2016 CVEs
10645 CVEs published in 2016. 1371 critical, 4071 high. Browse by vendor, severity, or with PoCs.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-20010 | Critical | 10.0 | 2021-05-05 | EWWW Image Optimizer before 2.8.5 allows remote command execution because it relies on a protection mechanism involving boolval, which is unavailable before PH… |
CVE-2016-10927 | Critical | 10.0 | 2019-08-22 | The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php. |
CVE-2016-10926 | Critical | 10.0 | 2019-08-22 | The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php. |
CVE-2016-9335 | Critical | 10.0 | 2018-05-09 | A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Industrial Switches running firmware Version 5.0.196 and Stride… |
CVE-2016-0898 | Critical | 10.0 | 2018-03-29 | MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component l… |
CVE-2016-8027 | Critical | 10.0 | 2017-03-14 | SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to al… |
CVE-2016-9343 | Critical | 10.0 | 2017-02-13 | An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to F… |
CVE-2016-8363 | Critical | 10.0 | 2017-02-13 | An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2… |
CVE-2016-8352 | Critical | 10.0 | 2017-02-13 | An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFE… |
CVE-2016-8938 | Critical | 10.0 | 2017-02-01 | IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be execute… |
CVE-2016-6082 | Critical | 10.0 | 2017-02-01 | IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race condition. An attacker could exploit… |
CVE-2016-10043 | Critical | 10.0 | 2017-01-31 | An issue was discovered in Radisys MRF Web Panel (SWMS) 9.0.1. The MSM_MACRO_NAME POST parameter in /swms/ms.cgi was discovered to be vulnerable to OS command… |
CVE-2016-7457 | Critical | 10.0 | 2016-12-29 | VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecif… |
CVE-2016-5788 | Critical | 10.0 | 2016-11-25 | General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote a… |
CVE-2016-4787 | Critical | 10.0 | 2016-05-26 | Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read sensitive system authe… |
CVE-2016-1044 | Critical | 10.0 | 2016-05-11 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016… |
CVE-2016-1041 | Critical | 10.0 | 2016-05-11 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016… |
CVE-2016-1038 | Critical | 10.0 | 2016-05-11 | Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016… |
CVE-2016-1343 | Critical | 10.0 | 2016-04-30 | The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service (CPU and memory consumption)… |
CVE-2016-1505 | Critical | 10.0 | 2016-02-03 | The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrate… |