| | CVE-2016-6374 |  Cisco | critical | 9.8 | 5.6%
| | Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote attackers to execute arbitrary code via a… | Sep 22, 2016 | May 6, 2026 |
| | CVE-2016-6373 | Cisco | high | 7.2 | 0.8%
| | The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote authenticated admini… | Sep 22, 2016 | May 6, 2026 |
| | CVE-2016-4464 |  Apache | critical | 9.8 | 2.1%
| | The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match S… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-6801 | Apache | high | 8.8 | 0.4%
| | Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav … | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-5017 | Apache | high | 8.1 | 6.1%
| | Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when usi… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4969 |  Fortinet | medium | 6.1 | 0.7%
| | Cross-site scripting (XSS) vulnerability in Fortinet FortiWan (formerly AscernLink) before 4.2.5 all… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4968 | Fortinet | medium | 6.5 | 3.5%
| | The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows … | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4967 | Fortinet | medium | 6.5 | 1.9%
| | Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to obtain sen… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4966 | Fortinet | medium | 6.5 | 2.3%
| | The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4965 | Fortinet | high | 8.8 | 7.7%
| | Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with access t… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4384 |  HPE | high | 8.6 | 2.9%
| | HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a de… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4382 | HPE | high | 8.3 | 0.2%
| | HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass inten… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2015-8960 |  Microsoft | high | 8.1 | 0.3%
| | The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-6802 | Apache | high | 7.5 | 13.5%
| | Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by lev… | Sep 20, 2016 | May 6, 2026 |
| | CVE-2016-1483 | Cisco | high | 7.5 | 0.5%
| | Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumptio… | Sep 19, 2016 | May 6, 2026 |
| | CVE-2016-6405 | Cisco | medium | 6.5 | 0.2%
| | Cisco Fog Director 1.0(0) for IOx allows remote authenticated users to bypass intended access restri… | Sep 18, 2016 | May 6, 2026 |
| | CVE-2016-6402 | Cisco | high | 7.8 | 0.1%
| | UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d… | Sep 18, 2016 | May 6, 2026 |
| | CVE-2016-1482 | Cisco | high | 8.1 | 1.4%
| | Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting t… | Sep 17, 2016 | May 6, 2026 |
| | CVE-2016-6407 | Cisco | high | 7.5 | 0.7%
| | Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to c… | Sep 17, 2016 | May 6, 2026 |
| | CVE-2016-6401 | Cisco | medium | 5.3 | 0.3%
| | Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 an… | Sep 17, 2016 | May 6, 2026 |
| | CVE-2016-2182 | HPE | critical | 9.8 | 29.2%
| | The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate di… | Sep 16, 2016 | May 6, 2026 |
| | CVE-2016-3381 | Microsoft | high | 7.8 | 20.0%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Comp… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3379 | Microsoft | medium | 6.1 | 7.6%
| | Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3378 | Microsoft | high | 7.4 | 3.1%
| | Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 C… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3377 | Microsoft | high | 7.5 | 15.9%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3375 | Microsoft | high | 7.5 | 21.6%
| | The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through … | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3374 | Microsoft | medium | 6.5 | 32.3%
| | The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3370 | Microsoft | medium | 6.5 | 15.5%
| | The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3367 | Microsoft | high | 8.8 | 19.7%
| | StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not properly allocate memory for st… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3366 | Microsoft | medium | 6.5 | 10.4%
| | Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, a… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3365 | Microsoft | high | 7.8 | 19.0%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Comp… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3364 | Microsoft | high | 7.8 | 19.3%
| | Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka "… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3363 | Microsoft | high | 7.8 | 27.6%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Comp… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3362 | Microsoft | high | 7.8 | 19.8%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Comp… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3361 | Microsoft | high | 7.8 | 19.8%
| | Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary code via a crafted document, a… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3360 | Microsoft | high | 7.8 | 17.4%
| | Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, PowerPoint 2013 RT SP1, Pow… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3359 | Microsoft | high | 7.8 | 19.8%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remo… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3358 | Microsoft | high | 7.8 | 28.6%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 … | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3357 | Microsoft | high | 7.8 | 32.4%
| | Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word f… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3353 | Microsoft | high | 8.3 | 11.3%
| | Microsoft Internet Explorer 9 through 11 mishandles .url files from the Internet zone, which allows … | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3351 | Microsoft | medium | 6.5 | 40.3%
| ⚠ KEV | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensiti… | Sep 14, 2016 | Apr 22, 2026 |
| | CVE-2016-3350 | Microsoft | high | 7.5 | 15.9%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3330 | Microsoft | high | 7.5 | 15.9%
| | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memor… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3325 | Microsoft | low | 3.1 | 24.3%
| | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive informa… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3324 | Microsoft | high | 8.8 | 11.7%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3297 | Microsoft | high | 8.8 | 18.1%
| | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitr… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3295 | Microsoft | high | 7.5 | 21.4%
| | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3294 | Microsoft | high | 7.5 | 15.9%
| | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memor… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3292 | Microsoft | medium | 5.0 | 6.1%
| | Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows … | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3291 | Microsoft | low | 2.4 | 1.8%
| | Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remo… | Sep 14, 2016 | May 6, 2026 |