Total
29922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-0744 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| An elevation of privilege vulnerability in the NVIDIA firmware processing code. Product: Android. Versions: Android kernel. Android ID: A-34112726. References: N-CVE-2017-0744. | |||||
| CVE-2017-0431 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32573899. | |||||
| CVE-2017-0371 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.28.x before 1.28.1 allows remote attackers to discover the IP addresses of Wiki visitors via a style="background-image: attr(title url);" attack within a DIV element that has an attacker-controlled URL in the title attribute. | |||||
| CVE-2017-0359 | 2 Debian, Reproducible Builds | 2 Debian Linux, Diffoscope | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive. | |||||
| CVE-2016-9652 | 1 Google | 1 Chrome | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple unspecified vulnerabilities in Google Chrome before 55.0.2883.75. | |||||
| CVE-2016-8518 | 1 Hp | 1 Systems Insight Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found. | |||||
| CVE-2016-8516 | 1 Hp | 1 Systems Insight Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found. | |||||
| CVE-2016-5194 | 1 Google | 1 Chrome | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Unspecified vulnerabilities in Google Chrome before 54.0.2840.59. | |||||
| CVE-2016-4606 | 2 Apple, Haxx | 2 Mac Os X, Curl | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks. | |||||
| CVE-2016-4427 | 1 Zulip | 1 Zulip | 2024-11-21 | N/A | 7.5 HIGH |
| In zulip before 1.3.12, deactivated users could access messages if SSO was enabled. | |||||
| CVE-2016-4426 | 1 Zulip | 1 Zulip | 2024-11-21 | N/A | 4.3 MEDIUM |
| In zulip before 1.3.12, bot API keys were accessible to other users in the same realm. | |||||
| CVE-2016-20015 | 1 Smokeping | 1 Smokeping | 2024-11-21 | N/A | 7.5 HIGH |
| In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the smokeping user to gain root privileges. There is a race condition involving /var/lib/smokeping and chown. | |||||
| CVE-2016-20010 | 1 Ewww | 1 Image Optimizer | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| EWWW Image Optimizer before 2.8.5 allows remote command execution because it relies on a protection mechanism involving boolval, which is unavailable before PHP 5.5. | |||||
| CVE-2016-20006 | 1 Rest\/json Project | 1 Rest\/json | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. | |||||
| CVE-2016-1239 | 1 Debian | 1 Duck | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| duck before 0.10 did not properly handle loading of untrusted code from the current directory. | |||||
| CVE-2016-1203 | 2 Microsoft, Saat | 3 Windows, Netizen, Netizen Installer | 2024-11-21 | N/A | 8.1 HIGH |
| Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 (Build427) and earlier allows a remote unauthenticated attacker to conduct a man-in-the-middle attack. A successful exploitation may result in a malicious file being downloaded and executed. | |||||
| CVE-2016-15024 | 1 Doomsider Shadow Project | 1 Doomsider Shadow | 2024-11-21 | 1.0 LOW | 2.5 LOW |
| A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The name of the patch is 3332c5ba9ec3014ddc74e2147190a050eee97bc0. It is recommended to apply a patch to fix this issue. VDB-221478 is the identifier assigned to this vulnerability. | |||||
| CVE-2016-11060 | 1 Netgear | 8 Fvs318g, Fvs318g Firmware, Fvs318n and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Certain NETGEAR devices are affected by insecure renegotiation. This affects SRX5308 before 2017-02-10, FVS336Gv3 before 2017-02-10, FVS318N before 2017-02-10, and FVS318Gv2 before 2017-02-10. | |||||
| CVE-2016-11056 | 1 Netgear | 1 Readynas Surveillance | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| Certain NETGEAR devices are affected by anonymous root access. This affects ReadyNAS Surveillance 1.1.1-3-armel and earlier and ReadyNAS Surveillance 1.4.1-3-amd64 and earlier. | |||||
| CVE-2016-11050 | 1 Samsung | 10 Note2, Note2 Firmware, Note3 and 7 more | 2024-11-21 | 2.1 LOW | 4.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016-5562 (March 2016). | |||||