CVE-2016-9xxx

There are 918 CVE in this subgroup.

Last updated:

← Back to 2016

ID	Summary	Flags
CVE-2016-9000	IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe ...	S
CVE-2016-9005	IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the...
CVE-2016-9006	IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. This vulnerability allows us...
CVE-2016-9008	IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX inte...	S
CVE-2016-9009	IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to ...	S
CVE-2016-9010	IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacker to hijack the clicking actio...	S
CVE-2016-9011	The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of serv...
CVE-2016-9012	CloudVision Portal (CVP) before 2016.1.2.1 allows remote authenticated users to gain access to the i...
CVE-2016-9013	Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password f...
CVE-2016-9014	Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBU...
CVE-2016-9015	Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them...	M
CVE-2016-9016	Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a craf...	S
CVE-2016-9017	Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent...	E S
CVE-2016-9018	Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null point...	E
CVE-2016-9019	SQL injection vulnerability in the activate_address function in framework/modules/addressbook/contro...	S
CVE-2016-9020	SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS...	S
CVE-2016-9021	Exponent CMS before 2.6.0 has improper input validation in storeController.php....	S
CVE-2016-9022	Exponent CMS before 2.6.0 has improper input validation in usersController.php....	S
CVE-2016-9023	Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php....	S
CVE-2016-9025	Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php....	S
CVE-2016-9026	Exponent CMS before 2.6.0 has improper input validation in fileController.php....	S
CVE-2016-9028	Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.3...
CVE-2016-9031	An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. ...	E
CVE-2016-9032	An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. T...	E
CVE-2016-9033	An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. T...	E
CVE-2016-9034	An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. T...	E
CVE-2016-9035	An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. T...	E
CVE-2016-9036	An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's M...	E
CVE-2016-9037	An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of...	E
CVE-2016-9038	An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea...	E
CVE-2016-9039	An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system....	E
CVE-2016-9040	An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file ...	E
CVE-2016-9041	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-2971. Reason: This candida...	R
CVE-2016-9042	An exploitable denial of service vulnerability exists in the origin timestamp check functionality of...	E M
CVE-2016-9043	An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx ...	E
CVE-2016-9044	An exploitable command execution vulnerability exists in Information Builders WebFOCUS Business Inte...	M
CVE-2016-9045	A code execution vulnerability exists in ProcessMaker Enterprise Core 3.0.1.7-community. A specially...	E
CVE-2016-9046	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...	R
CVE-2016-9047	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...	R
CVE-2016-9048	Multiple exploitable SQL Injection vulnerabilities exists in ProcessMaker Enterprise Core 3.0.1.7-co...	E
CVE-2016-9049	An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Da...	E S
CVE-2016-9050	An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality o...	E
CVE-2016-9051	An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing funct...	E S
CVE-2016-9052	An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aer...	E
CVE-2016-9053	An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle typ...	E S
CVE-2016-9054	An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aer...	E
CVE-2016-9055	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9056	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9057	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9058	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9059	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9060	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9061	A previously installed malicious Android application which defines a specific signature-level permis...	E
CVE-2016-9062	Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" a...	E
CVE-2016-9063	An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Fi...
CVE-2016-9064	Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the a...	S
CVE-2016-9065	The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, block...	E
CVE-2016-9066	A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when ...
CVE-2016-9067	Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This v...
CVE-2016-9068	A use-after-free during web animations when working with timelines resulting in a potentially exploi...
CVE-2016-9069	A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially ex...	S
CVE-2016-9070	A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrom...	S
CVE-2016-9071	Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to v...
CVE-2016-9072	When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI ...
CVE-2016-9073	WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExten...
CVE-2016-9074	An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This is...
CVE-2016-9075	An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged ...
CVE-2016-9076	An issue where a "
CVE-2016-9077	Canvas allows the use of the "feDisplacementMap" filter on images loaded cross-origin. The rendering...
CVE-2016-9078	Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "dat...	E S
CVE-2016-9079	A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulner...	KEV E
CVE-2016-9080	Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs showed evidence of memory cor...
CVE-2016-9081	Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments...	S
CVE-2016-9082	Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial...
CVE-2016-9083	drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer ...	S
CVE-2016-9084	drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, w...	S
CVE-2016-9085	Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vector...	S
CVE-2016-9086	GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project" feat...	S
CVE-2016-9087	SQL injection vulnerability in framework/modules/filedownloads/controllers/filedownloadController.ph...	S
CVE-2016-9091	Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 bef...	E M
CVE-2016-9092	The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 mana...
CVE-2016-9093	A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and ear...
CVE-2016-9094	Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended pr...
CVE-2016-9095	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9096	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9097	The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG...
CVE-2016-9098	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9099	Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6,...
CVE-2016-9100	Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 ...
CVE-2016-9101	Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators t...	S
CVE-2016-9102	Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows loc...	S
CVE-2016-9103	The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS adm...	S
CVE-2016-9104	Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/...	S
CVE-2016-9105	Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local gues...	S
CVE-2016-9106	Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local gue...	S
CVE-2016-9107	The OTR plugin for Gajim sends information in cleartext when using XHTML, which allows remote attack...	S
CVE-2016-9108	Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit...
CVE-2016-9109	Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to i...	E
CVE-2016-9111	Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass ...	E
CVE-2016-9112	Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:52...	E
CVE-2016-9113	There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. im...	E
CVE-2016-9114	There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. imag...	E
CVE-2016-9115	Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Deni...	E
CVE-2016-9116	NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denia...	E
CVE-2016-9117	NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denia...	E
CVE-2016-9118	Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2....	E
CVE-2016-9119	Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8...
