripting (XSS) vulnerabilities in auth/db/auth.php in Moodle through 2.6.11, 2.... | | |
| CVE-2016-2153 | Cross-site scripting (XSS) vulnerability in the advanced-search feature in mod_data in Moodle throug... | | |
| CVE-2016-2154 | admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3... | | |
| CVE-2016-2155 | The grade-reporting feature in Singleview (aka Single View) in Moodle 2.8.x before 2.8.11, 2.9.x bef... | | |
| CVE-2016-2156 | calendar/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x b... | | |
| CVE-2016-2157 | Cross-site request forgery (CSRF) vulnerability in mod/assign/adminmanageplugins.php in Moodle throu... | | |
| CVE-2016-2158 | lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x ... | | |
| CVE-2016-2159 | The save_submission function in mod/assign/externallib.php in Moodle through 2.6.11, 2.7.x before 2.... | | |
| CVE-2016-2160 | Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute co... | S | |
| CVE-2016-2161 | In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the ser... | | |
| CVE-2016-2162 | Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInter... | | |
| CVE-2016-2163 | Cross-site scripting (XSS) vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers... | S | |
| CVE-2016-2164 | The (1) FileService.importFileByInternalUserId and (2) FileService.importFile SOAP API methods in Ap... | S | |
| CVE-2016-2165 | The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime v... | | |
| CVE-2016-2166 | The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnect... | S | |
| CVE-2016-2167 | The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1... | | |
| CVE-2016-2168 | The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion b... | | |
| CVE-2016-2169 | Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior t... | | |
| CVE-2016-2170 | Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute a... | S | |
| CVE-2016-2171 | The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using Jet... | S | |
| CVE-2016-2172 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2016-2173 | org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote at... | S | |
| CVE-2016-2174 | SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote aut... | | |
| CVE-2016-2175 | Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which... | S | |
| CVE-2016-2176 | The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1... | | |
| CVE-2016-2177 | OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which mi... | S | |
| CVE-2016-2178 | The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ens... | S | |
| CVE-2016-2179 | The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue ent... | | |
| CVE-2016-2180 | The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stam... | S | |
| CVE-2016-2181 | The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a... | | |
| CVE-2016-2182 | The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate di... | | |
| CVE-2016-2183 | The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and... | E S | |
| CVE-2016-2184 | The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linu... | E | |
| CVE-2016-2185 | The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 ... | E | |
| CVE-2016-2186 | The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allo... | E | |
| CVE-2016-2187 | The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows phys... | S | |
| CVE-2016-2188 | The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows... | E | |
| CVE-2016-2189 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-4565. Reason: This candida... | R | |
| CVE-2016-2190 | Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x befor... | | |
| CVE-2016-2191 | The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to... | E S | |
| CVE-2016-2192 | PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types t... | | |
| CVE-2016-2193 | PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans,... | S | |
| CVE-2016-2194 | The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cau... | | |
| CVE-2016-2195 | Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allow... | | |
| CVE-2016-2196 | Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows rem... | | |
| CVE-2016-2197 | QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer d... | S | |
| CVE-2016-2198 | QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer ... | S | |
| CVE-2016-2199 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation mana... | | |
| CVE-2016-2200 | Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to cause a denial of service... | | |
| CVE-2016-2201 | Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to bypass a replay protectio... | | |
| CVE-2016-2202 | The Inventory Solution component in the Management Agent in the client in Symantec Altiris IT Manage... | | |
| CVE-2016-2203 | The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows lo... | E | |
| CVE-2016-2204 | The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows lo... | | |
| CVE-2016-2205 | Directory traversal vulnerability in the file-download configuration file in the management console ... | | |
| CVE-2016-2206 | The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 befo... | | |
| CVE-2016-2207 | The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center S... | E | |
| CVE-2016-2208 | The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 before 20151.1.1.4 allows remote at... | E | |
| CVE-2016-2209 | Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protect... | E | |
| CVE-2016-2210 | Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protec... | E | |
| CVE-2016-2211 | The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center S... | | |
| CVE-2016-2212 | The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class in app/code/core/Mage/Rss/Hel... | E S | |
| CVE-2016-2213 | The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote a... | | |
| CVE-2016-2214 | Cross-site scripting (XSS) vulnerability in an unspecified portal authentication page in Huawei Agil... | | |
| CVE-2016-2216 | The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before... | S | |
| CVE-2016-2217 | The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the... | S | |
| CVE-2016-2219 | Cross-site scripting (XSS) vulnerability in the management interface in Palo Alto Networks PAN-OS 7.... | | |
| CVE-2016-2221 | Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in Wor... | S | |
| CVE-2016-2222 | The wp_http_validate_url function in wp-includes/http.php in WordPress before 4.4.2 allows remote at... | E S | |
| CVE-2016-2224 | The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS serv... | S | |
| CVE-2016-2225 | The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS s... | S | |
| CVE-2016-2226 | Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers ... | E | |
| CVE-2016-2228 | Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupw... | E | |
| CVE-2016-2230 | OpenELEC and RasPlex devices have a hardcoded password for the root account, which makes it easier f... | | |
| CVE-2016-2231 | The Windows-based Host Interface Program (WHIP) service on Huawei SmartAX MT882 devices V200R002B022... | E | |
| CVE-2016-2232 | Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk... | | |
| CVE-2016-2233 | Stack-based buffer overflow in the inbound_cap_ls function in common/inbound.c in HexChat 2.10.2 all... | E | |
| CVE-2016-2242 | Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to execute arbitrary code via the sc p... | E S | |
| CVE-2016-2243 | Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery ... | | |
| CVE-2016-2244 | HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow re... | | |
| CVE-2016-2245 | HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecifie... | | |
| CVE-2016-2246 | HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard applica... | S | |
| CVE-2016-2247 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2248 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2249 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2250 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-2550. Reason: This candida... | R | |
