Export limit exceeded: 25384 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25384 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1192 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors. | ||||
| CVE-2016-1193 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain sensitive email-reading information via unspecified vectors. | ||||
| CVE-2016-1208 | 2 Apple, Filemaker | 2 Mac Os X, Filemaker | 2025-04-12 | N/A |
| The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors. | ||||
| CVE-2016-1209 | 1 Ninjaforms | 1 Ninja Forms | 2025-04-12 | N/A |
| The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request. | ||||
| CVE-2016-1225 | 1 Trendmicro | 1 Internet Security | 2025-04-12 | N/A |
| Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2016-1241 | 1 Tryton | 1 Tryton | 2025-04-12 | N/A |
| Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors. | ||||
| CVE-2016-1242 | 1 Tryton | 1 Tryton | 2025-04-12 | N/A |
| file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors. | ||||
| CVE-2016-1248 | 3 Debian, Redhat, Vim | 3 Debian Linux, Enterprise Linux, Vim | 2025-04-12 | N/A |
| vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. | ||||
| CVE-2016-1258 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Embedthis Appweb, as used in J-Web in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R8, 14.1 before 14.1R6, and 14.2 before 14.2R5, allows remote attackers to cause a denial of service (J-Web crash) via unspecified vectors. | ||||
| CVE-2016-1277 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D40, 12.3X48 before 12.3X48-D30, 13.3 before 13.3R9, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R6, 15.1 before 15.1F6 or 15.1R3, and 15.1X49 before 15.1X49-D40, when configured with a GRE or IPIP tunnel, allow remote attackers to cause a denial of service (kernel panic) via a crafted ICMP packet. | ||||
| CVE-2016-1284 | 1 Isc | 1 Bind | 2025-04-12 | N/A |
| rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9.8-S5, when nxdomain-redirect is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via crafted flag values in a query. | ||||
| CVE-2016-1291 | 2 Cisco, Sun | 3 Evolved Programmable Network Manager, Prime Infrastructure, Opensolaris | 2025-04-12 | N/A |
| Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192. | ||||
| CVE-2016-1295 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775. | ||||
| CVE-2016-1303 | 1 Cisco | 16 500 Series Switch Firmware, Sf500-24, Sf500-24p and 13 more | 2025-04-12 | N/A |
| The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote attackers to cause a denial of service via a crafted HTTP request, aka Bug ID CSCul65330. | ||||
| CVE-2016-1779 | 1 Apple | 2 Iphone Os, Safari | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to bypass the Same Origin Policy and obtain physical-location data via a crafted geolocation request. | ||||
| CVE-2016-1780 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.3 does not prevent hidden web views from reading orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment via a crafted web site. | ||||
| CVE-2015-0543 | 1 Emc | 1 Secure Remote Services | 2025-04-12 | N/A |
| EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2016-1862 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860. | ||||
| CVE-2016-2023 | 1 Hp | 1 Restful Interface Tool | 2025-04-12 | N/A |
| HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-0548 | 1 Emc | 1 Documentum D2 | 2025-04-12 | N/A |
| The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors. | ||||