CVE-2016-9120	Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel be...	S
CVE-2016-9121	go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a...	S
CVE-2016-9122	go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose library supports mes...	S
CVE-2016-9123	go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. An integer ov...	S
CVE-2016-9124	Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts....	S
CVE-2016-9125	Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifier...	S
CVE-2016-9126	Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are not properly escaped when di...	S
CVE-2016-9127	Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The password recovery f...	S
CVE-2016-9128	Revive Adserver before 3.2.3 suffers from reflected XSS. The affiliate-preview.php script in www/adm...	S
CVE-2016-9129	Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible t...	S
CVE-2016-9130	Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via th...	S
CVE-2016-9131	named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows r...	S
CVE-2016-9132	In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would ...	S
CVE-2016-9134	Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/expPaginator.php" affecting the o...	S
CVE-2016-9135	Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/framework/modules/help/controller...	S
CVE-2016-9136	Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8a8a89 allows context-dependent...	S
CVE-2016-9137	Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5....	E
CVE-2016-9138	PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processin...
CVE-2016-9139	Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.3.x before 3.3.16, 4...
CVE-2016-9140	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2016-9141	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9142	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9143	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9144	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9145	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9147	named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a de...	S
CVE-2016-9148	Cross-site scripting (XSS) vulnerability in CA Service Desk Manager (formerly CA Service Desk) 12.9 ...
CVE-2016-9149	The Addresses Object parser in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x b...
CVE-2016-9150	Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x be...	E
CVE-2016-9151	Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1....	E
CVE-2016-9152	Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote atta...	S
CVE-2016-9154	Siemens Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 for Desigo PX automation controllers PXC0...	M
CVE-2016-9155	The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41...	S
CVE-2016-9156	A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to up...
CVE-2016-9157	A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to ca...	M
CVE-2016-9158	A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU ...
CVE-2016-9159	A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU ...
CVE-2016-9160	A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS...
CVE-2016-9161	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9162	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9163	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9164	Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly...
CVE-2016-9165	The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) befor...
CVE-2016-9166	NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrad...
CVE-2016-9167	NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition bound...
CVE-2016-9168	A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0....
CVE-2016-9169	A reflected XSS vulnerability exists in the web console of the Document Viewer Agent in Novell Group...
CVE-2016-9170	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9171	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9172	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9173	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9174	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9175	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9176	Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and earlie...
CVE-2016-9177	Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a...	E S
CVE-2016-9178	The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does ...	S
CVE-2016-9179	lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the hos...
CVE-2016-9180	perl-XML-Twig: The option to `expand_external_ents`, documented as controlling external entity expan...
CVE-2016-9181	perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An atta...
CVE-2016-9182	Exponent CMS 2.4 uses PHP reflection to call a method of a controller class, and then uses the metho...	S
CVE-2016-9183	In /framework/modules/ecommerce/controllers/orderController.php of Exponent CMS 2.4.0, untrusted inp...	S
CVE-2016-9184	In /framework/modules/core/controllers/expHTMLEditorController.php of Exponent CMS 2.4.0, untrusted ...	S
CVE-2016-9185	In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct ...
CVE-2016-9186	Unrestricted file upload vulnerability in the "legacy course files" and "file manager" modules in Mo...	E
CVE-2016-9187	Unrestricted file upload vulnerability in the double extension support in the "image" module in Mood...	E
CVE-2016-9188	Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before 3.1.2 allow remote attackers t...	E
CVE-2016-9189	Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the ...	S
CVE-2016-9190	Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "craft...	S
CVE-2016-9191	The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operat...
CVE-2016-9192	A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated,...
CVE-2016-9193	A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management ...
CVE-2016-9194	A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wire...
CVE-2016-9195	A vulnerability in RADIUS Change of Authorization (CoA) request processing in the Cisco Wireless LAN...
CVE-2016-9196	A vulnerability in login authentication management in Cisco Aironet 1800, 2800, and 3800 Series Acce...
CVE-2016-9197	A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireles...
CVE-2016-9198	A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE...	M
CVE-2016-9199	A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authent...
CVE-2016-9200	A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unau...	M
CVE-2016-9201	A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allo...	M
CVE-2016-9202	A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switch...
CVE-2016-9203	A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Soft...
CVE-2016-9204	A vulnerability in the Cisco Intercloud Fabric (ICF) Director could allow an unauthenticated, remote...
CVE-2016-9205	A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauth...
CVE-2016-9206	A vulnerability in the ccmadmin page of Cisco Unified Communications Manager (CUCM) could allow an u...	M
CVE-2016-9207	A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthentica...
CVE-2016-9208	A vulnerability in the File Management Utility, the Download File form, and the Serviceability appli...
CVE-2016-9209	A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated,...
CVE-2016-9210	A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communicat...
CVE-2016-9211	A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms...	M
CVE-2016-9212	A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS So...
CVE-2016-9213	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9214	Cisco Identity Services Engine (ISE) contains a vulnerability that could allow an unauthenticated, r...
CVE-2016-9215	A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to t...
CVE-2016-9216	An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Soft...
CVE-2016-9217	A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers co...
CVE-2016-9218	A vulnerability in Cisco Hybrid Meeting Server could allow an unauthenticated, remote attacker to co...
CVE-2016-9219	A vulnerability with IPv6 UDP ingress packet processing in Cisco Wireless LAN Controller (WLC) Softw...
CVE-2016-9220	A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express ...
CVE-2016-9221	A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco...
CVE-2016-9222	A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could al...
CVE-2016-9223	A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO; formerly ...	M
CVE-2016-9224	A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to ...
CVE-2016-9225	A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA)...