| CVE-2016-2251 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2252 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2253 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2254 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2255 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2256 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2257 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2258 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2259 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2260 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2261 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2262 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2263 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2264 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2265 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2266 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2267 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2016-2268 | Dell SecureWorks app before 2.1 for iOS does not validate SSL certificates, which allows man-in-the-... | S | |
| CVE-2016-2270 | Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) v... | S | |
| CVE-2016-2271 | VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to caus... | S | |
| CVE-2016-2272 | Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to have an unspecified impa... | | |
| CVE-2016-2273 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2274 | An issue was discovered in Adcon Telemetry A850 Telemetry Gateway Base Station. The Web Interface do... | | |
| CVE-2016-2275 | The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 ... | | |
| CVE-2016-2276 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2277 | IAB.exe in Rockwell Automation Integrated Architecture Builder (IAB) before 9.6.0.8 and 9.7.x before... | | |
| CVE-2016-2278 | Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P 1.... | E | |
| CVE-2016-2279 | Cross-site scripting (XSS) vulnerability in the web server in Rockwell Automation Allen-Bradley Comp... | E | |
| CVE-2016-2280 | Buffer overflow in RDISERVER in Honeywell Uniformance Process History Database (PHD) R310, R320, and... | | |
| CVE-2016-2281 | Untrusted search path vulnerability in ABB Panel Builder 800 5.1 allows local users to gain privileg... | | |
| CVE-2016-2282 | Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly... | | |
| CVE-2016-2283 | Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly... | | |
| CVE-2016-2284 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2285 | Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.... | | |
| CVE-2016-2286 | Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with f... | | |
| CVE-2016-2287 | Cross-site scripting (XSS) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote att... | | |
| CVE-2016-2288 | Cogent DataHub before 7.3.10 allows local users to gain privileges by leveraging the user or guest r... | E | |
| CVE-2016-2289 | Directory traversal vulnerability in ICONICS WebHMI 9 and earlier allows remote attackers to read co... | | |
| CVE-2016-2290 | Heap-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PF... | | |
| CVE-2016-2291 | Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and P... | | |
| CVE-2016-2292 | Stack-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, P... | | |
| CVE-2016-2293 | The AXM-NET module in Accuenergy Acuvim II NET Firmware 3.08 and Acuvim IIR NET Firmware 3.08 allows... | | |
| CVE-2016-2294 | The AXM-NET module in Accuenergy Acuvim II NET Firmware 3.08 and Acuvim IIR NET Firmware 3.08 allows... | | |
| CVE-2016-2295 | Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with f... | | |
| CVE-2016-2296 | Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "p... | E | |
| CVE-2016-2297 | Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arb... | | |
| CVE-2016-2298 | Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sens... | | |
| CVE-2016-2299 | SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to exe... | | |
| CVE-2016-2300 | Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access u... | | |
| CVE-2016-2301 | SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated us... | | |
| CVE-2016-2302 | Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by re... | | |
| CVE-2016-2303 | CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to in... | | |
| CVE-2016-2304 | Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for... | | |
| CVE-2016-2305 | Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote att... | | |
| CVE-2016-2306 | The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensi... | | |
| CVE-2016-2307 | American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 a... | | |
| CVE-2016-2308 | American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 a... | | |
| CVE-2016-2309 | iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to mo... | | |
| CVE-2016-2310 | General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.... | | |
| CVE-2016-2311 | Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmwa... | | |
| CVE-2016-2312 | Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can res... | | |
| CVE-2016-2313 | auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication t... | | |
| CVE-2016-2314 | GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote au... | E | |
| CVE-2016-2315 | revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to... | S | |
| CVE-2016-2316 | chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certif... | E S | |
| CVE-2016-2317 | Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of servi... | | |
| CVE-2016-2318 | GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference... | | |
| CVE-2016-2324 | Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) lon... | S | |
| CVE-2016-2326 | Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 all... | | |
| CVE-2016-2327 | libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, wh... | | |
| CVE-2016-2328 | libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which ... | | |
| CVE-2016-2329 | libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr ch... | | |
| CVE-2016-2330 | libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remo... | | |
| CVE-2016-2331 | The web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware ... | | |
| CVE-2016-2332 | flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices wit... | | |
| CVE-2016-2333 | SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 use the ... | | |
| CVE-2016-2334 | Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16... | E S | |
| CVE-2016-2335 | The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip a... | E | |
| CVE-2016-2336 | Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. A... | E | |
| CVE-2016-2337 | Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type o... | E | |
| CVE-2016-2338 | An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of R... | E | |
| CVE-2016-2339 | An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function ... | E | |
| CVE-2016-2340 | The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remote authenticated users to read ... | S | |
| CVE-2016-2342 | The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before... | | |
| CVE-2016-2343 | Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remo... | | |
| CVE-2016-2344 | Stack-based buffer overflow in manager.exe in Backburner Manager in Autodesk Backburner 2016 2016.0.... | | |
| CVE-2016-2345 | Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Con... | | |
| CVE-2016-2346 | Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, w... | E | |
| CVE-2016-2347 | Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.... | E S | |
| CVE-2016-2349 | Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arb... | M | |
| CVE-2016-2350 | Multiple cross-site scripting (XSS) vulnerabilities on the Accellion File Transfer Appliance (FTA) b... | E | |
| CVE-2016-2351 | SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer Ap... | E | |
| CVE-2016-2352 | The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote authenticated users to ... | | |
| CVE-2016-2353 | The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows local users to add an SSH key ... | E | |
| CVE-2016-2354 | The Bluetooth functionality in Lemur Vehicle Monitors BlueDriver before 2016-04-07 supports unrestri... | | |
| CVE-2016-2355 | SQL injection vulnerability in the REST API in dotCMS before 3.3.2 allows remote attackers to execut... | S | |
