| | CVE-2016-9203 |  Cisco | high | 7.5 | 1.8%
| | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Soft… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9202 | Cisco | medium | 6.1 | 0.3%
| | A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switch… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9200 | Cisco | medium | 6.1 | 0.3%
| | A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unau… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9199 | Cisco | medium | 6.5 | 0.9%
| | A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authent… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9198 | Cisco | high | 7.5 | 1.6%
| | A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9193 | Cisco | high | 7.5 | 0.4%
| | A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management … | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9192 | Cisco | high | 7.8 | 31.1%
| | A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated,… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6471 | Cisco | medium | 6.5 | 0.4%
| | A vulnerability in the web-based management interface of Cisco Firepower Management Center running F… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6470 | Cisco | high | 7.8 | 0.1%
| | A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authe… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6469 | Cisco | high | 7.5 | 1.0%
| | A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could al… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6468 | Cisco | high | 8.8 | 0.3%
| | A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an un… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6467 | Cisco | high | 7.5 | 1.8%
| | A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6465 | Cisco | medium | 4.3 | 0.2%
| | A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Sec… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6464 | Cisco | high | 7.5 | 1.4%
| | A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and P… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6449 | Cisco | high | 7.8 | 0.1%
| | A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connec… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-1411 | Cisco | medium | 5.9 | 0.2%
| | A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appli… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-8740 |  Apache | high | 7.5 | 68.3%
| | The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configurati… | Dec 5, 2016 | May 6, 2026 |
| | CVE-2016-2887 |  Microsoft | high | 8.1 | 0.2%
| | IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .NET allows remote authenticated… | Nov 30, 2016 | May 6, 2026 |
| | CVE-2016-1247 |  F5 | high | 7.8 | 9.8%
| | The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6… | Nov 29, 2016 | May 6, 2026 |
| | CVE-2016-5393 | Apache | high | 8.8 | 2.6%
| | In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with … | Nov 29, 2016 | May 6, 2026 |
| | CVE-2016-6472 | Cisco | medium | 6.1 | 0.3%
| | A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager (Cal… | Nov 19, 2016 | May 6, 2026 |
| | CVE-2016-6466 | Cisco | high | 7.5 | 0.8%
| | A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an un… | Nov 19, 2016 | May 6, 2026 |
| | CVE-2016-6460 | Cisco | high | 7.5 | 0.2%
| | A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST A… | Nov 19, 2016 | May 6, 2026 |
| | CVE-2016-6459 | Cisco | medium | 5.5 | 0.6%
| | Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could all… | Nov 19, 2016 | May 6, 2026 |
| | CVE-2016-6457 | Cisco | medium | 6.5 | 0.4%
| | A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infras… | Nov 19, 2016 | May 6, 2026 |
| | CVE-2016-7254 | Microsoft | high | 8.8 | 16.6%
| | Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointe… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7253 | Microsoft | high | 8.8 | 18.2%
| | The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7252 | Microsoft | medium | 6.5 | 19.7%
| | Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7251 | Microsoft | medium | 6.1 | 7.6%
| | Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote a… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7250 | Microsoft | high | 8.8 | 16.6%
| | Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7249 | Microsoft | high | 8.8 | 16.6%
| | Microsoft SQL Server 2016 does not properly perform a cast of an unspecified pointer, which allows r… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7245 | Microsoft | high | 7.8 | 30.0%
| | Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, and Office 2016 all… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7244 | Microsoft | medium | 5.5 | 16.7%
| | Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service (application hang) vi… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7243 | Microsoft | high | 7.5 | 17.2%
| | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrar… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7242 | Microsoft | high | 7.5 | 15.2%
| | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrar… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7241 | Microsoft | high | 7.5 | 63.8%
| | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7240 | Microsoft | high | 7.5 | 73.6%
| | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrar… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7239 | Microsoft | low | 3.1 | 13.5%
| | The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge all… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7236 | Microsoft | high | 7.8 | 44.1%
| | Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint S… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7235 | Microsoft | high | 7.8 | 30.0%
| | Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, and Offi… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7234 | Microsoft | high | 7.8 | 48.4%
| | Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7233 | Microsoft | medium | 6.5 | 14.6%
| | Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Vie… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7232 | Microsoft | high | 7.8 | 40.6%
| | Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, and Office Compatibility Pac… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7231 | Microsoft | high | 7.8 | 30.0%
| | Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow … | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7230 | Microsoft | high | 7.8 | 26.9%
| | Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps 2010 SP2 allow remote attacker… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7229 | Microsoft | high | 7.8 | 29.0%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for M… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7228 | Microsoft | high | 7.8 | 31.6%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for M… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7227 | Microsoft | low | 3.1 | 16.1%
| | The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote at… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7213 | Microsoft | high | 7.8 | 29.0%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for M… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7209 | Microsoft | medium | 5.3 | 6.8%
| | Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft E… | Nov 10, 2016 | May 6, 2026 |