CVE-2016-9226	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9227	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9228	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9229	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9230	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9231	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9232	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9233	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9234	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9235	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9236	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9237	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9238	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9239	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9240	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9241	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9242	Multiple SQL injection vulnerabilities in the update method in framework/modules/core/controllers/ex...	S
CVE-2016-9243	HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algor...	S
CVE-2016-9244	A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Ticket...	E M
CVE-2016-9245	In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profil...
CVE-2016-9246	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2016-9247	Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile...
CVE-2016-9248	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2016-9249	An undisclosed traffic pattern received by a BIG-IP Virtual Server with TCP Fast Open enabled may ca...
CVE-2016-9250	In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with ...
CVE-2016-9251	In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of ...
CVE-2016-9252	The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 an...
CVE-2016-9253	In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of se...
CVE-2016-9254	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2016-9255	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2016-9256	In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permi...
CVE-2016-9257	In F5 BIG-IP APM 12.0.0 through 12.1.2, non-authenticated users may be able to inject JavaScript int...
CVE-2016-9258	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2016-9259	Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated ...	S
CVE-2016-9260	Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 allows remote authenticated us...
CVE-2016-9261	Cross-site scripting (XSS) vulnerability in Tenable Log Correlation Engine (aka LCE) before 4.8.1 al...	S
CVE-2016-9262	Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize f...	S
CVE-2016-9263	WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remo...	M
CVE-2016-9264	Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attacker...
CVE-2016-9265	The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial...
CVE-2016-9266	listmp3.c in libming 0.4.7 allows remote attackers to unspecified impact via a crafted mp3 file, whi...
CVE-2016-9268	Unrestricted file upload vulnerability in the Blog appearance in the "Install or upgrade manually" m...	S
CVE-2016-9269	Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Se...	S
CVE-2016-9271	Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the he...
CVE-2016-9272	A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, with the rerank array parameter, ...	S
CVE-2016-9273	tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read)...
CVE-2016-9274	Untrusted search path vulnerability in Git 1.x for Windows allows local users to gain privileges via...	E S
CVE-2016-9275	Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf ...	S
CVE-2016-9276	The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote att...	S
CVE-2016-9277	Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to c...
CVE-2016-9278	The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local u...
CVE-2016-9279	Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx,...
CVE-2016-9282	SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 al...	S
CVE-2016-9283	SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attack...	S
CVE-2016-9284	getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 all...	S
CVE-2016-9285	framework/modules/addressbook/controllers/addressController.php in Exponent CMS v2.4.0 allows remote...	S
CVE-2016-9286	framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not proper...	S
CVE-2016-9287	In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untr...	S
CVE-2016-9288	In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older...	S
CVE-2016-9294	Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent...	E
CVE-2016-9296	A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null poin...	E S
CVE-2016-9297	The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of servic...	S
CVE-2016-9298	Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 a...	S
CVE-2016-9299	The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute ...	E
CVE-2016-9300	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2016-9301	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2016-9302	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2016-9303	Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbit...
CVE-2016-9304	Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbit...
CVE-2016-9305	Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted ob...
CVE-2016-9306	Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbit...
CVE-2016-9307	Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbit...
CVE-2016-9310	The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set...	M
CVE-2016-9311	ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a den...	M
CVE-2016-9312	ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of se...	M
CVE-2016-9313	security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration...	E S
CVE-2016-9314	Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan...	S
CVE-2016-9315	Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Tren...
CVE-2016-9316	Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.trend.iwss.gui.servlet.updateaccou...	S
CVE-2016-9317	The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attacke...	S
CVE-2016-9318	libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a...	E S
CVE-2016-9319	There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Ap...	S
CVE-2016-9322	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9323	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9324	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9325	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9326	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9327	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9328	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9329	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9330	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9331	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9332	An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does n...	E M
CVE-2016-9333	An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does ...	M
CVE-2016-9334	An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA,...
CVE-2016-9335	A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Indu...
CVE-2016-9336	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9337	An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version 7.1...
CVE-2016-9338	An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA,...
CVE-2016-9339	An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External i...
CVE-2016-9340	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9341	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9342	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9343	An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.0...
CVE-2016-9344	An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3...
CVE-2016-9345	An issue was discovered in Emerson DeltaV Easy Security Management DeltaV V12.3, DeltaV V12.3.1, and...
CVE-2016-9346	An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3...
CVE-2016-9347	An issue was discovered in Emerson SE4801T0X Redundant Wireless I/O Card V13.3, and SE4801T1X Simple...
CVE-2016-9348	An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
CVE-2016-9349	An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could trav...	E M
CVE-2016-9350	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9351	An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. The directory traversa...	E M
CVE-2016-9352	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9353	An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. The admin password is ...	M
CVE-2016-9354	An issue was discovered in Moxa DACenter Versions 1.4 and older. A specially crafted project file ma...	M
CVE-2016-9355	An issue was discovered in Becton, Dickinson and Company (BD) Alaris 8015 Point of Care (PC) unit, V...	M
CVE-2016-9356	An issue was discovered in Moxa DACenter Versions 1.4 and older. The application may suffer from an ...	M
CVE-2016-9357	An issue was discovered in certain legacy Eaton ePDUs -- the affected products are past end-of-life ...
CVE-2016-9358	A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal associat...	M
CVE-2016-9359	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9360	An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior...	M
CVE-2016-9361	An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
CVE-2016-9362	An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 p...
CVE-2016-9363	An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
CVE-2016-9364	An issue was discovered in Fidelix FX-20 series controllers, versions prior to 11.50.19. Arbitrary f...
CVE-2016-9365	An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
CVE-2016-9366	An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
CVE-2016-9367	An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
CVE-2016-9368	An issue was discovered in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07 and p...	M
CVE-2016-9369	An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
CVE-2016-9370	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9371	An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...