| CVE-2016-2356 | Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a l... | E | |
| CVE-2016-2357 | Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/con... | E | |
| CVE-2016-2358 | Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with h... | E | |
| CVE-2016-2359 | Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and... | E | |
| CVE-2016-2360 | Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is... | E | |
| CVE-2016-2362 | Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 has a hardcoded password for ... | | |
| CVE-2016-2363 | Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the... | | |
| CVE-2016-2364 | The Chrome HUDweb plugin before 2016-05-05 for Fonality (previously trixbox Pro) 12.6 through 14.1i ... | | |
| CVE-2016-2365 | A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially c... | S | |
| CVE-2016-2366 | A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially c... | S | |
| CVE-2016-2367 | An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT da... | S | |
| CVE-2016-2368 | Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Spe... | S | |
| CVE-2016-2369 | A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin. Spec... | S | |
| CVE-2016-2370 | A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially c... | S | |
| CVE-2016-2371 | An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Speciall... | S | |
| CVE-2016-2372 | An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT da... | S | |
| CVE-2016-2373 | A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially c... | S | |
| CVE-2016-2374 | An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin... | S | |
| CVE-2016-2375 | An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially c... | S | |
| CVE-2016-2376 | A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially cra... | S | |
| CVE-2016-2377 | A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially cra... | S | |
| CVE-2016-2378 | A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafte... | S | |
| CVE-2016-2379 | The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers t... | | |
| CVE-2016-2380 | An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT da... | S | |
| CVE-2016-2381 | Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child pro... | | |
| CVE-2016-2383 | The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consid... | S | |
| CVE-2016-2384 | Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel... | S | |
| CVE-2016-2385 | Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio... | E | |
| CVE-2016-2386 | SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attac... | KEV E | |
| CVE-2016-2387 | Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer servlet in... | | |
| CVE-2016-2388 | The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain ... | KEV E | |
| CVE-2016-2389 | Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration a... | E | |
| CVE-2016-2390 | The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 do... | | |
| CVE-2016-2391 | The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows loc... | S | |
| CVE-2016-2392 | The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 doe... | | |
| CVE-2016-2393 | Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint before 1.00.08 use weak ACLs for uns... | S | |
| CVE-2016-2396 | The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, ... | | |
| CVE-2016-2397 | The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 befor... | | |
| CVE-2016-2398 | Comcast XFINITY Home Security System does not properly maintain base-station communication, which al... | | |
| CVE-2016-2399 | Integer overflow in the quicktime_read_pascal function in libquicktime 1.2.4 and earlier allows remo... | E | |
| CVE-2016-2402 | OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pi... | | |
| CVE-2016-2403 | Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by loggin... | | |
| CVE-2016-2404 | Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R... | | |
| CVE-2016-2405 | Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to gai... | | |
| CVE-2016-2406 | The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC... | | |
| CVE-2016-2407 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2408 | Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Wind... | | |
| CVE-2016-2409 | A Texas Instruments (TI) haptic kernel driver in Android 6.x before 2016-04-01 allows attackers to g... | S | |
| CVE-2016-2410 | A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges ... | S | |
| CVE-2016-2411 | A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain ... | | |
| CVE-2016-2412 | include/core/SkPostConfig.h in Skia, as used in System_server in Android 4.x before 4.4.4, 5.0.x bef... | | |
| CVE-2016-2413 | media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x be... | | |
| CVE-2016-2414 | The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 doe... | | |
| CVE-2016-2415 | exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Andro... | | |
| CVE-2016-2416 | libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1... | | |
| CVE-2016-2417 | media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before... | E | |
| CVE-2016-2418 | media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain ... | | |
| CVE-2016-2419 | media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certai... | | |
| CVE-2016-2420 | rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the /data/tombstones directory exis... | | |
| CVE-2016-2421 | Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate att... | S | |
| CVE-2016-2422 | Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01... | | |
| CVE-2016-2423 | server/telecom/CallsManager.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x... | | |
| CVE-2016-2424 | server/content/SyncStorageEngine.java in SyncStorageEngine in Android 4.x before 4.4.4, 5.0.x before... | | |
| CVE-2016-2425 | mail/compose/ComposeActivity.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.... | S | |
| CVE-2016-2426 | server/content/ContentService.java in the Framework component in Android 4.x before 4.4.4, 5.0.x bef... | | |
| CVE-2016-2427 | The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the ... | | |
| CVE-2016-2428 | libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x b... | | |
| CVE-2016-2429 | libFLAC/stream_decoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x befor... | | |
| CVE-2016-2430 | libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x befor... | | |
| CVE-2016-2431 | The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), a... | S | |
| CVE-2016-2432 | The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices all... | S | |
| CVE-2016-2433 | The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows... | | |
| CVE-2016-2434 | The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain pri... | | |
| CVE-2016-2435 | The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain pri... | S | |
| CVE-2016-2436 | The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain pri... | S | |
| CVE-2016-2437 | The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain pri... | S | |
| CVE-2016-2438 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-2547, CVE-2016-2548. Reaso... | R | |
| CVE-2016-2439 | Buffer overflow in btif/src/btif_dm.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, ... | | |
| CVE-2016-2440 | libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x befo... | | |
| CVE-2016-2441 | The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attacke... | S | |
| CVE-2016-2442 | The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attacke... | S | |
| CVE-2016-2443 | The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows at... | S | |
| CVE-2016-2444 | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain pri... | S | |
| CVE-2016-2445 | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain pri... | S | |
| CVE-2016-2446 | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain pri... | S | |
| CVE-2016-2447 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-4477. Reason: This candida... | R | |
| CVE-2016-2448 | media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in mediaserver in Android 4.x before... | | |
