CWE-16
93 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-16page 1 of 2
- CVE-1999-0656NONECVSS 0.0EG 0.01999-01-01
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.
- CVE-1999-0701NONECVSS 0.0EG 0.02000-04-11
After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.
- CVE-1999-0725NONECVSS 0.0EG 0.01999-08-19
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page".
- CVE-1999-0766NONECVSS 0.0EG 0.01999-10-21
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
- CVE-1999-0858NONECVSS 0.0EG 0.01999-12-02
Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server.
- CVE-1999-0875NONECVSS 0.0EG 0.01999-08-11
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.
- CVE-1999-0886NONECVSS 0.0EG 0.01999-09-17
The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager.
- CVE-2002-2234NONECVSS 0.0EG 0.02002-12-31
NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests.
- CVE-2002-2247NONECVSS 0.0EG 0.02002-12-31
The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function.
- CVE-2002-2263NONECVSS 0.0EG 0.02002-12-31
The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files.
- CVE-2002-2280NONECVSS 0.0EG 0.02002-12-31
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog serv…
- CVE-2002-2285NONECVSS 0.0EG 0.02002-12-31
eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may certify that a file is free of viruses before the file has been completely downloaded, which allows remote attackers to bypass virus detection.
- CVE-2002-2331NONECVSS 0.0EG 0.02002-12-31
W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote attackers to execute arbitrary code by …
- CVE-2002-2335NONECVSS 0.0EG 0.02002-12-31
Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protection.php.
- CVE-2002-2336NONECVSS 0.0EG 0.02002-12-31
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
- CVE-2002-2373NONECVSS 0.0EG 0.02002-12-31
The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access.
- CVE-2003-1341NONECVSS 0.0EG 0.02003-12-31
The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.
- CVE-2003-1352NONECVSS 0.0EG 0.02003-12-31
Gabber 0.8.7 sends an email to a specific address during user login and logout, which allows remote attackers to obtain user session activity and Gabber version number by sniffing.
- CVE-2003-1357NONECVSS 0.0EG 0.02003-12-31
ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access.
- CVE-2003-1362NONECVSS 0.0EG 0.02003-12-31
Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail …
- CVE-2003-1367NONECVSS 0.0EG 0.02003-12-31
The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command.
- CVE-2003-1422NONECVSS 0.0EG 0.02003-12-31
Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors.
- CVE-2003-1426NONECVSS 0.0EG 0.02003-12-31
Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference …
- CVE-2003-1449NONECVSS 0.0EG 0.02003-12-31
Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol (CVP) data, which allows remote attackers to bypass virus protection.
- CVE-2003-1452NONECVSS 0.0EG 0.02003-12-31
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.
- CVE-2003-1457NONECVSS 0.0EG 0.02003-12-31
Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositron" user account with an easily guessable password, which allows local users or remote attackers to gain access.
- CVE-2003-1491NONECVSS 0.0EG 0.02003-12-31
Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53.
- CVE-2004-0605NONECVSS 0.0EG 0.02004-12-06
Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote attackers to cause a denial of service by…
- CVE-2004-2687NONECVSS 0.0EG 9.02004-12-31
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization chec…
- CVE-2004-2692NONECVSS 0.0EG 0.02004-12-31
The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mode disabled allows remote attackers to bypass restrictions and execute arbitrary commands via a backtick operator, which is not handled using the php_escape_shell_cmd fu…
- CVE-2004-2760NONECVSS 0.0EG 0.02004-12-31
sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt with an incorrect password, which makes it…
- CVE-2005-0197NONECVSS 0.0EG 0.02005-05-02
Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.
- CVE-2010-0386HIGHCVSS 8.1EG 8.12010-01-25
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing (XST) attack,…
- CVE-2015-9197CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 65…
- CVE-2016-10446HIGHCVSS 7.5EG 7.52018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 820, SD 820A, and SD 835, incorrect configuration of the OCIM…
- CVE-2017-3210HIGHCVSS 7.8EG 7.82018-07-24
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secur…
- CVE-2018-0262HIGHCVSS 8.1EG 8.12018-05-02
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or sensitive information in, an affected system, leading to Remote Code Execution. The vulnerability is d…
- CVE-2018-0263HIGHCVSS 7.4EG 7.42018-06-07
A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an affected system. The vulnerability is due to incorrect default configuration of …
- CVE-2018-0275MEDIUMCVSS 6.7EG 6.72018-04-19
A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel featu…
- CVE-2018-11922CRITICALCVSS 9.8EG 9.82024-11-26
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
- CVE-2018-15386CRITICALCVSS 9.8EG 9.82018-10-05
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to a…
- CVE-2018-15448HIGHCVSS 7.5EG 7.52018-11-08
A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information. The attacker could use this information to conduct additional rec…
- CVE-2019-1585MEDIUMCVSS 6.7EG 7.82019-03-06
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulner…
- CVE-2019-15993MEDIUMCVSS 5.3EG 5.32020-09-23
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to in…
- CVE-2019-16760MEDIUMCVSS 4.6EG 4.62019-09-30
Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. Usage of the `package` key to rename dependencies in `Cargo.toml` is ignored in Rust 1.25.0 and prior. When Rust 1…
- CVE-2019-1742MEDIUMCVSS 5.3EG 5.32019-03-28
A vulnerability in the web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access sensitive configuration information. The vulnerability is due to improper access control to files within the web UI. An attack…
- CVE-2019-1829MEDIUMCVSS 6.7EG 6.72019-04-18
A vulnerability in the CLI of Cisco Aironet Series Access Points (APs) could allow an authenticated, local attacker to gain access to the underlying Linux operating system (OS) without the proper authentication. The attacker would need val…
- CVE-2019-18579MEDIUMCVSS 6.8EG 6.82019-12-16
Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. The BIOS configuration for the "Enable Thunderbolt (and PCIe behind TBT) pre-boot modules" setting is enabled by default. A loca…
- CVE-2019-1868HIGHCVSS 7.5EG 7.52019-06-05
A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. The vulnerability is due to improper access control to files withi…
- CVE-2019-19000MEDIUMCVSS 6.5EG 6.52020-04-02
For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.
Map vulnerabilities like CWE-16 to your infrastructure
EchelonGraph correlates every CVE — across CWE-16 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →