CVE List - 2016 / October
Showing 1 - 100 of 687 CVEs for October 2016 (Page 1 of 7)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2016-3042 | 2016-10-01 | Cross-site scripting (XSS) vulnerability in the Web UI in IBM... |
| CVE-2016-5986 | 2016-10-01 | IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before... |
| CVE-2016-5995 | 2016-10-01 | Untrusted search path vulnerability in IBM DB2 9.7 through FP11,... |
| CVE-2016-1240 | 2016-10-03 | The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4... |
| CVE-2016-1243 | 2016-10-03 | Stack-based buffer overflow in the extractTree function in unADF allows... |
| CVE-2016-1244 | 2016-10-03 | The extractTree function in unADF allows remote attackers to execute... |
| CVE-2016-4436 | 2016-10-03 | Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow... |
| CVE-2016-5180 | 2016-10-03 | Heap-based buffer overflow in the ares_create_query function in c-ares 1.x... |
| CVE-2016-3619 | 2016-10-03 | The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in... |
| CVE-2016-3620 | 2016-10-03 | The ZIPEncode function in tif_zip.c in the bmp2tiff tool in... |
| CVE-2016-3621 | 2016-10-03 | The LZWEncode function in tif_lzw.c in the bmp2tiff tool in... |
| CVE-2016-3622 | 2016-10-03 | The fpAcc function in tif_predict.c in the tiff2rgba tool in... |
| CVE-2016-3623 | 2016-10-03 | The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote... |
| CVE-2016-3624 | 2016-10-03 | The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6... |
| CVE-2016-3625 | 2016-10-03 | tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier... |
| CVE-2016-3631 | 2016-10-03 | The (1) cpStrips and (2) cpTiles functions in the thumbnail... |
| CVE-2016-3633 | 2016-10-03 | The setrow function in the thumbnail tool in LibTIFF 4.0.6... |
| CVE-2016-3634 | 2016-10-03 | The tagCompare function in tif_dirinfo.c in the thumbnail tool in... |
| CVE-2016-3658 | 2016-10-03 | The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in... |
| CVE-2016-5700 | 2016-10-03 | Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11,... |
| CVE-2016-7397 | 2016-10-03 | The Frontend component in Sophos UTM with firmware 9.405-5 and... |
| CVE-2016-7442 | 2016-10-03 | The Frontend component in Sophos UTM with firmware 9.405-5 and... |
| CVE-2016-7445 | 2016-10-03 | convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause... |
| CVE-2016-1371 | 2016-10-03 | ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to... |
| CVE-2016-1372 | 2016-10-03 | ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to... |
| CVE-2016-5019 | 2016-10-03 | CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before... |
| CVE-2016-5398 | 2016-10-03 | Cross-site scripting (XSS) vulnerability in Business Process Editor in Red... |
| CVE-2016-5432 | 2016-10-03 | The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine... |
| CVE-2016-6352 | 2016-10-03 | The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows... |
| CVE-2016-6494 | 2016-10-03 | The client in MongoDB uses world-readable permissions on .dbshell history... |
| CVE-2016-7031 | 2016-10-03 | The RGW code in Ceph before 10.0.1, when authenticated-read ACL... |
| CVE-2016-7401 | 2016-10-03 | The cookie parsing code in Django before 1.8.15 and 1.9.x... |
| CVE-2016-7405 | 2016-10-03 | The qstr method in the PDO driver in the ADOdb... |
| CVE-2016-7570 | 2016-10-03 | Drupal 8.x before 8.1.10 does not properly check for "Administer... |
| CVE-2016-7571 | 2016-10-03 | Cross-site scripting (XSS) vulnerability in Drupal 8.x before 8.1.10 allows... |
| CVE-2016-7572 | 2016-10-03 | The system.temporary route in Drupal 8.x before 8.1.10 does not... |
| CVE-2013-4118 | 2016-10-03 | FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial... |
| CVE-2013-4119 | 2016-10-03 | FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial... |
| CVE-2015-1832 | 2016-10-03 | XML external entity (XXE) vulnerability in the SqlXmlUtil code in... |
| CVE-2015-8085 | 2016-10-03 | Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers... |
| CVE-2015-8086 | 2016-10-03 | Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers... |
| CVE-2016-6905 | 2016-10-03 | The read_image_tga function in gd_tga.c in the GD Graphics Library... |
| CVE-2016-7046 | 2016-10-03 | Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating... |
| CVE-2016-7141 | 2016-10-03 | curl and libcurl before 7.50.2, when built with NSS and... |
| CVE-2016-8276 | 2016-10-03 | Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module... |
| CVE-2016-8277 | 2016-10-03 | Huawei USG9520, USG9560, and USG9580 unified security gateways with software... |
| CVE-2016-8278 | 2016-10-03 | Huawei USG9520, USG9560, and USG9580 unified security gateways with software... |
| CVE-2016-8280 | 2016-10-03 | Directory traversal vulnerability in Huawei eSight before V300R003C20SPC005 allows remote... |
| CVE-2016-0913 | 2016-10-05 | The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC... |
| CVE-2016-6550 | 2016-10-05 | The U by BB&T app 1.5.4 and earlier for iOS... |
| CVE-2016-6645 | 2016-10-05 | The vApp Managers web application in EMC Unisphere for VMAX... |
| CVE-2016-6646 | 2016-10-05 | The vApp Managers web application in EMC Unisphere for VMAX... |
| CVE-2014-5414 | 2016-10-05 | Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification... |
| CVE-2014-5415 | 2016-10-05 | Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification... |
| CVE-2016-2307 | 2016-10-05 | American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0... |
| CVE-2016-2308 | 2016-10-05 | American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0... |
| CVE-2016-4387 | 2016-10-05 | The Filter SDK in HPE KeyView 10.18 through 10.24 allows... |
| CVE-2016-4388 | 2016-10-05 | The Filter SDK in HPE KeyView 10.18 through 10.24 allows... |
| CVE-2016-4389 | 2016-10-05 | The Filter SDK in HPE KeyView 10.18 through 10.24 allows... |
| CVE-2016-4390 | 2016-10-05 | The Filter SDK in HPE KeyView 10.18 through 10.24 allows... |
| CVE-2016-5084 | 2016-10-05 | Johnson & Johnson Animas OneTouch Ping devices do not use... |
| CVE-2016-5085 | 2016-10-05 | Johnson & Johnson Animas OneTouch Ping devices do not properly... |
| CVE-2016-5086 | 2016-10-05 | Johnson & Johnson Animas OneTouch Ping devices allow remote attackers... |
| CVE-2016-5686 | 2016-10-05 | Johnson & Johnson Animas OneTouch Ping devices mishandle acknowledgements, which... |
| CVE-2016-5892 | 2016-10-05 | Cross-site scripting (XSS) vulnerability in IBM 10x, as used in... |
| CVE-2016-5901 | 2016-10-05 | Cross-site scripting (XSS) vulnerability in a test page in IBM... |
| CVE-2016-5983 | 2016-10-05 | IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before... |
| CVE-2016-6419 | 2016-10-05 | SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through... |
| CVE-2016-6420 | 2016-10-05 | Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management... |
| CVE-2016-8343 | 2016-10-05 | Directory traversal vulnerability in INDAS Web SCADA before 3 allows... |
| CVE-2016-1246 | 2016-10-05 | Buffer overflow in the DBD::mysql module before 4.037 for Perl... |
| CVE-2016-4551 | 2016-10-05 | The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level... |
| CVE-2016-5745 | 2016-10-05 | F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x... |
| CVE-2016-6652 | 2016-10-05 | SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6... |
| CVE-2016-7161 | 2016-10-05 | Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in... |
| CVE-2016-7435 | 2016-10-05 | The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in... |
| CVE-2016-7560 | 2016-10-05 | The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1,... |
| CVE-2016-7561 | 2016-10-05 | Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and... |
| CVE-2016-7907 | 2016-10-05 | The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator)... |
| CVE-2016-7908 | 2016-10-05 | The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator)... |
| CVE-2016-7909 | 2016-10-05 | The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator)... |
| CVE-2016-6381 | 2016-10-05 | Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE... |
| CVE-2016-6382 | 2016-10-05 | Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through... |
| CVE-2016-6384 | 2016-10-05 | Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and... |
| CVE-2016-6386 | 2016-10-05 | Cisco IOS XE 3.1 through 3.17 and 16.1 on 64-bit... |
| CVE-2016-6392 | 2016-10-05 | Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE... |
| CVE-2016-6416 | 2016-10-05 | The FTP service in Cisco AsyncOS on Email Security Appliance... |
| CVE-2016-6417 | 2016-10-05 | Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software... |
| CVE-2016-6418 | 2016-10-05 | Cross-site scripting (XSS) vulnerability in Cisco Videoscape Distribution Suite Service... |
| CVE-2016-1455 | 2016-10-05 | Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an... |
| CVE-2016-6378 | 2016-10-05 | Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2... |
| CVE-2016-6379 | 2016-10-05 | Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and... |
| CVE-2016-6380 | 2016-10-05 | The DNS forwarder in Cisco IOS 12.0 through 12.4 and... |
| CVE-2016-6385 | 2016-10-05 | Memory leak in the Smart Install client implementation in Cisco... |
| CVE-2016-6391 | 2016-10-05 | Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers... |
| CVE-2016-6393 | 2016-10-05 | The AAA service in Cisco IOS 12.0 through 12.4 and... |
| CVE-2016-6421 | 2016-10-05 | Cisco IOS XR 5.2.2 allows remote attackers to cause a... |
| CVE-2016-6423 | 2016-10-05 | The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M... |
| CVE-2016-6426 | 2016-10-05 | The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4... |
| CVE-2016-7020 | 2016-10-05 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x... |