CVE-2016-9372	In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network...
CVE-2016-9373	In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-fr...
CVE-2016-9374	In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over...
CVE-2016-9375	In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, tr...
CVE-2016-9376	In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhau...
CVE-2016-9377	Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that ge...	S
CVE-2016-9378	Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that ge...	S
CVE-2016-9379	The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local p...	S
CVE-2016-9380	The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local ...	S
CVE-2016-9381	Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by cha...
CVE-2016-9382	Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM ...	S
CVE-2016-9383	Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory...	S
CVE-2016-9384	Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF sym...	S
CVE-2016-9385	The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV gu...	S
CVE-2016-9386	The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory,...	S
CVE-2016-9387	Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.9...	S
CVE-2016-9388	The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a d...	S
CVE-2016-9389	The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before 1.900.14 allow remote attackers to...	S
CVE-2016-9390	The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to caus...	S
CVE-2016-9391	The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 allows remote attackers to ca...	S
CVE-2016-9392	The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a...	S
CVE-2016-9393	The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cau...	S
CVE-2016-9394	The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to caus...	S
CVE-2016-9395	The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to caus...	S
CVE-2016-9396	The JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through 2.0.12 allows remote attackers to ...	S
CVE-2016-9397	The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denia...	S
CVE-2016-9398	The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause ...	S
CVE-2016-9399	The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial...	S
CVE-2016-9400	The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows...	S
CVE-2016-9401	popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a...
CVE-2016-9402	SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and My...	S
CVE-2016-9403	newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows re...	S
CVE-2016-9404	Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge S...	S
CVE-2016-9405	Cross-site scripting (XSS) vulnerability in member validation in MyBB (aka MyBulletinBoard) before 1...	S
CVE-2016-9406	Cross-site scripting (XSS) vulnerability in the User control panel in MyBB (aka MyBulletinBoard) bef...	S
CVE-2016-9407	Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge S...	S
CVE-2016-9408	Cross-site scripting (XSS) vulnerability in the Mod control panel in MyBB (aka MyBulletinBoard) befo...	S
CVE-2016-9409	Cross-site scripting (XSS) vulnerability in the Admin control panel in MyBB (aka MyBulletinBoard) be...	S
CVE-2016-9410	MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attack...	S
CVE-2016-9411	The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8....	S
CVE-2016-9412	MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have u...	S
CVE-2016-9413	The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8....	S
CVE-2016-9414	MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to...	S
CVE-2016-9415	MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows all...	S
CVE-2016-9416	SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and...	S
CVE-2016-9417	The fetch_remote_file function in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System befo...	S
CVE-2016-9418	MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows mig...	S
CVE-2016-9419	Cross-site scripting (XSS) vulnerability in the Admin control panel in MyBB (aka MyBulletinBoard) be...
CVE-2016-9420	MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to...	S
CVE-2016-9421	Cross-site scripting (XSS) vulnerability in the Users module in the Admin control panel in MyBB (aka...	S
CVE-2016-9422	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag functi...	S
CVE-2016-9423	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflo...	S
CVE-2016-9424	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly vali...	S
CVE-2016-9425	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflo...	S
CVE-2016-9426	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Integer overflow vulnerab...	S
CVE-2016-9427	Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc ...	S
CVE-2016-9428	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflo...	S
CVE-2016-9429	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Buffer overflow in the fo...	S
CVE-2016-9430	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attacke...	S
CVE-2016-9431	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulner...	S
CVE-2016-9432	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attacke...	S
CVE-2016-9433	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attacke...	S
CVE-2016-9434	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attacke...	S
CVE-2016-9435	The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize val...	S
CVE-2016-9436	parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote...	S
CVE-2016-9437	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attacke...	S
CVE-2016-9438	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attacke...	S
CVE-2016-9439	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulner...	S
CVE-2016-9440	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attacke...	S
CVE-2016-9441	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attacke...	S
CVE-2016-9442	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attacke...	S
CVE-2016-9443	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attacke...	S
CVE-2016-9444	named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows r...	S
CVE-2016-9445	Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of s...
CVE-2016-9446	The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attacke...
CVE-2016-9447	The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of ...
CVE-2016-9448	The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of servic...
CVE-2016-9449	The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated ...	S
CVE-2016-9450	The user password reset form in Drupal 8.x before 8.2.3 allows remote attackers to conduct cache poi...	S
CVE-2016-9451	Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduc...	S
CVE-2016-9452	The transliterate mechanism in Drupal 8.x before 8.2.3 allows remote attackers to cause a denial of ...	S
CVE-2016-9453	The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of se...
