Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project 2016 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2016-8871
In Botan 1.11.29 up to and including 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an "OAEP side channel" attack.
Botan Project Botan 1.11.32
Botan Project Botan 1.11.30
Botan Project Botan 1.11.31
Botan Project Botan 1.11.29
7.5
CVSSv2
CVE-2017-12087
An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this ...
Tinysvcmdns Project Tinysvcmdns 2016-07-18
4.3
CVSSv2
CVE-2016-5027
dwarf_form.c in libdwarf 20160115 allows remote malicious users to cause a denial of service (crash) via a crafted elf file.
Libdwarf Project Libdwarf 2016-01-15
3.5
CVSSv2
CVE-2016-1913
Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x prior to 7.x-1.11 for Drupal allow remote authenticated users with certain access to inject arbitrary web script or HTML via unspecified vectors, related to (1) individual contacts, (2) notes, or (3)...
Redhen Project Redhen 7.x-1.0
Redhen Project Redhen 7.x-1.3
Redhen Project Redhen 7.x-1.10
Redhen Project Redhen 7.x-1.x
Redhen Project Redhen 7.x-1.4
Redhen Project Redhen 7.x-1.2
Redhen Project Redhen 7.x-1.1
Redhen Project Redhen 7.x-1.8
Redhen Project Redhen 7.x-1.7
Redhen Project Redhen 7.x-1.6
Redhen Project Redhen 7.x-1.5
5
CVSSv2
CVE-2016-6271
The Bzrtp library (aka libbzrtp) 1.0.x prior to 1.0.4 allows man-in-the-middle malicious users to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.
Bzrtp Project Bzrtp 1.0.2
Bzrtp Project Bzrtp 1.0.3
Bzrtp Project Bzrtp 1.0.0
1 Github repository
4.3
CVSSv2
CVE-2016-0534
Unspecified vulnerability in the Oracle Project Contracts component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote malicious users to affect integrity via unknown vectors related to Printing.
Oracle Project Contracts 12.1.3
Oracle Project Contracts 12.1.2
Oracle Project Contracts 12.1.1
4.3
CVSSv2
CVE-2016-4875
Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) Assist plugin prior to 1.1.2.test20160906, (2) dataBox plugin prior to 0.0.0.20160906, and (3) userBox plugin prior to 0.0.0.20160906 for Geeklog allow remote malicious users to inject arbitrary web script or HT...
Databox Project Databox Plugin
Userbox Project Userbox Plugin
Assist Project Assist Plugin
2.1
CVSSv2
CVE-2016-8889
In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history.
Bitcoin Knots Project Bitcoin Knots 0.13.0.knots20160814
Bitcoin Knots Project Bitcoin Knots 0.11.0
Bitcoin Knots Project Bitcoin Knots 0.12.1.knots20160629
Bitcoin Knots Project Bitcoin Knots 0.12.0
Bitcoin Knots Project Bitcoin Knots 0.11.2
Bitcoin Knots Project Bitcoin Knots 0.11.1
Bitcoin Knots Project Bitcoin Knots 0.12.0.knots20160226
5
CVSSv2
CVE-2016-20013
sha256crypt and sha512crypt up to and including 0.6 allow malicious users to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.
Sha256crypt Project Sha256crypt
Sha512crypt Project Sha512crypt
1 Github repository
4.3
CVSSv2
CVE-2020-1322
An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.
Microsoft 365 Apps -
Microsoft Office 2019
Microsoft Project 2010
Microsoft Project 2013
Microsoft Project 2016
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »