| | CVE-2016-0041 |  Microsoft | high | 7.8 | 58.3%
| | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0047 | Microsoft | high | 7.5 | 21.0%
| | WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attack… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0052 | Microsoft | high | 7.8 | 29.9%
| | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016,… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0053 | Microsoft | high | 7.8 | 31.2%
| | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016,… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0054 | Microsoft | high | 7.8 | 31.5%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for M… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0055 | Microsoft | high | 7.8 | 30.3%
| | Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted Office doc… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0056 | Microsoft | high | 7.8 | 24.7%
| | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016,… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0059 | Microsoft | medium | 4.3 | 14.0%
| | The Hyperlink Object Library in Microsoft Internet Explorer 9 through 11 allows remote attackers to … | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0060 | Microsoft | high | 8.8 | 29.9%
| | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitr… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0061 | Microsoft | high | 8.8 | 17.1%
| | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitr… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0062 | Microsoft | high | 8.8 | 17.1%
| | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0063 | Microsoft | high | 8.8 | 40.6%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0064 | Microsoft | high | 8.8 | 20.5%
| | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0067 | Microsoft | high | 8.8 | 20.5%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0071 | Microsoft | high | 8.8 | 20.5%
| | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0072 | Microsoft | high | 8.8 | 14.0%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0077 | Microsoft | medium | 4.3 | 9.4%
| | Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows re… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0080 | Microsoft | medium | 4.3 | 15.2%
| | Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote … | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0084 | Microsoft | high | 8.8 | 17.9%
| | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memor… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-0956 |  Apache | high | 7.5 | 13.3%
| | The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0,… | Feb 10, 2016 | May 6, 2026 |
| | CVE-2016-1320 |  Cisco | medium | 6.7 | 0.2%
| | The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS command… | Feb 12, 2016 | May 6, 2026 |
| | CVE-2016-1322 | Cisco | high | 7.5 | 0.4%
| | The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restr… | Feb 12, 2016 | May 6, 2026 |
| | CVE-2016-1323 | Cisco | medium | 4.3 | 0.2%
| | The REST interface in Cisco Spark 2015-06 allows remote authenticated users to obtain sensitive info… | Feb 12, 2016 | May 6, 2026 |
| | CVE-2016-1324 | Cisco | medium | 5.3 | 0.5%
| | The REST interface in Cisco Spark 2015-06 allows remote attackers to cause a denial of service (reso… | Feb 12, 2016 | May 6, 2026 |
| | CVE-2016-1986 |  HPE | critical | 9.8 | 1.3%
| | HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers to execute arbitrary commands v… | Feb 12, 2016 | May 6, 2026 |
| | CVE-2015-8795 | Apache | medium | 6.1 | 2.6%
| | Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow … | Feb 15, 2016 | May 6, 2026 |
| | CVE-2015-8796 | Apache | medium | 6.1 | 2.6%
| | Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI … | Feb 15, 2016 | May 6, 2026 |
| | CVE-2015-8797 | Apache | medium | 6.1 | 2.1%
| | Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in th… | Feb 15, 2016 | May 6, 2026 |
| | CVE-2016-0742 |  F5 | high | 7.5 | 78.8%
| | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial… | Feb 15, 2016 | May 6, 2026 |
| | CVE-2016-0746 | F5 | critical | 9.8 | 6.3%
| | Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 a… | Feb 15, 2016 | May 6, 2026 |
| | CVE-2016-0747 | F5 | medium | 5.3 | 20.0%
| | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution,… | Feb 15, 2016 | May 6, 2026 |
| | CVE-2015-7547 | F5 | high | 8.1 | 94.0%
| | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv … | Feb 18, 2016 | May 6, 2026 |
| | CVE-2016-0068 | Microsoft | high | 8.8 | 35.0%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy vi… | Feb 18, 2016 | May 6, 2026 |
| | CVE-2016-0069 | Microsoft | high | 8.8 | 38.0%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy vi… | Feb 18, 2016 | May 6, 2026 |
| | CVE-2016-1987 | HPE | medium | 5.9 | 2.2%
| | HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remo… | Feb 18, 2016 | May 6, 2026 |
| | CVE-2016-1335 | Cisco | high | 7.5 | 2.9%
| | The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 500… | Feb 19, 2016 | May 6, 2026 |
| | CVE-2015-5174 | Apache | medium | 4.3 | 3.7%
| | Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before… | Feb 25, 2016 | May 6, 2026 |
| | CVE-2015-5345 | Apache | medium | 5.3 | 43.3%
| | The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9… | Feb 25, 2016 | May 6, 2026 |
| | CVE-2015-5346 | Apache | high | 8.1 | 36.2%
| | Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before… | Feb 25, 2016 | May 6, 2026 |
| | CVE-2015-5351 | Apache | high | 8.8 | 2.3%
| | The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0… | Feb 25, 2016 | May 6, 2026 |
| | CVE-2016-0706 | Apache | medium | 4.3 | 1.5%
| | Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does … | Feb 25, 2016 | May 6, 2026 |
| | CVE-2016-0714 | Apache | high | 8.8 | 13.2%
| | The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x be… | Feb 25, 2016 | May 6, 2026 |
| | CVE-2016-0763 | Apache | medium | 6.3 | 0.3%
| | The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7… | Feb 25, 2016 | May 6, 2026 |
| | CVE-2016-1297 | Cisco | high | 8.8 | 0.6%
| | The Device Manager GUI in Cisco Application Control Engine (ACE) 4710 A5 before A5(3.1) allows remot… | Feb 26, 2016 | May 6, 2026 |
| | CVE-2016-1342 | Cisco | medium | 5.3 | 0.5%
| | The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attacke… | Feb 26, 2016 | May 6, 2026 |
| | CVE-2016-1353 | Cisco | medium | 5.3 | 0.5%
| | The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.3(0)… | Mar 1, 2016 | May 6, 2026 |
| | CVE-2016-1354 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 8.x b… | Mar 3, 2016 | May 6, 2026 |
| | CVE-2016-1355 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the Device Management UI in the management interface in … | Mar 3, 2016 | May 6, 2026 |
| | CVE-2015-0718 | Cisco | high | 7.5 | 6.0%
| | Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Comp… | Mar 3, 2016 | May 6, 2026 |
| | CVE-2016-1288 | Cisco | medium | 5.3 | 0.4%
| | The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security A… | Mar 3, 2016 | May 6, 2026 |