| | CVE-2016-3329 |  Microsoft | medium | 5.3 | 32.7%
| | Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence … | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3327 | Microsoft | medium | 5.3 | 32.7%
| | Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive informa… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3326 | Microsoft | medium | 5.3 | 16.8%
| | Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive informa… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3322 | Microsoft | high | 7.5 | 23.9%
| | Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a craft… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3321 | Microsoft | low | 2.5 | 28.7%
| | Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depend… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3319 | Microsoft | high | 7.0 | 37.2%
| | The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511,… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3318 | Microsoft | high | 7.8 | 30.0%
| | Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allow remote attackers to execute arb… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3317 | Microsoft | high | 7.8 | 30.0%
| | Microsoft Office 2010 SP2, Word 2007 SP3, Word 2010 SP2, Word for Mac 2011, Word 2016 for Mac, and W… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3316 | Microsoft | high | 7.8 | 50.3%
| | Microsoft Word 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to execute arbit… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3315 | Microsoft | medium | 5.5 | 34.7%
| | Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote att… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3313 | Microsoft | high | 7.8 | 50.3%
| | Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, Word 2016 for Mac, and Word Vi… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3304 | Microsoft | high | 7.8 | 53.0%
| | The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3303 | Microsoft | high | 7.8 | 53.0%
| | The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3301 | Microsoft | high | 7.8 | 53.6%
| | The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3296 | Microsoft | high | 7.5 | 23.6%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3293 | Microsoft | high | 7.5 | 17.8%
| | Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code v… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3290 | Microsoft | high | 7.5 | 14.0%
| | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web p… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3289 | Microsoft | high | 7.5 | 17.8%
| | Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a craft… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-3288 | Microsoft | high | 7.5 | 34.1%
| | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web p… | Aug 9, 2016 | May 6, 2026 |
| | CVE-2016-5331 |  VMware | medium | 6.1 | 0.3%
| | CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 and ESXi 6.0 allows remote attac… | Aug 8, 2016 | May 6, 2026 |
| | CVE-2016-5330 | VMware | high | 7.8 | 25.5%
| | Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 … | Aug 8, 2016 | May 6, 2026 |
| | CVE-2016-4374 |  HPE | high | 7.7 | 0.2%
| | HPE Release Control (RC) 9.13, 9.20, and 9.21 before 9.21.0005 p4 allows remote authenticated users … | Aug 8, 2016 | May 6, 2026 |
| | CVE-2016-1474 |  Cisco | medium | 4.3 | 0.2%
| | Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IFRAME elements, which makes it … | Aug 8, 2016 | May 6, 2026 |
| | CVE-2016-1468 | Cisco | high | 8.8 | 1.5%
| | The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 … | Aug 8, 2016 | May 6, 2026 |
| | CVE-2016-1466 | Cisco | high | 7.5 | 0.7%
| | Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10… | Aug 8, 2016 | May 6, 2026 |
| | CVE-2016-0782 |  Apache | medium | 5.4 | 1.2%
| | The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.… | Aug 5, 2016 | May 6, 2026 |
| | CVE-2016-5000 | Apache | medium | 5.5 | 0.3%
| | The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a… | Aug 5, 2016 | May 6, 2026 |
| | CVE-2016-1513 | Apache | high | 7.8 | 1.1%
| | The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of… | Aug 5, 2016 | May 6, 2026 |
| | CVE-2016-1238 | Apache | high | 7.8 | 0.3%
| | (1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep,… | Aug 2, 2016 | May 6, 2026 |
| | CVE-2016-4373 | HPE | critical | 9.8 | 1.8%
| | The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote… | Aug 1, 2016 | May 6, 2026 |
| | CVE-2016-1461 | Cisco | high | 7.5 | 0.8%
| | Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers to… | Aug 1, 2016 | May 6, 2026 |
| | CVE-2016-5005 | Apache | medium | 4.8 | 0.5%
| | Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and earlier allows remote authentic… | Jul 28, 2016 | May 6, 2026 |
| | CVE-2016-4469 | Apache | high | 8.8 | 0.8%
| | Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow… | Jul 28, 2016 | May 6, 2026 |
| | CVE-2016-1467 | Cisco | medium | 6.5 | 0.2%
| | Cisco Videoscape Session Resource Manager (VSRM) allows remote attackers to cause a denial of servic… | Jul 28, 2016 | May 6, 2026 |
| | CVE-2016-1463 | Cisco | high | 7.5 | 0.7%
| | Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypas… | Jul 28, 2016 | May 6, 2026 |
| | CVE-2016-1462 | Cisco | medium | 6.1 | 0.5%
| | Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Prime Servic… | Jul 28, 2016 | May 6, 2026 |
| | CVE-2016-1460 | Cisco | medium | 6.5 | 0.3%
| | Cisco Wireless LAN Controller (WLC) devices 7.4(121.0) and 8.0(0.30220.385) allow remote attackers t… | Jul 28, 2016 | May 6, 2026 |
| | CVE-2016-1374 | Cisco | high | 8.8 | 0.8%
| | The web framework in Cisco Unified Computing System (UCS) Performance Manager 2.0.0 and earlier allo… | Jul 28, 2016 | May 6, 2026 |
| | CVE-2015-5738 |  F5 | high | 7.5 | 0.8%
| | The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II … | Jul 26, 2016 | May 6, 2026 |
| | CVE-2016-5388 | Apache | high | 8.1 | 36.8%
| | Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC… | Jul 19, 2016 | May 6, 2026 |
| | CVE-2016-5387 | Apache | high | 8.1 | 60.3%
| | The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect… | Jul 19, 2016 | May 6, 2026 |
| | CVE-2016-5385 | HPE | high | 8.1 | 81.3%
| | PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and theref… | Jul 19, 2016 | May 6, 2026 |
| | CVE-2016-1448 | Cisco | high | 8.8 | 0.1%
| | Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.7 allows remote att… | Jul 17, 2016 | May 6, 2026 |
| | CVE-2016-4372 | HPE | critical | 9.8 | 10.2%
| | HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC NTA … | Jul 15, 2016 | May 6, 2026 |
| | CVE-2016-1452 | Cisco | medium | 6.5 | 0.3%
| | Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuratio… | Jul 15, 2016 | May 6, 2026 |
| | CVE-2016-1451 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Serv… | Jul 15, 2016 | May 6, 2026 |
| | CVE-2016-1450 | Cisco | high | 7.5 | 0.7%
| | Cisco WebEx Meetings Server 2.6 allows remote authenticated users to conduct command-injection attac… | Jul 15, 2016 | May 6, 2026 |
| | CVE-2016-1449 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers … | Jul 15, 2016 | May 6, 2026 |
| | CVE-2016-1447 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Serv… | Jul 15, 2016 | May 6, 2026 |
| | CVE-2016-1446 | Cisco | high | 8.8 | 0.7%
| | SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to … | Jul 15, 2016 | May 6, 2026 |