| CVE-2016-2449 | services/camera/libcameraservice/device3/Camera3Device.cpp in mediaserver in Android 4.x before 4.4.... | | |
| CVE-2016-2450 | codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.... | S | |
| CVE-2016-2451 | codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x befor... | S | |
| CVE-2016-2452 | codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x bef... | | |
| CVE-2016-2453 | The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to ga... | S | |
| CVE-2016-2454 | The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote atta... | S | |
| CVE-2016-2455 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2456 | The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to ga... | S | |
| CVE-2016-2457 | server/pm/UserManagerService.java in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.... | | |
| CVE-2016-2458 | The compose functionality in AOSP Mail in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x be... | | |
| CVE-2016-2459 | mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016... | | |
| CVE-2016-2460 | mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016... | | |
| CVE-2016-2461 | OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional... | S | |
| CVE-2016-2462 | OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additiona... | S | |
| CVE-2016-2463 | Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x ... | | |
| CVE-2016-2464 | libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1... | | |
| CVE-2016-2465 | The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows atta... | S | |
| CVE-2016-2466 | The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain p... | S | |
| CVE-2016-2467 | The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain p... | S | |
| CVE-2016-2468 | The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows att... | S | |
| CVE-2016-2469 | The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attacker... | S | |
| CVE-2016-2470 | The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to... | S | |
| CVE-2016-2471 | The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to... | S | |
| CVE-2016-2472 | The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to... | S | |
| CVE-2016-2473 | The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to... | S | |
| CVE-2016-2474 | The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain ... | S | |
| CVE-2016-2475 | The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013)... | | |
| CVE-2016-2476 | mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016... | | |
| CVE-2016-2477 | mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x b... | | |
| CVE-2016-2478 | mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x b... | | |
| CVE-2016-2479 | The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1... | | |
| CVE-2016-2480 | The mm-video-v4l2 vidc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1... | | |
| CVE-2016-2481 | The mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1... | | |
| CVE-2016-2482 | The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1... | | |
| CVE-2016-2483 | The mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1... | | |
| CVE-2016-2484 | libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, a... | | |
| CVE-2016-2485 | libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, a... | | |
| CVE-2016-2486 | mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2,... | | |
| CVE-2016-2487 | libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, a... | | |
| CVE-2016-2488 | The Qualcomm camera driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices ... | S | |
| CVE-2016-2489 | The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows atta... | S | |
| CVE-2016-2490 | The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain pr... | S | |
| CVE-2016-2491 | The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain pr... | S | |
| CVE-2016-2492 | The MediaTek power-management driver in Android before 2016-06-01 on Android One devices allows atta... | S | |
| CVE-2016-2493 | The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013)... | S | |
| CVE-2016-2494 | Off-by-one error in sdcard/sdcard.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.... | E | |
| CVE-2016-2495 | SampleTable.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.... | | |
| CVE-2016-2496 | The Framework UI permission-dialog implementation in Android 6.x before 2016-06-01 allows attackers ... | S | |
| CVE-2016-2497 | services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android... | S | |
| CVE-2016-2498 | The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to... | S | |
| CVE-2016-2499 | AudioSource.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.... | | |
| CVE-2016-2500 | Activity Manager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does n... | | |
| CVE-2016-2501 | The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, 6, 6P, and 7 (2013) devices all... | S | |
| CVE-2016-2502 | drivers/usb/gadget/f_serial.c in the Qualcomm USB driver in Android before 2016-07-05 on Nexus 5X an... | | |
| CVE-2016-2503 | The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to ... | S | |
| CVE-2016-2504 | The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices all... | S | |
| CVE-2016-2505 | mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not val... | | |
| CVE-2016-2506 | DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5... | | |
| CVE-2016-2507 | Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in libstagefright in mediaserver in ... | | |
| CVE-2016-2508 | media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 4.x before 4.4.4, 5... | | |
| CVE-2016-2509 | The password-sync feature on Belden Hirschmann Classic Platform switches L2B before 05.3.07 and L2E,... | | |
| CVE-2016-2510 | BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serial... | E S | |
| CVE-2016-2511 | Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier allows remote attackers to inje... | E | |
| CVE-2016-2512 | The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote att... | | |
| CVE-2016-2513 | The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1.9.3 allows... | | |
| CVE-2016-2515 | Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service (CPU cons... | S | |
| CVE-2016-2516 | NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause ... | | |
| CVE-2016-2517 | NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (pre... | | |
| CVE-2016-2518 | The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attacke... | S | |
| CVE-2016-2519 | ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of serv... | | |
| CVE-2016-2521 | Untrusted search path vulnerability in the WiresharkApplication class in ui/qt/wireshark_application... | | |
| CVE-2016-2522 | The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER diss... | E | |
| CVE-2016-2523 | The dnp3_al_process_object function in epan/dissectors/packet-dnp.c in the DNP3 dissector in Wiresha... | | |
| CVE-2016-2524 | epan/dissectors/packet-x509af.c in the X.509AF dissector in Wireshark 2.0.x before 2.0.2 mishandles ... | | |
| CVE-2016-2525 | epan/dissectors/packet-http2.c in the HTTP/2 dissector in Wireshark 2.0.x before 2.0.2 does not limi... | | |
| CVE-2016-2526 | epan/dissectors/packet-hiqnet.c in the HiQnet dissector in Wireshark 2.0.x before 2.0.2 does not val... | | |
| CVE-2016-2527 | wiretap/nettrace_3gpp_32_423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0... | | |
| CVE-2016-2528 | The dissect_nhdr_extopt function in epan/dissectors/packet-lbmc.c in the LBMC dissector in Wireshark... | | |
| CVE-2016-2529 | The iseries_check_file_type function in wiretap/iseries.c in the iSeries file parser in Wireshark 2.... | | |
| CVE-2016-2530 | The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wiresha... | | |
| CVE-2016-2531 | Off-by-one error in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.1... | | |
| CVE-2016-2532 | The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wires... | | |
| CVE-2016-2533 | Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Im... | | |
| CVE-2016-2536 | Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Viewer allow remote attackers to... | | |
| CVE-2016-2537 | The is-my-json-valid package before 2.12.4 for Node.js has an incorrect exports['utc-millisec'] regu... | S | |