CVE-2016-9454	Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via th...	S
CVE-2016-9455	Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). A number of scripts in ...	S
CVE-2016-9456	Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The Revive Adserver tea...	S
CVE-2016-9457	Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to refl...	S
CVE-2016-9458	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9459	Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a log pollution vuln...	E S
CVE-2016-9460	Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a content-spoofing a...	E S
CVE-2016-9461	Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check ...	E S
CVE-2016-9462	Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore pri...	E S
CVE-2016-9463	Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer fr...	E S
CVE-2016-9464	Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on removing s...	E S
CVE-2016-9465	Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Stored XSS in Ca...	E S
CVE-2016-9466	Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Reflected XSS in...	E S
CVE-2016-9467	Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from conte...	E S
CVE-2016-9468	Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from conte...	E S
CVE-2016-9469	Multiple versions of GitLab expose a dangerous method to any authenticated user that could lead to t...	E S
CVE-2016-9470	Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. `www/delivery/asyncspc....	S
CVE-2016-9471	Revive Adserver before 3.2.5 and 4.0.0 suffers from Special Element Injection. Usernames weren't pro...	S
CVE-2016-9472	Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS. The Revive Adserver web installer...	S
CVE-2016-9473	Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Addres...	E
CVE-2016-9474	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9475	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9476	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9477	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9478	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9479	The "lost password" functionality in b2evolution before 6.7.9 allows remote attackers to reset arbit...	S
CVE-2016-9480	libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a de...	S
CVE-2016-9481	In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id inp...	E
CVE-2016-9482	PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to authentication bypass	S
CVE-2016-9483	PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to unsafe deserialization of untrusted data	S
CVE-2016-9484	PHP FormMail Generator generates PHP code for standard web forms, and the code generated does not properly validate user input folder directories and is vulnerable to path traversal	S
CVE-2016-9485	On Windows endpoints, the SecureConnector agent is vulnerable to privilege escalation whereby an authenticated unprivileged user can obtain administrator privileges on the endpoint because it fails to set any permissions on downloaded file objects	S
CVE-2016-9486	On Windows endpoints, the SecureConnector agent is vulnerable to privilege escalation whereby an authenticated unprivileged user can obtain administrator privileges on the endpoint because files are created in a folder with incorrect privileges	S
CVE-2016-9487	EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks	S
CVE-2016-9488	ManageEngine Applications Manager versions 12 and 13 suffer from remote SQL injection vulnerabilities
CVE-2016-9489	ManageEngine Applications Manager 12 and 13 is vulnerable to privilege escalation and authentication bypass
CVE-2016-9490	ManageEngine Applications Manager versions 12 and 13 suffer from a Reflected Cross-Site Scripting vulnerability
CVE-2016-9491	ManageEngine Applications Manager 12 and 13 is vulnerable to privilege escalation due to improper restriction of an XML external entity
CVE-2016-9492	PHP forms generated using the PHP FormMail Generator are vulnerable to unrestricted upload of dangerous file types
CVE-2016-9493	PHP forms generated using the PHP FormMail Generator are vulnerable to stored cross-site scripting
CVE-2016-9494	Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation, potentially leading to denial of service
CVE-2016-9495	Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials
CVE-2016-9496	Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication to access certain pages
CVE-2016-9497	Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel
CVE-2016-9498	ManageEngine Applications Manager 12 and 13, allows unserialization of unsafe Java objects
CVE-2016-9499	The Accellion FTP server prior to version FTA_9_12_220 is vulnerable to cross-site scripting.	E S
CVE-2016-9500	The Accellion FTP server prior to version FTA_9_12_220 is vulnerable to informaiton exposure	E S
CVE-2016-9501	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9502	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9503	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9504	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9505	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9506	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9507	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9508	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9509	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9510	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9511	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9512	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9513	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9514	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9515	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9516	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9517	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9518	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9519	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9520	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9521	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9522	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9523	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9524	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9525	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9526	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9527	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9528	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9529	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9530	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9531	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9532	Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 a...	S
CVE-2016-9533	tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. R...	S
CVE-2016-9534	tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't res...	E S
CVE-2016-9535	tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures...	S
CVE-2016-9536	tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers ...	S
CVE-2016-9537	tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. Reported as MS...	S
CVE-2016-9538	tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because ...	S
CVE-2016-9539	tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported...	S
CVE-2016-9540	tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versu...	S
CVE-2016-9553	The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabili...	E
CVE-2016-9554	The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Rem...	E
CVE-2016-9555	The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-le...	S
CVE-2016-9556	The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attacke...	S
CVE-2016-9557	Integer overflow in jas_image.c in JasPer before 1.900.25 allows remote attackers to cause a denial ...	S
CVE-2016-9558	(1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote a...	E S
CVE-2016-9559	coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NU...	S
CVE-2016-9560	Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900....	E S
CVE-2016-9561	The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote atta...
CVE-2016-9562	SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer excepti...
CVE-2016-9563	BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML Externa...	KEV
CVE-2016-9564	Buffer overflow in send_redirect() in Boa Webserver 0.92r allows remote attackers to DoS via an HTTP...	E
CVE-2016-9565	MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attacke...	E
CVE-2016-9566	base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagio...	E S
CVE-2016-9567	The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restric...
CVE-2016-9568	A security design issue can allow an unprivileged user to interact with the Carbon Black Sensor and ...	E
CVE-2016-9569	The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to caus...
CVE-2016-9570	cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service (out-of-bounds read...
CVE-2016-9571	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9606. Reason: This candida...	R
CVE-2016-9572	A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Du...	E S
CVE-2016-9573	An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Convertin...	E S
CVE-2016-9574	nss before version 3.30 is vulnerable to a remote denial of service during the session handshake whe...	E S
CVE-2016-9575	Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's perm...
CVE-2016-9576	The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not prope...	S
CVE-2016-9577	A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authent...
CVE-2016-9578	A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacke...
CVE-2016-9579	A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS...	E S
CVE-2016-9580	An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in h...	E S
CVE-2016-9581	An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P...	E S
CVE-2016-9582	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9583	An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper befor...	E S
CVE-2016-9584	libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap...
CVE-2016-9585	Red Hat JBoss EAP version 5 is vulnerable to a deserialization of untrusted data in the JMX endpoint...
CVE-2016-9586	curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point outp...	S
CVE-2016-9587	Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's hand...	E
CVE-2016-9588	arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allo...	S
CVE-2016-9589	Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resul...
CVE-2016-9590	puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat Open...	S
CVE-2016-9591	JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 20...	E
CVE-2016-9592	openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to det...
