| | CVE-2017-6167 | F5 | high | 7.5 | 0.3%
| | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software vers… | Dec 21, 2017 | May 13, 2026 |
| | CVE-2017-5641 | Apache | critical | 9.8 | 48.5%
| | Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allow… | Dec 28, 2017 | May 13, 2026 |
| | CVE-2017-8046 | VMware | critical | 9.8 | 72.8%
| | Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingall… | Jan 4, 2018 | Jun 26, 2026 |
| | CVE-2017-5753 | VMware | medium | 5.6 | 94.3%
| | Systems with microprocessors utilizing speculative execution and branch prediction may allow unautho… | Jan 4, 2018 | May 28, 2026 |
| | CVE-2017-12626 | Apache | high | 7.5 | 1.3%
| | Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinit… | Jan 29, 2018 | May 28, 2026 |
| | CVE-2018-7272 | ForgeRock | medium | 6.5 | — | | The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part of the URL, which allows att… | Feb 21, 2018 | Nov 21, 2024 |
| | CVE-2017-12174 | Apache | high | 7.5 | 6.0%
| | It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroup… | Mar 7, 2018 | Jun 15, 2026 |
| | CVE-2018-0147 | Cisco | critical | 9.8 | 4.0%
| ⚠ KEV | A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to re… | Mar 8, 2018 | Jan 14, 2026 |
| | CVE-2018-1000134 | ForgeRock | critical | 9.8 | — | | UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904… | Mar 16, 2018 | Nov 21, 2024 |
| | CVE-2018-1273 | Apache | critical | 9.8 | 95.6%
| ⚠ KEV | Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions… | Apr 11, 2018 | Jun 26, 2026 |
| | CVE-2018-1274 | VMware | high | 7.5 | 2.0%
| | Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain… | Apr 18, 2018 | Jun 26, 2026 |
| | CVE-2018-1259 | VMware | high | 7.5 | 5.0%
| | Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with… | May 11, 2018 | Jun 26, 2026 |
| | CVE-2018-0296 | Cisco | high | 7.5 | 94.4%
| ⚠ KEV | A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an u… | Jun 7, 2018 | Jan 14, 2026 |
| | CVE-2018-14634 | F5 | high | 7.8 | 25.7%
| ⚠ KEV | An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileg… | Sep 25, 2018 | Jan 27, 2026 |
| | CVE-2019-7317 | HPE | medium | 5.3 | 0.6%
| | png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_fu… | Feb 4, 2019 | May 28, 2026 |
| | CVE-2019-11569 | Veeam | high | 8.8 | — | | Veeam ONE Reporter 9.5.0.3201 allows CSRF. | May 6, 2019 | Nov 21, 2024 |
| | CVE-2019-5436 | F5 | high | 7.8 | 13.3%
| | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libc… | May 28, 2019 | Apr 15, 2026 |
| | CVE-2017-14394 | ForgeRock | medium | 6.1 | — | | OAuth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Mana… | Jun 19, 2019 | Nov 21, 2024 |
| | CVE-2017-14395 | ForgeRock | medium | 6.1 | — | | Auth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Manag… | Jun 19, 2019 | Nov 21, 2024 |
| | CVE-2019-13564 | ForgeRock | medium | 6.1 | — | | XSS exists in Ping Identity Agentless Integration Kit before 1.5. | Jul 11, 2019 | Nov 21, 2024 |
| | CVE-2019-14297 | Veeam | medium | 5.4 | — | | Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to set… | Jul 27, 2019 | Nov 21, 2024 |
| | CVE-2019-14298 | Veeam | medium | 5.4 | — | | Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or … | Jul 27, 2019 | Nov 21, 2024 |
| | CVE-2019-3800 | ForgeRock | medium | 6.3 | — | | CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its… | Aug 5, 2019 | Nov 21, 2024 |
| | CVE-2019-1030 | Microsoft | medium | 4.3 | 17.8%
| | An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly han… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1131 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1133 | Microsoft | high | 7.5 | 4.0%
| | A remote code execution vulnerability exists in the way that the scripting engine handles objects in… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1139 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1140 | Microsoft | high | 8.8 | 4.7%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1141 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1148 | Microsoft | medium | 5.5 | 4.2%
| | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component imprope… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1149 | Microsoft | high | 8.8 | 31.9%
| | A remote code execution vulnerability exists when the Windows font library improperly handles specia… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1151 | Microsoft | high | 8.8 | 28.4%
| | A remote code execution vulnerability exists when the Windows font library improperly handles specia… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1153 | Microsoft | medium | 5.5 | 2.8%
| | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component imprope… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1155 | Microsoft | high | 7.8 | 9.7%
| | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1161 | Microsoft | high | 7.1 | 0.6%
| | An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file delet… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1192 | Microsoft | medium | 4.3 | 2.4%
| | A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1193 | Microsoft | medium | 6.4 | 1.4%
| | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in me… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1194 | Microsoft | high | 7.5 | 2.5%
| | A remote code execution vulnerability exists in the way that the scripting engine handles objects in… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1195 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1196 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1197 | Microsoft | medium | 4.2 | 1.3%
| | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1199 | Microsoft | high | 7.8 | 6.9%
| | A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properl… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1200 | Microsoft | high | 7.8 | 7.4%
| | A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1201 | Microsoft | high | 7.8 | 11.3%
| | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1202 | Microsoft | medium | 4.4 | 0.6%
| | An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objec… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1203 | Microsoft | medium | 5.4 | 0.4%
| | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1204 | Microsoft | medium | 4.3 | 8.6%
| | An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incomi… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1205 | Microsoft | critical | 9.8 | 9.5%
| | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1211 | Microsoft | high | 7.3 | 0.4%
| | An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses co… | Aug 14, 2019 | Feb 20, 2026 |
| | CVE-2019-1218 | Microsoft | medium | 5.4 | 5.8%
| | A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafte… | Aug 14, 2019 | Feb 20, 2026 |