Total
323594 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-8485 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An information disclosure vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823681. | ||||
| CVE-2016-8484 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823575. | ||||
| CVE-2016-8482 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482. | ||||
| CVE-2016-8390 | 1 Cryptic-apps | 1 Hopper Disassembler | 2024-11-21 | 7.8 High |
| An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file with specific section headers to trigger this vulnerability. | ||||
| CVE-2016-8384 | 1 Marklogic | 1 Marklogic | 2024-11-21 | 8.8 High |
| An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter. | ||||
| CVE-2016-8383 | 1 Marklogic | 1 Marklogic | 2024-11-21 | 8.8 High |
| An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger this vulnerability. | ||||
| CVE-2016-8382 | 1 Marklogic | 1 Marklogic | 2024-11-21 | N/A |
| An exploitable heap corruption vulnerability exists in the Doc_SetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a malicious doc file to trigger this vulnerability. | ||||
| CVE-2016-8380 | 1 Phoenixcontact | 2 Ilc Plcs, Ilc Plcs Firmware | 2024-11-21 | N/A |
| The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication. | ||||
| CVE-2016-8371 | 1 Phoenixcontact | 2 Ilc Plcs, Ilc Plcs Firmware | 2024-11-21 | N/A |
| The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled. | ||||
| CVE-2016-8366 | 1 Phoenixcontact | 2 Ilc Plcs, Ilc Plcs Firmware | 2024-11-21 | N/A |
| Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text. | ||||
| CVE-2016-8365 | 1 Osisoft | 4 Pi Af Client, Pi Buffer Subsystem, Pi Data Archive and 1 more | 2024-11-21 | N/A |
| OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and including, Version 4.4; and PI Data Archive versions prior to PI Data Archive 2015, Version 3.4.395.64) operates between endpoints without a complete model of endpoint features potentially causing the product to perform actions based on this incomplete model, which could result in a denial of service. OSIsoft reports that in order to exploit the vulnerability an attacker would need to be locally connected to a server. A CVSS v3 base score of 7.1 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) | ||||
| CVE-2016-8220 | 1 Pivotal Software | 1 Gemfire | 2024-11-21 | N/A |
| Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x prior to 1.7.1.0, contain an information disclosure vulnerability. The application inadvertently exposed WAN replication credentials at a public route. | ||||
| CVE-2016-7576 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. | ||||
| CVE-2016-7550 | 1 Digium | 1 Asterisk | 2024-11-21 | N/A |
| asterisk 13.10.0 is affected by: denial of service issues in asterisk. The impact is: cause a denial of service (remote). | ||||
| CVE-2016-7524 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 6.5 Medium |
| coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | ||||
| CVE-2016-7523 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 6.5 Medium |
| coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | ||||
| CVE-2016-7475 | 1 F5 | 8 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Application Acceleration Manager and 5 more | 2024-11-21 | N/A |
| Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles. | ||||
| CVE-2016-7472 | 1 F5 | 1 Big-ip Application Security Manager | 2024-11-21 | N/A |
| F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request. | ||||
| CVE-2016-7443 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | N/A |
| Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location." | ||||
| CVE-2016-7404 | 1 Openstack | 1 Magnum | 2024-11-21 | N/A |
| OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform. | ||||