CVE-2016-9593	foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker ...
CVE-2016-9594	curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function t...
CVE-2016-9595	A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure tem...	S
CVE-2016-9596	libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent ...
CVE-2016-9597	It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actua...
CVE-2016-9598	libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denia...
CVE-2016-9599	puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables ...
CVE-2016-9600	JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded cr...	S
CVE-2016-9601	ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ...
CVE-2016-9602	Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A pr...
CVE-2016-9603	A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver s...
CVE-2016-9604	It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an interna...	S
CVE-2016-9605	A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid paramete...
CVE-2016-9606	JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, result...
CVE-2016-9607	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9608	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9609	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9610	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9611	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9612	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9613	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9614	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9615	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9616	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9617	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9618	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9619	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9620	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9621	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9429. Reason: This candida...	R
CVE-2016-9622	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attacke...	S
CVE-2016-9623	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attacke...	S
CVE-2016-9624	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attacke...	S
CVE-2016-9625	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulner...	S
CVE-2016-9626	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulner...	S
CVE-2016-9627	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attacke...	S
CVE-2016-9628	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attacke...	S
CVE-2016-9629	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attacke...	S
CVE-2016-9630	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attacke...	S
CVE-2016-9631	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attacke...	S
CVE-2016-9632	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attacke...	S
CVE-2016-9633	An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attacke...	S
CVE-2016-9634	Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC d...	E
CVE-2016-9635	Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC d...	E
CVE-2016-9636	Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC d...	E
CVE-2016-9637	The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model withi...
CVE-2016-9638	In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. Howeve...	E S
CVE-2016-9639	Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related t...
CVE-2016-9642	JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via...
CVE-2016-9643	The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consump...
CVE-2016-9644	The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4...
CVE-2016-9645	Editing restriction bypass for git revert
CVE-2016-9646	Commit metadata forgery via CGI::FormBuilder context-dependent APIs
CVE-2016-9647	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual...	R
CVE-2016-9648	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual...	R
CVE-2016-9649	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual...	R
CVE-2016-9650	Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Androi...
CVE-2016-9651	A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55....	E
CVE-2016-9652	Multiple unspecified vulnerabilities in Google Chrome before 55.0.2883.75....
CVE-2016-9653	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9654	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9655	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9656	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9657	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9658	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9659	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9660	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9661	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9662	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9663	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9664	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9665	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9666	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9667	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9668	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9669	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9670	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9671	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9672	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9673	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9674	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9675	openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k ...	S
CVE-2016-9676	Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary co...
CVE-2016-9677	Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive kernel address informa...
CVE-2016-9678	Use-after-free vulnerability in Citrix Provisioning Services before 7.12 allows attackers to execute...
CVE-2016-9679	Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a...
CVE-2016-9680	Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kerne...
CVE-2016-9681	Multiple cross-site scripting (XSS) vulnerabilities in Serendipity before 2.0.5 allow remote authent...	E S
CVE-2016-9682	The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command...	E
CVE-2016-9683	The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command I...
CVE-2016-9684	The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command I...
CVE-2016-9685	Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allo...	S
CVE-2016-9686	The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attac...
CVE-2016-9687	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9688	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9689	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9690	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9691	IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused by a...	S
CVE-2016-9692	IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to External Service Interaction att...	S
CVE-2016-9693	IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to ...	S
CVE-2016-9694	IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows u...	S
CVE-2016-9696	IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A remote attacker could inject ma...	S
CVE-2016-9697	An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to perform...	S
CVE-2016-9698	IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External En...	S
CVE-2016-9700	IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error...
CVE-2016-9701	IBM Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows u...
CVE-2016-9703	IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow...	S
CVE-2016-9704	IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. This vulnerab...	S
CVE-2016-9706	IBM Integration Bus 9.0 and 10.0 and WebSphere Message Broker SOAP FLOWS is vulnerable to a denial o...	S
CVE-2016-9707	IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection...	S
CVE-2016-9710	IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrar...	S
CVE-2016-9711	IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) reveals sensitive information in det...
CVE-2016-9714	IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to...	S
CVE-2016-9715	IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross...	S
CVE-2016-9716	IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross...	S
CVE-2016-9717	HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. 11.0....	S
CVE-2016-9718	IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 is vulnerable to...	S
CVE-2016-9719	IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 could allow a re...	S
CVE-2016-9720	IBM QRadar 7.2 discloses sensitive information to unauthorized users. The information can be used to...	S
CVE-2016-9722	IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows t...	E
CVE-2016-9723	IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbit...	S
CVE-2016-9724	IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE...	S
CVE-2016-9725	IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sharing (CORS), which is a mechan...	S
CVE-2016-9726	IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary c...	S
CVE-2016-9727	IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the syst...	S
CVE-2016-9728	IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL st...	S
CVE-2016-9729	IBM QRadar 7.2 does not perform an authentication check for a critical resource or functionality all...	S
CVE-2016-9730	IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an a...	S
CVE-2016-9731	IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users ...	S
CVE-2016-9732	IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting. Thi...	S
CVE-2016-9733	IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability al...
CVE-2016-9735	IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack tra...
CVE-2016-9736	IBM WebSphere Application Server using malformed SOAP requests could allow a remote attacker to obta...	S
CVE-2016-9737	IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users...	S
CVE-2016-9738	IBM QRadar 7.2 and 7.3 does not require that users should have strong passwords by default, which ma...	S
CVE-2016-9739	IBM Security Identity Manager Virtual Appliance stores user credentials in plain in clear text which...	S
CVE-2016-9740	IBM QRadar 7.2 could allow a remote attacker to consume all resources on the server due to not prope...	S
CVE-2016-9746	IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability al...
