| | CVE-2015-6419 |  Cisco | medium | 6.8 | 0.2%
| | Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote… | Dec 12, 2015 | May 6, 2026 |
| | CVE-2015-6389 | Cisco | critical | 9.0 | 0.6%
| | Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote … | Dec 13, 2015 | May 6, 2026 |
| | CVE-2015-6400 | Cisco | medium | 4.3 | 0.3%
| | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 10.5(1a) allow remo… | Dec 13, 2015 | May 6, 2026 |
| | CVE-2015-6405 | Cisco | medium | 6.8 | 0.1%
| | Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) al… | Dec 13, 2015 | May 6, 2026 |
| | CVE-2015-6406 | Cisco | medium | 4.0 | 0.4%
| | Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.5(1.10000.5) all… | Dec 13, 2015 | May 6, 2026 |
| | CVE-2015-6407 | Cisco | medium | 4.0 | 0.2%
| | Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to upload files to arbitrary locat… | Dec 13, 2015 | May 6, 2026 |
| | CVE-2015-6413 | Cisco | medium | 4.0 | 0.2%
| | Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated user… | Dec 13, 2015 | May 6, 2026 |
| | CVE-2015-6414 | Cisco | low | 2.1 | 0.0%
| | Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across differe… | Dec 13, 2015 | May 6, 2026 |
| | CVE-2015-6418 | Cisco | medium | 4.3 | 0.4%
| | The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2… | Dec 13, 2015 | May 6, 2026 |
| | CVE-2015-6378 | Cisco | medium | 6.8 | 0.1%
| | Cross-site request forgery (CSRF) vulnerability on Cisco DPQ3925 devices with EDVA 5.5.2 allows remo… | Dec 14, 2015 | May 6, 2026 |
| | CVE-2015-6410 | Cisco | medium | 4.0 | 0.2%
| | The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager m… | Dec 14, 2015 | May 6, 2026 |
| | CVE-2015-6416 | Cisco | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Unified Email Interaction Manager and Unified Web … | Dec 14, 2015 | May 6, 2026 |
| | CVE-2015-6422 | Cisco | medium | 4.0 | 0.5%
| | The self-service application in Cisco Unified Communications Domain Manager (CUCDM) 10.6(1) allows r… | Dec 14, 2015 | May 6, 2026 |
| | CVE-2015-4206 | Cisco | medium | 4.3 | 0.9%
| | Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows remote attackers to bypass an XSS … | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-6399 | Cisco | medium | 6.8 | 0.7%
| | The Supervisor 1.0.0.0 and 1.0.0.1 in Cisco Integrated Management Controller (IMC) before 2.0(9) all… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-6404 | Cisco | medium | 4.0 | 0.2%
| | Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use RBAC, which allows remote auth… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-6411 | Cisco | medium | 5.0 | 0.5%
| | Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests f… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-5312 |  HPE | high | 7.1 | 1.0%
| | The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly preven… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-7497 | HPE | medium | 5.0 | 3.1%
| | Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 … | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-7498 | HPE | medium | 5.0 | 3.3%
| | Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allow… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-7499 | HPE | medium | 5.0 | 1.6%
| | Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows contex… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-7500 | HPE | medium | 5.0 | 1.5%
| | The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to … | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-8241 | HPE | medium | 6.4 | 1.0%
| | The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-de… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-8242 | HPE | medium | 5.8 | 1.4%
| | The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-8317 | HPE | medium | 5.0 | 0.3%
| | The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers … | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-6425 | Cisco | medium | 5.0 | 0.5%
| | The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.980… | Dec 16, 2015 | May 6, 2026 |
| | CVE-2015-8577 |  Trellix | low | 2.6 | 0.0%
| | The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 alloc… | Dec 16, 2015 | May 6, 2026 |
| | CVE-2015-5204 |  Apache | medium | 4.3 | 1.0%
| | CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-plugin-file-transfe… | Dec 17, 2015 | May 6, 2026 |
| | CVE-2015-6424 | Cisco | high | 7.2 | 0.1%
| | The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) allows loc… | Dec 18, 2015 | May 6, 2026 |
| | CVE-2015-6426 | Cisco | high | 7.2 | 0.1%
| | Cisco Prime Network Services Controller 3.0 allows local users to bypass intended access restriction… | Dec 18, 2015 | May 6, 2026 |
| | CVE-2015-6427 | Cisco | medium | 5.0 | 0.4%
| | Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection featur… | Dec 18, 2015 | May 6, 2026 |
| | CVE-2015-6934 |  VMware | high | 7.3 | 1.8%
| | Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize… | Dec 21, 2015 | May 6, 2026 |
| | CVE-2015-1772 | Apache | high | 7.3 | 0.2%
| | The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used i… | Dec 21, 2015 | May 6, 2026 |
| | CVE-2015-1836 | Apache | high | 7.3 | 2.1%
| | Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoS… | Dec 21, 2015 | May 6, 2026 |
| | CVE-2015-6409 | Cisco | medium | 5.9 | 0.3%
| | Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STA… | Dec 26, 2015 | May 6, 2026 |
| | CVE-2015-8651 | HPE | high | 8.8 | 89.1%
| ⚠ KEV | Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Wind… | Dec 28, 2015 | Apr 22, 2026 |
| | CVE-2015-7430 | Apache | high | 8.4 | 0.0%
| | The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General … | Jan 2, 2016 | May 6, 2026 |
| | CVE-2015-5434 | HPE | medium | 6.5 | 0.7%
| | HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attack… | Jan 5, 2016 | May 6, 2026 |
| | CVE-2015-6858 | HPE | low | 3.7 | 0.4%
| | HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensi… | Jan 5, 2016 | May 6, 2026 |
| | CVE-2015-6433 | Cisco | medium | 6.5 | 0.2%
| | SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote … | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-6434 | Cisco | medium | 6.1 | 0.2%
| | Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it easier … | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-6862 | HPE | high | 8.4 | 0.5%
| | HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass inte… | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-5254 | Apache | critical | 9.8 | 80.4%
| | Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker… | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-5259 | Apache | high | 8.6 | 34.3%
| | Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x b… | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-7362 |  Fortinet | high | 7.8 | 0.0%
| | Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory tha… | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-8765 | Trellix | high | 8.3 | 2.3%
| | Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041,… | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-6933 | VMware | medium | 6.3 | 1.8%
| | The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, … | Jan 9, 2016 | May 6, 2026 |
| | CVE-2015-8098 |  F5 | critical | 9.8 | 10.9%
| | F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6.0 before 11.6.0 HF4 allow rem… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-7393 | F5 | high | 7.4 | 0.1%
| | dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 befor… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-7759 | F5 | low | 3.7 | 0.8%
| | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP … | Jan 12, 2016 | May 6, 2026 |