| CVE-2016-2538 | Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.... | | |
| CVE-2016-2539 | Cross-site request forgery (CSRF) vulnerability in install_modules.php in ATutor before 2.2.2 allows... | E S | |
| CVE-2016-2540 | Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and ap... | | |
| CVE-2016-2541 | Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and ap... | | |
| CVE-2016-2542 | Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to ... | | |
| CVE-2016-2543 | The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel befor... | S | |
| CVE-2016-2544 | Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before... | S | |
| CVE-2016-2545 | The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not pro... | S | |
| CVE-2016-2546 | sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows lo... | S | |
| CVE-2016-2547 | sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not conside... | S | |
| CVE-2016-2548 | sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or st... | S | |
| CVE-2016-2549 | sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, wh... | | |
| CVE-2016-2550 | The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial o... | S | |
| CVE-2016-2553 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2016-2554 | Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x bef... | E | |
| CVE-2016-2555 | SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attac... | E S | |
| CVE-2016-2556 | The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 3... | | |
| CVE-2016-2557 | The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 3... | | |
| CVE-2016-2558 | The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 3... | | |
| CVE-2016-2559 | Cross-site scripting (XSS) vulnerability in the format function in libraries/sql-parser/src/Utils/Er... | | |
| CVE-2016-2560 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x befo... | S | |
| CVE-2016-2561 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x be... | S | |
| CVE-2016-2562 | The checkHTTP function in libraries/Config.class.php in phpMyAdmin 4.5.x before 4.5.5.1 does not ver... | S | |
| CVE-2016-2563 | Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 ... | S | |
| CVE-2016-2564 | Invision Power Services (IPS) Community Suite before 4.1.9 makes session hijack easier by relying on... | | |
| CVE-2016-2565 | Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read se... | E | |
| CVE-2016-2566 | Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-... | | |
| CVE-2016-2567 | secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F bu... | E | |
| CVE-2016-2568 | pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a craf... | | |
| CVE-2016-2569 | Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which ... | | |
| CVE-2016-2570 | The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check b... | | |
| CVE-2016-2571 | http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data af... | | |
| CVE-2016-2572 | http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, w... | | |
| CVE-2016-2574 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2575 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2576 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2577 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2578 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2579 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2580 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2581 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2582 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2583 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2584 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2585 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2586 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2587 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2588 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2589 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2590 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2591 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2592 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2593 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2594 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2595 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2596 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2597 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2598 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2599 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2600 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2601 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2602 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2603 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2604 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2605 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2606 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2607 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2608 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2609 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2610 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2611 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2612 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2613 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2614 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2615 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2616 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2617 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2618 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2619 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2620 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2621 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2622 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2623 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2624 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2625 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2626 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2627 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2628 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2629 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2630 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2631 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2632 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2633 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2634 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2635 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2636 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2637 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2638 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2639 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2640 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2641 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2642 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2643 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2644 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2645 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2646 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2647 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2648 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2649 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2650 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2651 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2652 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2653 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2654 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2655 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2656 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2657 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2658 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2659 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2660 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2661 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2662 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2663 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2664 