| | CVE-2015-8611 |  F5 | critical | 9.8 | 3.6%
| | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 20… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2016-1715 |  Trellix | medium | 6.6 | 0.4%
| | The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before … | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-6117 |  Microsoft | medium | 6.1 | 1.2%
| | Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated u… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0002 | Microsoft | high | 7.5 | 47.2%
| | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Expl… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0003 | Microsoft | critical | 9.6 | 6.3%
| | Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Micro… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0005 | Microsoft | medium | 4.3 | 31.1%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy vi… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0010 | Microsoft | high | 7.8 | 53.9%
| | Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel … | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0011 | Microsoft | medium | 5.4 | 1.0%
| | Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated u… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0012 | Microsoft | medium | 4.3 | 10.6%
| | Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Offic… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0024 | Microsoft | high | 8.8 | 32.4%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0029 | Microsoft | medium | 6.1 | 1.3%
| | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0030 | Microsoft | medium | 6.1 | 1.2%
| | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0031 | Microsoft | medium | 6.1 | 1.2%
| | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0032 | Microsoft | medium | 6.1 | 1.2%
| | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0034 | Microsoft | high | 8.8 | 52.8%
| ⚠ KEV | Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows… | Jan 13, 2016 | Apr 22, 2026 |
| | CVE-2016-0035 | Microsoft | high | 7.8 | 24.4%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for M… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0777 |  HPE | medium | 6.5 | 67.2%
| | The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p… | Jan 14, 2016 | May 6, 2026 |
| | CVE-2015-6314 |  Cisco | critical | 9.8 | 1.1%
| | Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 befor… | Jan 15, 2016 | May 6, 2026 |
| | CVE-2015-6323 | Cisco | critical | 9.8 | 1.5%
| | The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before … | Jan 15, 2016 | May 6, 2026 |
| | CVE-2015-6863 | HPE | high | 7.3 | 2.5%
| | HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified i… | Jan 16, 2016 | May 6, 2026 |
| | CVE-2015-6864 | HPE | medium | 6.3 | 0.7%
| | HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via uns… | Jan 16, 2016 | May 6, 2026 |
| | CVE-2016-1293 | Cisco | medium | 6.1 | 0.2%
| | Multiple cross-site scripting (XSS) vulnerabilities in the Management Center in Cisco FireSIGHT Syst… | Jan 16, 2016 | May 6, 2026 |
| | CVE-2016-1294 | Cisco | medium | 6.1 | 0.2%
| | Cross-site scripting (XSS) vulnerability in the Management Center in Cisco FireSIGHT System Software… | Jan 16, 2016 | May 6, 2026 |
| | CVE-2016-1296 | Cisco | high | 7.5 | 0.4%
| | The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, a… | Jan 20, 2016 | May 6, 2026 |
| | CVE-2015-5516 | F5 | high | 7.5 | 1.6%
| | Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x … | Jan 20, 2016 | May 6, 2026 |
| | CVE-2015-6435 | Cisco | critical | 9.8 | 16.0%
| | An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Co… | Jan 22, 2016 | May 6, 2026 |
| | CVE-2015-6317 | Cisco | medium | 6.5 | 0.1%
| | Cisco Identity Services Engine (ISE) before 2.0 allows remote authenticated users to bypass intended… | Jan 23, 2016 | May 6, 2026 |
| | CVE-2015-6337 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enter… | Jan 26, 2016 | May 6, 2026 |
| | CVE-2016-1298 | Cisco | medium | 6.1 | 0.2%
| | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Express 10.0(1),… | Jan 26, 2016 | May 6, 2026 |
| | CVE-2015-6421 | Cisco | high | 7.5 | 0.5%
| | cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Vir… | Jan 27, 2016 | May 6, 2026 |
| | CVE-2016-1300 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Unity Connection (UC) 10.5(2.3009) allows remote a… | Jan 27, 2016 | May 6, 2026 |
| | CVE-2015-7521 |  Apache | high | 8.3 | 0.4%
| | The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters … | Jan 29, 2016 | May 6, 2026 |
| | CVE-2015-8772 | Trellix | critical | 9.1 | 0.5%
| | McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtai… | Jan 29, 2016 | May 6, 2026 |
| | CVE-2015-8773 | Trellix | high | 7.5 | 0.3%
| | Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protect… | Jan 29, 2016 | May 6, 2026 |
| | CVE-2016-1304 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 10.5(2.3009) allows remote attack… | Jan 30, 2016 | May 6, 2026 |
| | CVE-2016-1985 | HPE | critical | 10.0 | 2.4%
| | HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands … | Jan 30, 2016 | May 6, 2026 |
| | CVE-2016-2199 | Trellix | high | 8.8 | 0.1%
| | Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation mana… | Feb 1, 2016 | May 6, 2026 |
| | CVE-2015-5344 | Apache | critical | 9.8 | 5.0%
| | The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote atta… | Feb 3, 2016 | May 6, 2026 |
| | CVE-2016-1311 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the management interface in Cisco Jabber Guest Server 10… | Feb 6, 2016 | May 6, 2026 |
| | CVE-2016-1301 | Cisco | high | 8.8 | 0.3%
| | The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1(112) and Cisc… | Feb 7, 2016 | May 6, 2026 |
| | CVE-2016-1305 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enter… | Feb 7, 2016 | May 6, 2026 |
| | CVE-2016-1309 | Cisco | medium | 6.1 | 0.3%
| | Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meetings Server 2.5.1.5 allow rem… | Feb 7, 2016 | May 6, 2026 |
| | CVE-2016-0728 | HPE | high | 7.8 | 49.2%
| | The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 m… | Feb 8, 2016 | May 6, 2026 |
| | CVE-2015-3251 | Apache | medium | 4.9 | 0.2%
| | Apache CloudStack before 4.5.2 might allow remote authenticated administrators to obtain sensitive p… | Feb 8, 2016 | May 6, 2026 |
| | CVE-2015-3252 | Apache | critical | 9.8 | 1.9%
| | Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual m… | Feb 8, 2016 | May 6, 2026 |
| | CVE-2016-1316 | Cisco | medium | 5.3 | 0.2%
| | Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with J… | Feb 9, 2016 | May 6, 2026 |
| | CVE-2016-1318 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enter… | Feb 9, 2016 | May 6, 2026 |
| | CVE-2016-0022 | Microsoft | high | 7.8 | 29.9%
| | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016,… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0033 | Microsoft | high | 7.5 | 23.4%
| | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 does not prevent recursive compi… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0039 | Microsoft | medium | 6.1 | 1.5%
| | Cross-site scripting (XSS) vulnerability in SharePoint Server in Microsoft SharePoint Foundation 201… | Feb 10, 2016 | May 6, 2026 |