CWE-16

316 CVEs classified under CWE-16. Browse by severity and year.

Top CVEs for CWE-16
CVESeverityScorePublishedSummary
CVE-2024-46909Critical9.82024-12-02In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the se…
CVE-2018-11922Critical9.82024-11-26Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
CVE-2021-20032Critical9.82021-08-10SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to R…
CVE-2019-3949Critical9.82019-07-09Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This cou…
CVE-2019-3939Critical9.82019-04-30Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. An un…
CVE-2018-15386Critical9.82018-10-05A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct una…
CVE-2015-9197Critical9.82018-04-18In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MS…
CVE-2016-10388Critical9.82017-08-18In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application.
CVE-2017-6639Critical9.82017-06-08A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote…
CVE-2023-39385Critical9.12023-08-13Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access.
CVE-2017-12249Critical9.12017-09-13A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain u…
CVE-2025-12221High8.82025-10-25Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVE-2021-22957High8.82021-11-24A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a…
CVE-2022-37397High8.32022-08-12An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When anonymous or unauthenticat…
CVE-2022-29095High8.32022-06-10Dell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1 and prior) contain a cross-site scripti…
CVE-2018-0262High8.12018-05-02A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or sensitive information…
CVE-2010-0386High8.12010-01-25The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to ste…
CVE-2022-33233High7.82023-02-12Memory corruption due to configuration weakness in modem wile sending command to write protected files.
CVE-2020-8351High7.82020-11-30A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with…
CVE-2017-3210High7.82018-07-24Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A n…