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2665 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2666 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2667 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2668 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2669 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2670 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2671 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2672 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2673 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2674 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2675 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2676 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2677 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2678 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2679 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2680 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2681 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2682 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2683 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2684 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2685 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2686 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2687 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2688 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2689 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2690 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2691 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2692 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2693 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2694 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2695 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2696 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2697 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2698 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2699 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2700 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2701 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2702 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2703 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2704 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2705 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2706 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2707 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2708 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2709 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2710 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2711 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2712 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2713 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2714 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2715 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2716 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2717 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2718 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2719 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2720 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2721 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2722 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2723 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2724 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2725 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2726 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2727 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2728 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2729 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2730 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2731 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2732 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2733 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2734 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2735 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2736 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2737 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2738 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2739 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2740 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2741 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2742 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2743 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2744 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2745 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2746 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2747 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2748 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2749 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2750 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2751 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2752 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2753 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2754 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2755 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2756 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2757 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2758 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2759 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2760 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2761 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2762 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2763 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2764 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2765 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2766 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2767 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2768 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2769 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2770 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2771 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2772 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2773 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2016-2774 | ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of c... | | |
| CVE-2016-2775 | ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or th... | S | |
| CVE-2016-2776 | buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc... | E | |
| CVE-2016-2777 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-1868. Reason: This candidate... | R | |
| CVE-2016-2779 | runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl... | | |
| CVE-2016-2780 | Untrusted search path vulnerability in Huawei UTPS before UTPS-V200R003B015D15SP00C983 allows local ... | | |
| CVE-2016-2781 | chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent sessi... | | |
| CVE-2016-2782 | The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physica... | E S | |
| CVE-2016-2783 | Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) before 4.2.3.0... | | |
| CVE-2016-2784 | CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote... | E | |
| CVE-2016-2785 | Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent befo... | | |
| CVE-2016-2786 | The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before ... | | |
| CVE-2016-2787 | The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly v... | | |
| CVE-2016-2788 | MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to e... | | |
| CVE-2016-2789 | Cross-site scripting (XSS) vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, ... | S | |
| CVE-2016-2790 | The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox... | | |
| CVE-2016-2791 | The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox bef... | | |
| CVE-2016-2792 | The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Fir... | | |
| CVE-2016-2793 | CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38... | | |
| CVE-2016-2794 | The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in ... | | |
| CVE-2016-2795 | The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefo... | | |
