Total
11667 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10338 | 1 Google | 1 Android | 2026-06-17 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing. | |||||
| CVE-2016-10337 | 1 Google | 1 Android | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed. | |||||
| CVE-2016-10243 | 3 Debian, Fedoraproject, Tug | 3 Debian Linux, Fedora, Tex Live | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file. | |||||
| CVE-2016-10235 | 1 Google | 1 Android | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-34390620. References: QC-CR#1046409. | |||||
| CVE-2016-10228 | 1 Gnu | 1 Glibc | 2026-06-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. | |||||
| CVE-2016-10222 | 1 Apple | 1 Safari | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion" in the JSON.stringify function. | |||||
| CVE-2016-10176 | 1 Netgear | 2 Wnr2000v5, Wnr2000v5 Firmware | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL, apply_noauth.cgi, that allows an unauthenticated user to perform sensitive actions on the device. This functionality can be exploited to change the router settings (such as the answers to the password-recovery questions) and achieve remote code execution. | |||||
| CVE-2016-10167 | 1 Libgd | 1 Libgd | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. | |||||
| CVE-2016-10100 | 1 Borg | 1 Borg | 2026-06-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| Borg (aka BorgBackup) before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive. | |||||
| CVE-2016-10079 | 1 Sap | 1 Saplpd | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515. | |||||
| CVE-2016-10069 | 2 Imagemagick, Opensuse Project | 2 Imagemagick, Leap | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames. | |||||
| CVE-2016-10068 | 3 Imagemagick, Opensuse, Opensuse Project | 3 Imagemagick, Leap, Leap | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. | |||||
| CVE-2016-10024 | 2 Citrix, Xen | 2 Xenserver, Xen | 2026-06-17 | 4.9 MEDIUM | 6.0 MEDIUM |
| Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations. | |||||
| CVE-2016-1000232 | 3 Ibm, Redhat, Salesforce | 3 Api Connect, Openshift Container Platform, Tough-cookie | 2026-06-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been fixed in 2.3.0. | |||||
| CVE-2016-1000104 | 2 Apache, Opensuse | 3 Mod Fcgid, Leap, Opensuse | 2026-06-17 | 6.5 MEDIUM | 8.8 HIGH |
| A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07. | |||||
| CVE-2016-0950 | 1 Adobe | 1 Connect | 2026-06-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors. | |||||
| CVE-2016-0913 | 1 Emc | 2 Networker Module For Microsoft Applications, Replication Manager | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x before 8.2.3.6 allows remote RM servers to execute arbitrary commands by placing a crafted script in an SMB share. | |||||
| CVE-2016-0909 | 1 Emc | 2 Avamar Data Store, Avamar Server Virtual Edition | 2026-06-17 | 7.2 HIGH | 8.4 HIGH |
| EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users. | |||||
| CVE-2016-0895 | 1 Emc | 1 Rsa Data Loss Prevention | 2026-06-17 | 4.3 MEDIUM | 4.3 MEDIUM |
| EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to conduct clickjacking attacks via web-site elements with crafted transparency or opacity. | |||||
| CVE-2016-0889 | 1 Dell | 1 Emc Unisphere | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname. | |||||