CVE-2016-9747	IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to ...	S
CVE-2016-9748	IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response mes...	S
CVE-2016-9749	IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local...	S
CVE-2016-9750	IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text which can be read by an authen...
CVE-2016-9751	Cross-site scripting (XSS) vulnerability in the search results front end in Piwigo 2.8.3 allows remo...	S
CVE-2016-9752	In Serendipity before 2.0.5, an attacker can bypass SSRF protection by using a malformed IP address ...	S
CVE-2016-9754	The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linu...	E S
CVE-2016-9755	The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows loca...	S
CVE-2016-9756	arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (...	S
CVE-2016-9757	In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user interface, any authenticated user ...
CVE-2016-9758	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9759	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9760	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9761	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9762	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9763	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9764	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9765	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9766	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9767	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9768	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9769	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9770	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9771	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9772	OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vec...	S
CVE-2016-9773	Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick...	S
CVE-2016-9774	The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0....
CVE-2016-9775	The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45...
CVE-2016-9776	QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulne...	S
CVE-2016-9777	KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU...	S
CVE-2016-9778	An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c	S
CVE-2016-9779	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9780	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9781	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9782	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9783	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9784	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9785	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9786	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9787	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9788	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9789	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9790	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9791	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9792	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9793	The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negativ...	S
CVE-2016-9794	Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem ...	S
CVE-2016-9795	The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA S...
CVE-2016-9796	Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be querie...	E
CVE-2016-9797	In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" so...	E
CVE-2016-9798	In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" sour...	E
CVE-2016-9799	In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file...	E
CVE-2016-9800	In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci...	E
CVE-2016-9801	In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" s...	E
CVE-2016-9802	In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" so...	E
CVE-2016-9803	In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci...	E
CVE-2016-9804	In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" so...	E
CVE-2016-9806	Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4...	S
CVE-2016-9807	The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attac...	S
CVE-2016-9808	The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (ou...	E
CVE-2016-9809	Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote at...
CVE-2016-9810	The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer b...
CVE-2016-9811	The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is s...
CVE-2016-9812	The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote a...
CVE-2016-9813	The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to c...	E
CVE-2016-9814	The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesaml...
CVE-2016-9815	Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sendi...	S
CVE-2016-9816	Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vect...	S
CVE-2016-9817	Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vect...	S
CVE-2016-9818	Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vect...	S
CVE-2016-9819	libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) vi...	E
CVE-2016-9820	libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (cr...	E
CVE-2016-9821	Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a d...	E
CVE-2016-9822	Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial o...	E
CVE-2016-9823	libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash...	E
CVE-2016-9824	Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial...	E
CVE-2016-9825	libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via ve...	E
CVE-2016-9826	libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) v...	E
CVE-2016-9827	The _iprintf function in outputtxt.c in the listswf tool in libming 0.4.7 allows remote attackers to...	E
CVE-2016-9828	The dumpBuffer function in read.c in the listswf tool in libming 0.4.7 allows remote attackers to ca...	E
CVE-2016-9829	Heap-based buffer overflow in the parseSWF_DEFINEFONT function in parser.c in the listswf tool in li...	E
CVE-2016-9830	The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a d...	S
CVE-2016-9831	Heap-based buffer overflow in the parseSWF_RGBA function in parser.c in the listswf tool in libming ...	E
CVE-2016-9832	PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to...	E
CVE-2016-9834	An XSS vulnerability allows remote attackers to execute arbitrary client side script on vulnerable i...
CVE-2016-9835	Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x before 1.3.11 and 1.4.x before ...	S
CVE-2016-9836	The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consi...	E
CVE-2016-9837	An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3....	S
CVE-2016-9838	An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Inc...	E S
CVE-2016-9839	In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive informat...
CVE-2016-9840	inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by lever...	S
CVE-2016-9841	inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by levera...
CVE-2016-9842	The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have ...	S
CVE-2016-9843	The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unsp...
CVE-2016-9844	Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers ...
CVE-2016-9845	QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an info...	S
CVE-2016-9846	QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memor...	S
CVE-2016-9847	An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encr...	S
CVE-2016-9848	An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP information including values ...	S
CVE-2016-9849	An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers...	S
CVE-2016-9850	An issue was discovered in phpMyAdmin. Username matching for the allow/deny rules may result in wron...	S
CVE-2016-9851	An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypa...	S
CVE-2016-9852	An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an une...	S
CVE-2016-9853	An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an une...	S
CVE-2016-9854	An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an une...	S
CVE-2016-9855	An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an une...	S
CVE-2016-9856	An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016...	S
CVE-2016-9857	An issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression...	S
CVE-2016-9858	An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to init...	S
CVE-2016-9859	An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to init...	S
CVE-2016-9860	An issue was discovered in phpMyAdmin. An unauthenticated user can execute a denial of service attac...	S
CVE-2016-9861	An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to byp...	S
CVE-2016-9862	An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode ...	S
CVE-2016-9863	An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it ...	S
CVE-2016-9864	An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to i...	S
CVE-2016-9865	An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to...	S
CVE-2016-9866	An issue was discovered in phpMyAdmin. When the arg_separator is different from its default & value,...	S
CVE-2016-9867	An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may ...
CVE-2016-9868	An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may ...
CVE-2016-9869	An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI d...
CVE-2016-9870	EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon O...	M
CVE-2016-9871	EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, E...
CVE-2016-9872	EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has Reflected Cross-Site Scripting V...
CVE-2016-9873	EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability th...
