CWE-16
316 CVEs classified under CWE-16. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-46909 | Critical | 9.8 | 2024-12-02 | In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the se… |
CVE-2018-11922 | Critical | 9.8 | 2024-11-26 | Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. |
CVE-2021-20032 | Critical | 9.8 | 2021-08-10 | SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to R… |
CVE-2019-3949 | Critical | 9.8 | 2019-07-09 | Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This cou… |
CVE-2019-3939 | Critical | 9.8 | 2019-04-30 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. An un… |
CVE-2018-15386 | Critical | 9.8 | 2018-10-05 | A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct una… |
CVE-2015-9197 | Critical | 9.8 | 2018-04-18 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MS… |
CVE-2016-10388 | Critical | 9.8 | 2017-08-18 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application. |
CVE-2017-6639 | Critical | 9.8 | 2017-06-08 | A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote… |
CVE-2023-39385 | Critical | 9.1 | 2023-08-13 | Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access. |
CVE-2017-12249 | Critical | 9.1 | 2017-09-13 | A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain u… |
CVE-2025-12221 | High | 8.8 | 2025-10-25 | Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. |
CVE-2021-22957 | High | 8.8 | 2021-11-24 | A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a… |
CVE-2022-37397 | High | 8.3 | 2022-08-12 | An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When anonymous or unauthenticat… |
CVE-2022-29095 | High | 8.3 | 2022-06-10 | Dell SupportAssist Client Consumer versions (3.10.4 and prior) and Dell SupportAssist Client Commercial versions (3.1.1 and prior) contain a cross-site scripti… |
CVE-2018-0262 | High | 8.1 | 2018-05-02 | A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or sensitive information… |
CVE-2010-0386 | High | 8.1 | 2010-01-25 | The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to ste… |
CVE-2022-33233 | High | 7.8 | 2023-02-12 | Memory corruption due to configuration weakness in modem wile sending command to write protected files. |
CVE-2020-8351 | High | 7.8 | 2020-11-30 | A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with… |
CVE-2017-3210 | High | 7.8 | 2018-07-24 | Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A n… |