Total
1752 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8010 | 1 Mcafee | 2 Application Control, Endpoint Security | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. | |||||
| CVE-2016-8007 | 1 Mcafee | 1 Host Intrusion Prevention Services | 2024-11-21 | 3.0 LOW | 6.3 MEDIUM |
| Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific conditions. | |||||
| CVE-2016-7967 | 1 Kde | 1 Kmail | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled. | |||||
| CVE-2016-7952 | 2 Fedoraproject, X.org | 2 Fedora, Libxtst | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data. | |||||
| CVE-2016-7946 | 2 Fedoraproject, X.org | 2 Fedora, Libxi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields. | |||||
| CVE-2016-7833 | 1 Cybozu | 1 Dezie | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. | |||||
| CVE-2016-7824 | 1 Buffalotech | 2 Wnc01wh, Wnc01wh Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors. | |||||
| CVE-2016-7811 | 1 Corega | 2 Cg-wlr300nx, Cg-wlr300nx Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors. | |||||
| CVE-2016-7807 | 1 Iodata | 2 Wfs-sr01, Wfs-sr01 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors. | |||||
| CVE-2016-7801 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors. | |||||
| CVE-2016-7794 | 1 Sociomantic | 1 Git-hub | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository name. | |||||
| CVE-2016-7793 | 1 Sociomantic | 1 Git-hub | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository URL. | |||||
| CVE-2016-7792 | 1 Ubiquiti Networks | 2 Unifi Ap Ac Lite, Unifi Ap Ac Lite Firmware | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it. | |||||
| CVE-2016-7565 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via shell metacharacters in the sc array parameter. | |||||
| CVE-2016-7545 | 3 Fedoraproject, Redhat, Selinux Project | 7 Fedora, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
| SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | |||||
| CVE-2016-7468 | 1 F5 | 10 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 7 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpprogressive db variable value is set to non-default setting "enabled". The default value for the tm.tcpprogressive db variable is "negotiate". An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group. | |||||
| CVE-2016-7408 | 1 Dropbear Ssh Project | 1 Dropbear Ssh | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted (1) -m or (2) -c argument. | |||||
| CVE-2016-7248 | 1 Microsoft | 5 Windows 10, Windows 7, Windows 8.1 and 2 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Video Control Remote Code Execution Vulnerability." | |||||
| CVE-2016-7247 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow physically proximate attackers to bypass the Secure Boot protection mechanism via a crafted boot policy, aka "Secure Boot Component Vulnerability." | |||||
| CVE-2016-7244 | 1 Microsoft | 1 Office | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability." | |||||