| | CVE-2015-5742 |  Veeam | low | 2.1 | 0.1%
| | VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator cre… | Oct 16, 2015 | May 6, 2026 |
| | CVE-2015-5444 |  HPE | medium | 4.3 | 0.6%
| | Multiple cross-site scripting (XSS) vulnerabilities in HP Smart Profile Server Data Analytics Layer … | Oct 18, 2015 | May 6, 2026 |
| | CVE-2015-6335 |  Cisco | critical | 9.0 | 0.3%
| | The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7, 5.4.0.4, and 6.0.0 for VMwar… | Oct 25, 2015 | May 6, 2026 |
| | CVE-2015-6340 | Cisco | medium | 5.0 | 0.5%
| | The Proxy Mobile IPv6 (PMIPv6) component in the CDMA implementation on Cisco ASR 5000 devices with s… | Oct 27, 2015 | May 6, 2026 |
| | CVE-2015-5262 |  Apache | medium | 4.3 | 1.6%
| | http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignor… | Oct 27, 2015 | May 6, 2026 |
| | CVE-2015-6345 | Cisco | medium | 6.5 | 0.3%
| | SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0… | Oct 30, 2015 | May 6, 2026 |
| | CVE-2015-6346 | Cisco | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allow… | Oct 30, 2015 | May 6, 2026 |
| | CVE-2015-6347 | Cisco | medium | 4.0 | 0.1%
| | The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticate… | Oct 30, 2015 | May 6, 2026 |
| | CVE-2015-6348 | Cisco | medium | 4.0 | 0.2%
| | The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (AC… | Oct 30, 2015 | May 6, 2026 |
| | CVE-2015-6349 | Cisco | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure… | Oct 30, 2015 | May 6, 2026 |
| | CVE-2015-6350 | Cisco | medium | 6.5 | 0.3%
| | SQL injection vulnerability in the web framework in Cisco Prime Service Catalog 11.0 allows remote a… | Oct 30, 2015 | May 6, 2026 |
| | CVE-2015-6351 | Cisco | medium | 5.0 | 0.5%
| | Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices with software 19.1.0.61559 and 19… | Oct 30, 2015 | May 6, 2026 |
| | CVE-2015-6352 | Cisco | medium | 4.3 | 0.3%
| | Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pat… | Oct 30, 2015 | May 6, 2026 |
| | CVE-2015-6353 | Cisco | low | 3.5 | 0.2%
| | Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.3.1.… | Oct 31, 2015 | May 6, 2026 |
| | CVE-2015-6354 | Cisco | low | 3.5 | 0.2%
| | Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.4.1.… | Oct 31, 2015 | May 6, 2026 |
| | CVE-2015-1775 | Apache | medium | 5.5 | 0.2%
| | Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Amba… | Nov 2, 2015 | May 6, 2026 |
| | CVE-2015-3186 | Apache | low | 3.5 | 0.2%
| | Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 allows remote authenticated c… | Nov 2, 2015 | May 6, 2026 |
| | CVE-2015-3270 | Apache | medium | 6.5 | 0.8%
| | Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administr… | Nov 2, 2015 | May 6, 2026 |
| | CVE-2015-5210 | Apache | medium | 5.8 | 1.0%
| | Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users … | Nov 2, 2015 | May 6, 2026 |
| | CVE-2015-2902 | HPE | medium | 6.8 | 0.4%
| | HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which… | Nov 4, 2015 | May 6, 2026 |
| | CVE-2015-2903 | HPE | medium | 6.9 | 0.5%
| | The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which … | Nov 4, 2015 | May 6, 2026 |
| | CVE-2015-6029 | HPE | medium | 5.0 | 6.9%
| | HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, whic… | Nov 4, 2015 | May 6, 2026 |
| | CVE-2015-6030 | HPE | high | 7.2 | 0.1%
| | HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Applia… | Nov 4, 2015 | May 6, 2026 |
| | CVE-2015-6355 | Cisco | medium | 5.0 | 0.2%
| | The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote at… | Nov 4, 2015 | May 6, 2026 |
| | CVE-2015-6356 | Cisco | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the WeChat page in Cisco Social Miner 10.0(1) allows rem… | Nov 4, 2015 | May 6, 2026 |
| | CVE-2015-6291 | Cisco | high | 7.8 | 0.4%
| | Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email … | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-6293 | Cisco | high | 7.8 | 0.4%
| | Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-1… | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-6321 | Cisco | high | 7.8 | 0.6%
| | Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x be… | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-4282 | Cisco | medium | 6.9 | 0.1%
| | Cisco Mobility Services Engine (MSE) through 8.0.120.7 uses weak permissions for unspecified binary … | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-6292 | Cisco | high | 7.8 | 0.4%
| | The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2… | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-6298 | Cisco | critical | 9.0 | 0.4%
| | The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6… | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-6316 | Cisco | medium | 6.5 | 0.6%
| | The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) through 8.0.120.7 a… | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-6546 |  F5 | medium | 6.1 | 0.3%
| | The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, … | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-7394 | F5 | critical | 9.0 | 1.3%
| | The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before … | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-4928 | Apache | medium | 4.3 | 0.9%
| | Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext p… | Nov 8, 2015 | May 6, 2026 |
| | CVE-2015-4940 | Apache | low | 2.1 | 0.1%
| | Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext B… | Nov 8, 2015 | May 6, 2026 |
| | CVE-2015-6362 | Cisco | medium | 4.0 | 0.1%
| | The web GUI in Cisco Connected Grid Network Management System (CG-NMS) 3.0(0.35) and 3.0(0.54) allow… | Nov 10, 2015 | May 6, 2026 |
| | CVE-2015-4551 | Apache | medium | 4.3 | 9.6%
| | LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configura… | Nov 10, 2015 | May 6, 2026 |
| | CVE-2015-5212 | Apache | medium | 6.8 | 49.6%
| | Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configura… | Nov 10, 2015 | May 6, 2026 |
| | CVE-2015-5213 | Apache | medium | 6.8 | 22.8%
| | Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attack… | Nov 10, 2015 | May 6, 2026 |
| | CVE-2015-5214 | Apache | medium | 6.8 | 35.6%
| | LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attac… | Nov 10, 2015 | May 6, 2026 |
| | CVE-2015-2427 |  Microsoft | critical | 9.3 | 28.1%
| | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of… | Nov 11, 2015 | May 6, 2026 |
| | CVE-2015-2503 | Microsoft | critical | 9.3 | 15.5%
| | Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3,… | Nov 11, 2015 | May 6, 2026 |
| | CVE-2015-6038 | Microsoft | critical | 9.3 | 43.5%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for M… | Nov 11, 2015 | May 6, 2026 |
| | CVE-2015-6061 | Microsoft | medium | 4.3 | 14.2%
| | Cross-site scripting (XSS) vulnerability in Microsoft Skype for Business 2016, Lync 2010 and 2013 SP… | Nov 11, 2015 | May 6, 2026 |
| | CVE-2015-6064 | Microsoft | critical | 9.3 | 32.6%
| | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary… | Nov 11, 2015 | May 6, 2026 |
| | CVE-2015-6065 | Microsoft | critical | 9.3 | 16.3%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Nov 11, 2015 | May 6, 2026 |
| | CVE-2015-6066 | Microsoft | critical | 9.3 | 28.1%
| | Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause … | Nov 11, 2015 | May 6, 2026 |
| | CVE-2015-6068 | Microsoft | critical | 9.3 | 22.8%
| | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o… | Nov 11, 2015 | May 6, 2026 |
| | CVE-2015-6069 | Microsoft | critical | 9.3 | 28.1%
| | Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause … | Nov 11, 2015 | May 6, 2026 |