Search
31,034 CVEs · Critical severity
CVEs (31,034, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 351–375 of 31,034 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2016-1287 | CRITICAL | Patched | 9.8 | 2016-02-11 | Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2… |
| CVE-2016-1986 | CRITICAL | 9.8 | 2016-02-12 | HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Colle… | |
| CVE-2016-1524 | CRITICAL | Patched | 9.6 | 2016-02-13 | Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1… |
| CVE-2016-2231 | CRITICAL | Patched | 9.8 | 2016-02-15 | The Windows-based Host Interface Program (WHIP) service on Huawei SmartAX MT882 devices V200R002B022 Arg relies on the client to send a length field that is consistent with… |
| CVE-2016-0746 | CRITICAL | Patched | 9.8 | 2016-02-15 | Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process cras… |
| CVE-2016-2386 | CRITICAL | 9.8 | 2016-02-16 | SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP … | |
| CVE-2016-2071 | CRITICAL | Patched | 9.8 | 2016-02-17 | Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e a… |
| CVE-2016-2396 | CRITICAL | 9.9 | 2016-02-17 | The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execut… | |
| CVE-2016-2397 | CRITICAL | 9.8 | 2016-02-17 | The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbit… | |
| CVE-2015-8286 | CRITICAL | 9.8 | 2016-02-18 | Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000. | |
| CVE-2015-8151 | CRITICAL | Patched | 9.1 | 2016-02-18 | Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access. |
| CVE-2016-1154 | CRITICAL | Patched | 9.1 | 2016-02-19 | SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| CVE-2016-2275 | CRITICAL | Patched | 9.8 | 2016-02-21 | The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement … |
| CVE-2015-7425 | CRITICAL | Patched | 10.0 | 2016-02-21 | The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual… |
| CVE-2016-1629 | CRITICAL | Patched | 9.8 | 2016-02-21 | Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors. |
| CVE-2015-8803 | CRITICAL | Patched | 9.8 | 2016-02-23 | The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST… |
| CVE-2015-8804 | CRITICAL | Patched | 9.8 | 2016-02-23 | x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve… |
| CVE-2015-8805 | CRITICAL | Patched | 9.8 | 2016-02-23 | The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST… |
| CVE-2015-8277 | CRITICAL | Patched | 9.8 | 2016-02-24 | Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow remote attackers to execute arbitrary cod… |
| CVE-2016-1341 | CRITICAL | 9.8 | 2016-02-24 | Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a blank root password, which allows local users to gain privileges via unspe… | |
| CVE-2015-7261 | CRITICAL | Patched | 9.8 | 2016-02-27 | The FTP service in QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, has hardcoded credentials, which makes it easier for remote attac… |
| CVE-2016-0212 | CRITICAL | 9.8 | 2016-02-29 | Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via un… | |
| CVE-2016-0213 | CRITICAL | 9.8 | 2016-02-29 | Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via un… | |
| CVE-2016-0216 | CRITICAL | 9.8 | 2016-02-29 | Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via un… | |
| CVE-2016-1329 | CRITICAL | Patched | 9.8 | 2016-03-03 | Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which… |