CVE-2016-9874	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual...	R
CVE-2016-9875	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual...	R
CVE-2016-9876	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual...	R
CVE-2016-9877	An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for...	M
CVE-2016-9878	An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x bef...
CVE-2016-9879	An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x befo...
CVE-2016-9880	The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x before 1.7.1 has multiple API endp...
CVE-2016-9881	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9882	An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-relea...	S
CVE-2016-9883	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9884	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9885	An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x versions ...
CVE-2016-9886	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual...	R
CVE-2016-9888	An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File ...	S
CVE-2016-9889	Some forms with the parameter geo_zoomlevel_to_found_location in Tiki Wiki CMS 12.x before 12.10 LTS...
CVE-2016-9891	Cross-site scripting (XSS) vulnerability in admin/media.php and admin/media_item.php in Dotclear bef...	S
CVE-2016-9892	The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security...	E
CVE-2016-9893	Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory c...
CVE-2016-9894	A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers w...
CVE-2016-9895	Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) th...	E S
CVE-2016-9896	Use-after-free while manipulating the "navigator" object within WebVR. Note: WebVR is not currently ...	E
CVE-2016-9897	Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector...	E S
CVE-2016-9898	Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Edit...	E
CVE-2016-9899	Use-after-free while manipulating DOM events and removing audio elements due to errors in the handli...	E
CVE-2016-9900	External resources that should be blocked when loaded by SVG images can bypass security restrictions...	E S
CVE-2016-9901	HTML tags received from the Pocket server will be processed without sanitization and any JavaScript ...	S
CVE-2016-9902	The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not...	E S
CVE-2016-9903	Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an ad...	S
CVE-2016-9904	An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by ano...	S
CVE-2016-9905	A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. T...	E S
CVE-2016-9906	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9907	Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leak...	S
CVE-2016-9908	Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an informat...	S
CVE-2016-9909	The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scri...	S
CVE-2016-9910	The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scri...	S
CVE-2016-9911	Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage is...	S
CVE-2016-9912	Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory le...	S
CVE-2016-9913	Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator...	S
CVE-2016-9914	Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to c...	S
CVE-2016-9915	Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS use...	S
CVE-2016-9916	Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS user...	S
CVE-2016-9917	In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file....	E
CVE-2016-9918	In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet....	E
CVE-2016-9919	The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check ...	S
CVE-2016-9920	steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is con...	E
CVE-2016-9921	Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide...	S
CVE-2016-9922	The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus gra...	S
CVE-2016-9923	Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free iss...	S
CVE-2016-9924	Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity...
CVE-2016-9928	MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercep...	E S
CVE-2016-9932	CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obt...	S
CVE-2016-9933	Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Libra...	S
CVE-2016-9934	ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial...
CVE-2016-9935	The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 all...	S
CVE-2016-9936	The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attacker...	E S
CVE-2016-9937	An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 1...	S
CVE-2016-9938	An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x b...	M
CVE-2016-9939	Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The...	S
CVE-2016-9941	Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote...
CVE-2016-9942	Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote se...
CVE-2016-9949	An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and...	E S
CVE-2016-9950	An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash...	E S
CVE-2016-9951	An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart...	E S
CVE-2016-9952	The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built ...
CVE-2016-9953	The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built ...
CVE-2016-9954	The backtrack compilation code in the Irregex package (aka IrRegular Expressions) before 0.9.6 for S...	S
CVE-2016-9955	The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote at...
CVE-2016-9956	The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files ...	S
CVE-2016-9957	Stack-based buffer overflow in game-music-emu before 0.6.1....	E S
CVE-2016-9958	game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations....	E S
CVE-2016-9959	game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values....	E S
CVE-2016-9960	game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and proc...	E
CVE-2016-9961	game-music-emu before 0.6.1 mishandles unspecified integer values....	E
CVE-2016-9962	RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the contai...	S
CVE-2016-9963	Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors r...	M
CVE-2016-9964	redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF at...	S
CVE-2016-9965	Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note ...
CVE-2016-9966	Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note ...
CVE-2016-9967	Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note ...
CVE-2016-9969	In libwebp 0.5.1, there is a double free bug in libwebpmux....	E
CVE-2016-9972	IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain sensitive information, caused by the ...	S
CVE-2016-9973	IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed ...
CVE-2016-9975	IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which ...	S
CVE-2016-9976	IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary fil...	S
CVE-2016-9977	IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to hijack a user's sessi...	S
CVE-2016-9978	IBM Curam Social Program Management 5.2, 6.0, and 7.0 could allow an authenticated attacker to discl...	S
CVE-2016-9979	IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vu...	S
CVE-2016-9980	IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vu...	S
CVE-2016-9981	IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an attacke...	S
CVE-2016-9982	IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensiti...	S
CVE-2016-9983	IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special priv...	S
CVE-2016-9984	IBM Maximo Asset Management 7.5 and 7.6 could allow a remote authenticated attacker to execute arbit...
CVE-2016-9985	IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be rea...	S
CVE-2016-9986	IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This ...
CVE-2016-9987	IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This ...
CVE-2016-9988	IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This ...
CVE-2016-9989	IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This ...
CVE-2016-9990	IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to emb...	S
CVE-2016-9991	IBM Sterling Order Management 9.2 through 9.5 is vulnerable to cross-site request forgery which coul...	S
CVE-2016-9992	IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker c...	S
CVE-2016-9993	IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker c...	S
CVE-2016-9994	IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker c...	S
CVE-2016-9995	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9996	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2016-9997	SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/puce_statut.p...	S
CVE-2016-9998	SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/info_plugin.ph...	S