| CVE-2016-2796 | Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1... | | |
| CVE-2016-2797 | The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla... | | |
| CVE-2016-2798 | The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Fi... | | |
| CVE-2016-2799 | Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as u... | | |
| CVE-2016-2800 | The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Fir... | | |
| CVE-2016-2801 | The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as ... | | |
| CVE-2016-2802 | The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in M... | | |
| CVE-2016-2803 | Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11... | | |
| CVE-2016-2804 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remo... | | |
| CVE-2016-2805 | Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remot... | | |
| CVE-2016-2806 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefo... | | |
| CVE-2016-2807 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox E... | | |
| CVE-2016-2808 | The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x b... | | |
| CVE-2016-2809 | The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assist... | | |
| CVE-2016-2810 | Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature acce... | | |
| CVE-2016-2811 | Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozil... | | |
| CVE-2016-2812 | Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker sub... | | |
| CVE-2016-2813 | Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation a... | | |
| CVE-2016-2814 | Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstage... | | |
| CVE-2016-2815 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remo... | | |
| CVE-2016-2816 | Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) prot... | | |
| CVE-2016-2817 | The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox bef... | | |
| CVE-2016-2818 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefo... | | |
| CVE-2016-2819 | Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows re... | E | |
| CVE-2016-2820 | The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 do... | | |
| CVE-2016-2821 | Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and F... | | |
| CVE-2016-2822 | Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the add... | | |
| CVE-2016-2824 | The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x be... | | |
| CVE-2016-2825 | Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the ... | | |
| CVE-2016-2826 | The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows d... | | |
| CVE-2016-2827 | The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attack... | | |
| CVE-2016-2828 | Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows ... | | |
| CVE-2016-2829 | Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted ... | | |
| CVE-2016-2830 | Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used fo... | | |
| CVE-2016-2831 | Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves th... | | |
| CVE-2016-2832 | Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a f... | | |
| CVE-2016-2833 | Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java a... | | |
| CVE-2016-2834 | Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows ... | | |
| CVE-2016-2835 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 allow remo... | | |
| CVE-2016-2836 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefo... | | |
| CVE-2016-2837 | Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Ex... | | |
| CVE-2016-2838 | Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before... | | |
| CVE-2016-2839 | Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_... | | |
| CVE-2016-2840 | An issue was discovered in Open-Xchange Server 6 / OX AppSuite before 7.8.0-rev26. The "session" par... | | |
| CVE-2016-2841 | The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5... | | |
| CVE-2016-2842 | The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0... | | |
| CVE-2016-2843 | Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before... | | |
| CVE-2016-2844 | WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google Chrome before 49.0.2623.75, do... | | |
| CVE-2016-2845 | The Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 49.0.2623... | | |
| CVE-2016-2846 | Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote attackers to bypass a "user program bloc... | | |
| CVE-2016-2847 | fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which al... | S | |
| CVE-2016-2848 | ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial... | M | |
| CVE-2016-2849 | Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a mod... | | |
| CVE-2016-2850 | Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC cur... | | |
| CVE-2016-2851 | Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to ca... | E | |
| CVE-2016-2853 | The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, whi... | E | |
| CVE-2016-2854 | The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, wh... | E | |
| CVE-2016-2855 | The Huawei Mobile Broadband HL Service 22.001.25.00.03 and earlier uses a weak ACL for the MobileBrS... | | |
| CVE-2016-2856 | pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-... | | |
| CVE-2016-2857 | The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a... | | |
| CVE-2016-2858 | QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest... | S | |
| CVE-2016-2859 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-0834. Reason: This candida... | R | |
| CVE-2016-2860 | The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated use... | | |
| CVE-2016-2861 | IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 ... | S | |
| CVE-2016-2862 | Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 before ... | S | |
| CVE-2016-2863 | Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Commerce 7.0 Feature Pack 8, 8.0.0.... | | |
| CVE-2016-2864 | Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 ... | | |
| CVE-2016-2865 | The GIT Integration component in IBM Rational Team Concert (RTC) 5.x before 5.0.2 iFix14 and 6.x bef... | S | |
| CVE-2016-2866 | An unspecified vulnerability in IBM Jazz Team Server may disclose some deployment information to an ... | S | |
| CVE-2016-2867 | IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the r... | S | |
| CVE-2016-2868 | IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote authenticated administrators to read arbit... | S | |
| CVE-2016-2869 | Multiple cross-site scripting (XSS) vulnerabilities in the UI in IBM QRadar SIEM 7.1 before MR2 Patc... | | |
| CVE-2016-2870 | Buffer overflow in the CLI on IBM WebSphere DataPower XC10 appliances 2.1 and 2.5 allows remote auth... | | |
| CVE-2016-2871 | IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified ... | S | |
| CVE-2016-2872 | Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident... | | |
| CVE-2016-2873 | SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows r... | S | |
| CVE-2016-2874 | IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which allows ... | S | |
| CVE-2016-2875 | IBM Security QRadar SIEM 7.1.x and 7.2.x before 7.2.7 allows remote authenticated users to execute a... | S | |
| CVE-2016-2876 | IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an in... | S | |
| CVE-2016-2877 | IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified d... | S | |
| CVE-2016-2878 | Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 1... | | |
| CVE-2016-2879 | IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local... | S | |
| CVE-2016-2880 | IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be o... | S | |
| CVE-2016-2881 | IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 and QRadar Incident Forensics 7.2 befor... | S | |
| CVE-2016-2882 | IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allo... | S | |
| CVE-2016-2883 | Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4... | S | |
| CVE-2016-2884 | Cross-site request forgery (CSRF) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x befo... | S | |
| CVE-2016-2887 | IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .NET allows remote authenticated... | S | |
| CVE-2016-2888 | Cross-site scripting (XSS) vulnerability in the Report Builder and Data Collection Component (DCC) i... | | |
