Total
11158 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2125 | 2 Redhat, Samba | 8 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus and 5 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. | |||||
| CVE-2016-2031 | 2 Arubanetworks, Siemens | 5 Airwave, Aruba Instant, Arubaos and 2 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code. | |||||
| CVE-2016-1586 | 1 Oxide Project | 1 Oxide | 2024-11-21 | 5.0 MEDIUM | 1.8 LOW |
| A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3. | |||||
| CVE-2016-11067 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang. | |||||
| CVE-2016-11053 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| An issue was discovered on Samsung mobile devices with software through 2015-11-11 (supporting FRP/RL). There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2015-5131 (January 2016). | |||||
| CVE-2016-11052 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. je_free in libQjpeg.so in Qjpeg in Qt 5.5 allows memory corruption via a malformed JPEG file. The Samsung ID is SVE-2015-5110 (January 2016). | |||||
| CVE-2016-11048 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| An issue was discovered on Samsung mobile devices with L(5.0/5.1) (Spreadtrum or Marvell chipsets) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2016-5421 (March 2016). | |||||
| CVE-2016-11046 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4.4), and L(5.0/5.1) software. Because of a misused whitelist, attackers can reach the radio layer (aka RIL or RILD) to place calls or send SMS messages. The Samsung ID is SVE-2016-5733 (May 2016). | |||||
| CVE-2016-11040 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| An issue was discovered on Samsung mobile devices with L(5.0/5.1) (with USB OTG MyFile2014_L_ESS support) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2015-5068 (June 2016). | |||||
| CVE-2016-11032 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) software. An attacker can disable all Sound functionality by broadcasting an unprotected intent. The Samsung IDs are SVE-2016-7179 and SVE-2016-7182 (November 2016). | |||||
| CVE-2016-11031 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. AntService allows a system_server crash and reboot. The Samsung ID is SVE-2016-7044 (November 2016). | |||||
| CVE-2016-10991 | 1 Imdb-widget Project | 1 Imdb-widget | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The imdb-widget plugin before 1.0.9 for WordPress has Local File Inclusion. | |||||
| CVE-2016-10960 | 1 Joomlaserviceprovider | 1 Wsecure | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter. | |||||
| CVE-2016-10956 | 1 Mail-masta Project | 1 Mail-masta | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php. | |||||
| CVE-2016-10948 | 1 Post Indexer Project | 1 Post Indexer | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function. | |||||
| CVE-2016-10930 | 1 Wpsupportplus | 1 Wp Support Plus Responsive Ticket System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number. | |||||
| CVE-2016-10899 | 1 Fabrix | 1 Total Security | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The total-security plugin before 3.4.1 for WordPress has a settings-change vulnerability. | |||||
| CVE-2016-10858 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.3 HIGH | 9.8 CRITICAL |
| cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64). | |||||
| CVE-2016-10855 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91). | |||||
| CVE-2016-10850 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| cPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83). | |||||