| | CVE-2016-1352 |  Cisco | critical | 9.8 | 0.4%
| | Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earlier allows remote attackers to… | Apr 14, 2016 | May 6, 2026 |
| | CVE-2015-5343 |  Apache | high | 7.6 | 19.1%
| | Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x… | Apr 14, 2016 | May 6, 2026 |
| | CVE-2016-2076 |  VMware | high | 7.6 | 0.4%
| | Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vC… | Apr 15, 2016 | May 6, 2026 |
| | CVE-2015-5348 | Apache | high | 8.1 | 6.8%
| | Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) ca… | Apr 15, 2016 | May 6, 2026 |
| | CVE-2016-1339 | Cisco | high | 7.8 | 0.2%
| | Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A, and 3.0(2c)TS9 allows lo… | Apr 16, 2016 | May 6, 2026 |
| | CVE-2016-1340 | Cisco | high | 8.4 | 0.1%
| | Heap-based buffer overflow in Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(… | Apr 16, 2016 | May 6, 2026 |
| | CVE-2015-1776 | Apache | medium | 6.2 | 0.1%
| | Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with… | Apr 19, 2016 | May 6, 2026 |
| | CVE-2016-2003 |  HPE | critical | 9.8 | 1.1%
| | HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x… | Apr 20, 2016 | May 6, 2026 |
| | CVE-2015-6360 | Cisco | high | 7.5 | 18.5%
| | The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a d… | Apr 21, 2016 | May 6, 2026 |
| | CVE-2016-1364 | Cisco | high | 7.5 | 0.5%
| | Cisco Wireless LAN Controller (WLC) Software 7.4 before 7.4.130.0(MD) and 7.5, 7.6, and 8.0 before 8… | Apr 21, 2016 | May 6, 2026 |
| | CVE-2016-2004 | HPE | critical | 9.8 | 92.7%
| | HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to e… | Apr 21, 2016 | May 6, 2026 |
| | CVE-2016-2005 | HPE | critical | 9.8 | 47.3%
| | HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to … | Apr 21, 2016 | May 6, 2026 |
| | CVE-2016-2006 | HPE | critical | 9.8 | 47.3%
| | HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to … | Apr 21, 2016 | May 6, 2026 |
| | CVE-2016-2007 | HPE | critical | 9.8 | 47.3%
| | HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to … | Apr 21, 2016 | May 6, 2026 |
| | CVE-2016-2008 | HPE | critical | 9.8 | 13.2%
| | HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to … | Apr 21, 2016 | May 6, 2026 |
| | CVE-2016-3427 | Apache | critical | 9.8 | 94.0%
| ⚠ KEV | Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRocki… | Apr 21, 2016 | Apr 22, 2026 |
| | CVE-2016-3081 | Apache | high | 8.1 | 94.0%
| | Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invo… | Apr 26, 2016 | May 6, 2026 |
| | CVE-2016-3082 | Apache | critical | 9.8 | 24.6%
| | XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.2… | Apr 26, 2016 | May 6, 2026 |
| | CVE-2016-1386 | Cisco | high | 7.5 | 0.2%
| | The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0(1) all… | Apr 28, 2016 | May 6, 2026 |
| | CVE-2016-1389 | Cisco | high | 7.4 | 0.2%
| | Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6 allows remote attackers to red… | Apr 28, 2016 | May 6, 2026 |
| | CVE-2016-4349 | Cisco | high | 7.8 | 0.3%
| | Untrusted search path vulnerability in Cisco WebEx Productivity Tools 2.40.5001.10012 allows local u… | Apr 28, 2016 | May 6, 2026 |
| | CVE-2016-1343 | Cisco | critical | 10.0 | 0.6%
| | The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files… | Apr 30, 2016 | May 6, 2026 |
| | CVE-2016-2107 | HPE | medium | 5.9 | 80.0%
| | The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory … | May 5, 2016 | May 6, 2026 |
| | CVE-2016-2167 | Apache | medium | 6.8 | 1.0%
| | The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1… | May 5, 2016 | May 6, 2026 |
| | CVE-2016-2168 | Apache | medium | 6.5 | 7.4%
| | The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion b… | May 5, 2016 | May 6, 2026 |