| CVE-2016-2889 | Cross-site request forgery (CSRF) vulnerability in the Report Builder and Data Collection Component ... | | |
| CVE-2016-2894 | IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.... | | |
| CVE-2016-2901 | Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere... | | |
| CVE-2016-2908 | IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused... | S | |
| CVE-2016-2912 | Cross-site scripting (XSS) vulnerability in the Document Builder in IBM Rational Publishing Engine (... | | |
| CVE-2016-2914 | Unrestricted file upload vulnerability in the Document Builder in IBM Rational Publishing Engine (ak... | S | |
| CVE-2016-2917 | The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 before 10.5.1 allows remote au... | M | |
| CVE-2016-2922 | IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) f... | | |
| CVE-2016-2923 | IBM WebSphere Application Server (WAS) 8.5 through 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 ... | | |
| CVE-2016-2924 | IBM Infosphere BigInsights is vulnerable to cross-site scripting, caused by improper validation of u... | S | |
| CVE-2016-2925 | Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5... | M | |
| CVE-2016-2926 | Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 befo... | S | |
| CVE-2016-2927 | IBM BigFix Remote Control before 9.1.3 does not properly restrict the set of available encryption al... | | |
| CVE-2016-2928 | IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive informa... | | |
| CVE-2016-2929 | IBM BigFix Remote Control before 9.1.3 does not properly restrict password choices, which makes it e... | | |
| CVE-2016-2930 | IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an adm... | S | |
| CVE-2016-2931 | IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive cleartext informa... | | |
| CVE-2016-2932 | IBM BigFix Remote Control before 9.1.3 allows remote attackers to conduct XML injection attacks via ... | | |
| CVE-2016-2933 | Directory traversal vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authentica... | | |
| CVE-2016-2934 | Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote att... | | |
| CVE-2016-2935 | The broker application in IBM BigFix Remote Control before 9.1.3 allows remote attackers to cause a ... | S | |
| CVE-2016-2936 | IBM BigFix Remote Control before 9.1.3 uses cleartext storage for unspecified passwords, which allow... | | |
| CVE-2016-2937 | IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive information or sp... | | |
| CVE-2016-2938 | IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary... | S | |
| CVE-2016-2939 | IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary... | S | |
| CVE-2016-2940 | Multiple unspecified vulnerabilities in IBM BigFix Remote Control before 9.1.3 allow remote attacker... | | |
| CVE-2016-2941 | IBM UrbanCode Deploy creates temporary files during step execution that could contain sensitive info... | | |
| CVE-2016-2942 | IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a scrip... | S | |
| CVE-2016-2943 | IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leverag... | | |
| CVE-2016-2944 | IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes... | | |
| CVE-2016-2945 | The API Discovery implementation in IBM WebSphere Application Server (WAS) 8.5.5.8 through 8.5.5.9 L... | | |
| CVE-2016-2946 | Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6... | S | |
| CVE-2016-2947 | IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, an... | | |
| CVE-2016-2948 | IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unsp... | | |
| CVE-2016-2949 | IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by reading... | | |
| CVE-2016-2950 | SQL injection vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated us... | | |
| CVE-2016-2951 | IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which ... | | |
| CVE-2016-2952 | IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it... | | |
| CVE-2016-2953 | IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 does not require SSL, which all... | S | |
| CVE-2016-2954 | Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 5.0 before CR4 and 5.5 bef... | S | |
| CVE-2016-2955 | Cross-site scripting (XSS) vulnerability in IBM Connections 5.0 before CR4 and 5.5 before CR1 allows... | S | |
| CVE-2016-2956 | Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 5.0 before CR4 and 5.5 bef... | S | |
| CVE-2016-2957 | IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated use... | S | |
| CVE-2016-2958 | IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated use... | S | |
| CVE-2016-2959 | IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room manager to remove the primary m... | S | |
| CVE-2016-2960 | IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x before 8.0.0.13, 8.5.0.x before ... | S | |
| CVE-2016-2961 | The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere ... | | |
| CVE-2016-2963 | Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote Control before 9.1.3 allows rem... | | |
| CVE-2016-2964 | IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too ... | S | |
| CVE-2016-2965 | IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by imp... | S | |
| CVE-2016-2966 | IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing ... | S | |
| CVE-2016-2967 | IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to... | S | |
| CVE-2016-2968 | IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authenti... | | |
| CVE-2016-2969 | IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that contain emails of people that should... | S | |
| CVE-2016-2970 | IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that m... | | |
| CVE-2016-2971 | IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive information in stack trace error lo... | | |
| CVE-2016-2972 | IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in t... | S | |
| CVE-2016-2973 | IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability ... | S | |
| CVE-2016-2974 | IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose pote... | S | |
| CVE-2016-2975 | IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to... | S | |
| CVE-2016-2976 | IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared... | S | |
| CVE-2016-2977 | IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in... | S | |
| CVE-2016-2978 | IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache loca... | S | |
| CVE-2016-2979 | IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability ... | S | |
| CVE-2016-2980 | The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can ... | S | |
| CVE-2016-2981 | An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized ... | S | |
| CVE-2016-2983 | IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circ... | S | |
| CVE-2016-2984 | IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System ... | | |
| CVE-2016-2985 | IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System ... | | |
| CVE-2016-2986 | Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x befo... | | |
| CVE-2016-2987 | An undisclosed vulnerability in CLM applications may result in some administrative deployment parame... | | |
| CVE-2016-2988 | IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect... | | |
| CVE-2016-2989 | Open redirect vulnerability in the Connections Portlets component 5.x before 5.0.2 for IBM WebSphere... | S | |
| CVE-2016-2991 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Protector for Mail Security 2.8.0.0... | | |
| CVE-2016-2992 | IBM Infosphere BigInsights is vulnerable to cross-site scripting. This vulnerability allows users to... | S | |
| CVE-2016-2994 | Cross-site scripting (XSS) vulnerability in IBM UrbanCode Deploy 6.2.x before 6.2.1.2 allows remote ... | | |
| CVE-2016-2995 | Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.0 through CR4, 4.5 throu... | S | |
| CVE-2016-2996 | IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Virtual Appliance is used, allow... | | |
| CVE-2016-2997 | Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.0 through CR4, 4.5 throu... | S | |
| CVE-2016-2998 | Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5,... | S | |
| CVE-2016-2999 | IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated ... | S |