| | CVE-2017-5641 |  Apache | critical | 9.8 | 48.5%
| | Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allow… | Dec 28, 2017 | May 13, 2026 |
| | CVE-2018-7272 |  ForgeRock | medium | 6.5 | — | | The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part of the URL, which allows att… | Feb 21, 2018 | Nov 21, 2024 |
| | CVE-2018-0147 |  Cisco | critical | 9.8 | 4.0%
| ⚠ KEV | A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to re… | Mar 8, 2018 | Jan 14, 2026 |
| | CVE-2018-1000134 | ForgeRock | critical | 9.8 | — | | UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904… | Mar 16, 2018 | Nov 21, 2024 |
| | CVE-2018-0296 | Cisco | high | 7.5 | 94.4%
| ⚠ KEV | A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an u… | Jun 7, 2018 | Jan 14, 2026 |
| | CVE-2018-14634 |  F5 | high | 7.8 | 25.7%
| ⚠ KEV | An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileg… | Sep 25, 2018 | Jan 27, 2026 |
| | CVE-2019-11569 |  Veeam | high | 8.8 | — | | Veeam ONE Reporter 9.5.0.3201 allows CSRF. | May 6, 2019 | Nov 21, 2024 |
| | CVE-2019-5436 | F5 | high | 7.8 | 13.3%
| | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libc… | May 28, 2019 | Apr 15, 2026 |
| | CVE-2017-14394 | ForgeRock | medium | 6.1 | — | | OAuth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Mana… | Jun 19, 2019 | Nov 21, 2024 |
| | CVE-2017-14395 | ForgeRock | medium | 6.1 | — | | Auth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Manag… | Jun 19, 2019 | Nov 21, 2024 |
| | CVE-2019-13564 | ForgeRock | medium | 6.1 | — | | XSS exists in Ping Identity Agentless Integration Kit before 1.5. | Jul 11, 2019 | Nov 21, 2024 |
| | CVE-2019-14297 | Veeam | medium | 5.4 | — | | Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to set… | Jul 27, 2019 | Nov 21, 2024 |
| | CVE-2019-14298 | Veeam | medium | 5.4 | — | | Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or … | Jul 27, 2019 | Nov 21, 2024 |
| | CVE-2019-3800 | ForgeRock | medium | 6.3 | — | | CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its… | Aug 5, 2019 | Nov 21, 2024 |
| | CVE-2019-1030 |  Microsoft | medium | 4.3 | 17.8%
| | An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly han… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1131 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1133 | Microsoft | high | 7.5 | 4.0%
| | A remote code execution vulnerability exists in the way that the scripting engine handles objects in… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1139 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1140 | Microsoft | high | 8.8 | 4.7%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1141 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1148 | Microsoft | medium | 5.5 | 4.2%
| | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component imprope… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1149 | Microsoft | high | 8.8 | 31.9%
| | A remote code execution vulnerability exists when the Windows font library improperly handles specia… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1151 | Microsoft | high | 8.8 | 28.4%
| | A remote code execution vulnerability exists when the Windows font library improperly handles specia… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1153 | Microsoft | medium | 5.5 | 2.8%
| | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component imprope… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1155 | Microsoft | high | 7.8 | 9.7%
| | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1161 | Microsoft | high | 7.1 | 0.6%
| | An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file delet… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1192 | Microsoft | medium | 4.3 | 2.4%
| | A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1193 | Microsoft | medium | 6.4 | 1.4%
| | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in me… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1194 | Microsoft | high | 7.5 | 2.5%
| | A remote code execution vulnerability exists in the way that the scripting engine handles objects in… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1195 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1196 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1197 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1199 | Microsoft | high | 7.8 | 6.9%
| | A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properl… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1200 | Microsoft | high | 7.8 | 7.4%
| | A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1201 | Microsoft | high | 7.8 | 11.3%
| | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1202 | Microsoft | medium | 4.4 | 0.6%
| | An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objec… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1203 | Microsoft | medium | 5.4 | 0.4%
| | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1204 | Microsoft | medium | 4.3 | 8.6%
| | An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incomi… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1205 | Microsoft | critical | 9.8 | 9.5%
| | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1211 | Microsoft | high | 7.3 | 0.4%
| | An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses co… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1218 | Microsoft | medium | 5.4 | 5.8%
| | A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafte… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1229 | Microsoft | high | 8.8 | 9.4%
| | An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successful… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1258 | Microsoft | high | 8.8 | 10.6%
| | An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-B… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1429 | Microsoft | high | 7.5 | 83.0%
| ⚠ KEV | A remote code execution vulnerability exists in the way that the scripting engine handles objects in… | Nov 12, 2019 | Jan 14, 2026 |
| | CVE-2020-0618 | Microsoft | high | 8.8 | 94.3%
| ⚠ KEV | A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it inco… | Feb 11, 2020 | Jan 13, 2026 |
| | CVE-2018-11802 | Apache | medium | 4.3 | 0.2%
| | In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes … | Apr 1, 2020 | Apr 15, 2026 |
| | CVE-2020-0919 | Microsoft | high | 7.8 | 0.4%
| | An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an… | Apr 15, 2020 | Feb 12, 2026 |
| | CVE-2020-10914 | Veeam | critical | 9.8 | — | | This vulnerability allows remote attackers to execute arbitrary code on affected installations of VE… | Apr 22, 2020 | Nov 21, 2024 |
| | CVE-2020-10915 | Veeam | critical | 9.8 | — | | This vulnerability allows remote attackers to execute arbitrary code on affected installations of VE… | Apr 22, 2020 | Nov 21, 2024 |
| | CVE-2020-11022 |  Tenable | medium | 6.9 | 2.1%
| | In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sa… | Apr 29, 2020 | Apr 13, 2026 |