| | CVE-2016-4534 |  Trellix | low | 3.0 | 2.4%
| | The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 11235… | May 5, 2016 | May 6, 2026 |
| | CVE-2016-4535 | Trellix | high | 7.5 | 10.4%
| | Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows r… | May 5, 2016 | May 6, 2026 |
| | CVE-2016-1368 | Cisco | high | 7.5 | 0.2%
| | Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x through 5.4.0.3 on FirePOWER 7000 an… | May 5, 2016 | May 6, 2026 |
| | CVE-2016-1369 | Cisco | high | 7.5 | 0.5%
| | The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module for … | May 5, 2016 | May 6, 2026 |
| | CVE-2016-1373 | Cisco | high | 8.6 | 0.2%
| | The gadgets-integration API in Cisco Finesse 8.5(1) through 8.5(5), 8.6(1), 9.0(1), 9.0(2), 9.1(1), … | May 5, 2016 | May 6, 2026 |
| | CVE-2016-1387 | Cisco | critical | 9.8 | 1.4%
| | The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 an… | May 5, 2016 | May 6, 2026 |
| | CVE-2016-1392 | Cisco | high | 7.4 | 0.2%
| | Open redirect vulnerability in Cisco Prime Collaboration Assurance Software 10.5 through 11.0 allows… | May 5, 2016 | May 6, 2026 |
| | CVE-2016-2009 | HPE | high | 8.8 | 1.1%
| | HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticat… | May 7, 2016 | May 6, 2026 |
| | CVE-2016-2010 | HPE | medium | 5.4 | 0.2%
| | Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25… | May 7, 2016 | May 6, 2026 |
| | CVE-2016-2011 | HPE | medium | 5.4 | 0.2%
| | Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25… | May 7, 2016 | May 6, 2026 |
| | CVE-2016-2012 | HPE | medium | 6.5 | 0.2%
| | HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers t… | May 7, 2016 | May 6, 2026 |
| | CVE-2016-2013 | HPE | medium | 6.5 | 0.3%
| | HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticat… | May 7, 2016 | May 6, 2026 |
| | CVE-2016-2014 | HPE | high | 8.1 | 0.3%
| | HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticat… | May 7, 2016 | May 6, 2026 |
| | CVE-2015-5207 | Apache | medium | 5.3 | 0.1%
| | Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism… | May 9, 2016 | May 6, 2026 |
| | CVE-2015-5208 | Apache | medium | 4.4 | 1.8%
| | Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link. | May 9, 2016 | May 6, 2026 |
| | CVE-2016-0126 |  Microsoft | high | 7.8 | 30.0%
| | Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code v… | May 11, 2016 | May 6, 2026 |
| | CVE-2016-0140 | Microsoft | high | 7.8 | 36.0%
| | Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, … | May 11, 2016 | May 6, 2026 |
| | CVE-2016-0149 | Microsoft | medium | 5.9 | 15.8%
| | Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows man-in-the-middl… | May 11, 2016 | May 6, 2026 |
| | CVE-2016-0183 | Microsoft | high | 8.8 | 40.4%
| | The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, Word Automation Services on Sh… | May 11, 2016 | May 6, 2026 |
| | CVE-2016-0186 | Microsoft | high | 7.5 | 21.8%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | May 11, 2016 | May 6, 2026 |
| | CVE-2016-0187 | Microsoft | high | 7.5 | 20.5%
| | The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in Internet Explorer 9 through 1… | May 11, 2016 | May 6, 2026 |
| | CVE-2016-0188 | Microsoft | high | 8.8 | 32.7%
| | The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11… | May 11, 2016 | May 6, 2026 |
| | CVE-2016-0189 | Microsoft | high | 7.5 | 90.8%
| ⚠ KEV | The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 t… | May 11, 2016 | Apr 22, 2026 |
| | CVE-2016-0191 | Microsoft | high | 7.5 | 18.3%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | May 11, 2016 | May 6, 2026 |
| | CVE-2016-0192 | Microsoft | high | 7.5 | 29.9%
| | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitr… | May 11, 2016 | May 6, 2026 |