| | CVE-2020-16933 |  Microsoft | high | 7.0 | 4.4%
| | <p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to proper… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16934 | Microsoft | high | 7.0 | 3.8%
| | <p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16937 | Microsoft | medium | 4.7 | 11.5%
| | <p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16941 | Microsoft | medium | 4.1 | 0.3%
| | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly disclo… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16942 | Microsoft | medium | 4.1 | 0.3%
| | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly disclo… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16943 | Microsoft | medium | 6.5 | 0.6%
| | <p>An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthentic… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16944 | Microsoft | high | 8.7 | 0.6%
| | <p>This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafte… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16945 | Microsoft | high | 8.7 | 0.5%
| | <p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not prope… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16946 | Microsoft | high | 8.7 | 0.6%
| | <p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not prope… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16947 | Microsoft | high | 7.5 | 45.4%
| | <p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fail… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16948 | Microsoft | medium | 6.5 | 17.4%
| | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16949 | Microsoft | medium | 4.7 | 7.5%
| | <p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16950 | Microsoft | medium | 5.0 | 20.9%
| | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16951 | Microsoft | high | 8.6 | 1.8%
| | <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to c… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16952 | Microsoft | high | 8.6 | 78.6%
| | <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to c… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16953 | Microsoft | medium | 6.5 | 23.4%
| | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16954 | Microsoft | high | 7.8 | 13.8%
| | <p>A remote code execution vulnerability exists in Microsoft Office software when the software fails… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16955 | Microsoft | high | 7.8 | 10.9%
| | <p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16956 | Microsoft | medium | 5.4 | 0.7%
| | <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not pr… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16957 | Microsoft | high | 7.8 | 9.7%
| | <p>A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16969 | Microsoft | high | 7.1 | 0.9%
| | <p>An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when ha… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16977 | Microsoft | high | 7.0 | 5.9%
| | <p>A remote code execution vulnerability exists in Visual Studio Code when the Python extension load… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16978 | Microsoft | medium | 5.4 | 0.7%
| | <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not pr… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-16995 | Microsoft | high | 7.8 | 0.5%
| | <p>An elevation of privilege vulnerability exists in Network Watcher Agent virtual machine extension… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-17003 | Microsoft | high | 7.8 | 12.5%
| | <p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles … | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-17023 | Microsoft | high | 7.8 | 18.0%
| | <p>A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into op… | Oct 16, 2020 | Feb 23, 2026 |
| | CVE-2020-8177 |  Splunk | high | 7.8 | 0.0%
| | curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resour… | Dec 14, 2020 | Apr 15, 2026 |
| | CVE-2020-8284 | Splunk | low | 3.7 | 0.1%
| | A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting ba… | Dec 14, 2020 | Apr 16, 2026 |
| | CVE-2020-8285 | Splunk | high | 7.5 | 0.7%
| | curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow … | Dec 14, 2020 | Apr 16, 2026 |
| | CVE-2021-23840 |  Tenable | high | 7.5 | 0.6%
| | Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length ar… | Feb 16, 2021 | Apr 16, 2026 |
| | CVE-2021-1730 | Microsoft | medium | 5.4 | 2.0%
| | <p>A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that… | Feb 25, 2021 | Feb 24, 2026 |
| | CVE-2021-24105 | Microsoft | high | 8.4 | 0.7%
| | <p>Depending on configuration of various package managers it is possible for an attacker to insert a… | Feb 25, 2021 | Feb 24, 2026 |
| | CVE-2020-7346 |  Trellix | high | 7.8 | 0.1%
| | Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.10… | Mar 23, 2021 | Feb 23, 2026 |
| | CVE-2021-29156 |  ForgeRock | high | 7.5 | — | | ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger protocol. For example, an una… | Mar 25, 2021 | Nov 21, 2024 |
| | CVE-2021-22898 | Splunk | low | 3.1 | 0.1%
| | curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, kn… | Jun 11, 2021 | Apr 16, 2026 |
| | CVE-2021-31838 | Trellix | high | 8.4 | 2.9%
| | A command injection vulnerability in MVISION EDR (MVEDR) prior to 3.4.0 allows an authenticated MVED… | Jun 29, 2021 | Feb 24, 2026 |
| | CVE-2021-35971 |  Veeam | critical | 9.8 | — | | Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mish… | Jun 30, 2021 | Nov 21, 2024 |
| | CVE-2021-35464 | ForgeRock | critical | 9.8 | — | | ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession para… | Jul 22, 2021 | Nov 5, 2025 |
| | CVE-2021-22922 | Splunk | medium | 6.5 | 0.1%
| | When curl is instructed to download content using the metalink feature, thecontents is verified agai… | Aug 5, 2021 | Apr 16, 2026 |
| | CVE-2021-22925 | Splunk | medium | 5.3 | 0.4%
| | curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely … | Aug 5, 2021 | Apr 16, 2026 |
| | CVE-2021-39270 | ForgeRock | high | 7.5 | — | | In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur. | Aug 18, 2021 | Nov 21, 2024 |
| | CVE-2021-3712 | Tenable | high | 7.4 | 0.4%
| | ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a… | Aug 24, 2021 | Apr 16, 2026 |
| | CVE-2021-37153 | ForgeRock | critical | 9.8 | — | | ForgeRock Access Management (AM) before 7.0.2, when configured with Active Directory as the Identity… | Aug 25, 2021 | Nov 21, 2024 |
| | CVE-2021-37154 | ForgeRock | critical | 9.8 | — | | In ForgeRock Access Management (AM) before 7.0.2, the SAML2 implementation allows XML injection, pot… | Aug 25, 2021 | Nov 21, 2024 |
| | CVE-2021-31843 | Trellix | high | 7.3 | 0.0%
| | Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7… | Sep 17, 2021 | Feb 24, 2026 |
| | CVE-2021-31923 | ForgeRock | medium | 5.3 | — | | Ping Identity PingAccess before 5.3.3 allows HTTP request smuggling via header manipulation. | Sep 24, 2021 | Nov 21, 2024 |
| | CVE-2021-40329 | ForgeRock | critical | 9.8 | — | | The Authentication API in Ping Identity PingFederate before 10.3 mishandles certain aspects of exter… | Sep 27, 2021 | Nov 21, 2024 |
| | CVE-2021-22946 | Splunk | high | 7.5 | 0.1%
| | A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to… | Sep 29, 2021 | Apr 16, 2026 |
| | CVE-2021-22947 | Splunk | medium | 5.9 | 0.3%
| | When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS… | Sep 29, 2021 | Apr 16, 2026 |
| | CVE-2021-41770 | ForgeRock | high | 7.5 | — | | Ping Identity PingFederate before 10.3.1 mishandles pre-parsing validation, leading to an XXE attack… | Oct 7, 2021 | Nov 21, 2024 |