Search
31,027 CVEs · Critical severity
CVEs (31,027, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 376–400 of 31,027 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2016-0705 | CRITICAL | Patched | 9.8 | 2016-03-03 | Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause … |
| CVE-2016-0799 | CRITICAL | Patched | 9.8 | 2016-03-03 | The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to ca… |
| CVE-2016-2842 | CRITICAL | Patched | 9.8 | 2016-03-03 | The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which all… |
| CVE-2016-1633 | CRITICAL | Patched | 9.8 | 2016-03-06 | Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other… |
| CVE-2016-1635 | CRITICAL | Patched | 9.8 | 2016-03-06 | extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocume… |
| CVE-2016-1636 | CRITICAL | Patched | 9.8 | 2016-03-06 | The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integri… |
| CVE-2016-1639 | CRITICAL | Patched | 9.8 | 2016-03-06 | Use-after-free vulnerability in browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc in the WebRTC Audio Private API implementation in Google Chrome befo… |
| CVE-2016-1642 | CRITICAL | Patched | 9.8 | 2016-03-06 | Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. |
| CVE-2016-2843 | CRITICAL | Patched | 9.8 | 2016-03-06 | Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before 49.0.2623.75, allow attackers to cause a denial of service or possibly … |
| CVE-2016-0132 | CRITICAL | 9.8 | 2016-03-09 | Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 mishandles signature validation for unspecified elements of XML documents, which allows remote … | |
| CVE-2016-0954 | CRITICAL | Patched | 9.8 | 2016-03-09 | Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
| CVE-2016-1007 | CRITICAL | Patched | 9.8 | 2016-03-09 | Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Wind… |
| CVE-2016-1009 | CRITICAL | Patched | 9.8 | 2016-03-09 | Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Wind… |
| CVE-2016-1327 | CRITICAL | 9.8 | 2016-03-09 | Buffer overflow in the web server on Cisco DPC2203 and EPC2203 devices with firmware r1_customer_image allows remote attackers to execute arbitrary code via a crafted HTTP … | |
| CVE-2015-7411 | CRITICAL | 9.9 | 2016-03-12 | The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspec… | |
| CVE-2016-0815 | CRITICAL | Patched | 9.8 | 2016-03-12 | The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03… |
| CVE-2016-0816 | CRITICAL | Patched | 9.8 | 2016-03-12 | mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, re… |
| CVE-2016-1621 | CRITICAL | Patched | 9.8 | 2016-03-12 | libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of… |
| CVE-2016-1962 | CRITICAL | Patched | 9.8 | 2016-03-13 | Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers t… |
| CVE-2016-1988 | CRITICAL | Patched | 9.8 | 2016-03-15 | HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vecto… |
| CVE-2016-1989 | CRITICAL | Patched | 9.8 | 2016-03-15 | HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vecto… |
| CVE-2016-2345 | CRITICAL | 9.8 | 2016-03-17 | Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafte… | |
| CVE-2016-3191 | CRITICAL | Patched | 9.8 | 2016-03-17 | The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in con… |
| CVE-2016-1995 | CRITICAL | Patched | 9.8 | 2016-03-18 | HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. |
| CVE-2016-2245 | CRITICAL | Patched | 9.8 | 2016-03-19 | HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. |