| | CVE-2016-5092 |  Fortinet | medium | 4.9 | 0.3%
| | Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 allows remote authenticated admi… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-4974 |  Apache | high | 7.5 | 2.1%
| | Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before 0.10.0 does not restrict the … | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-4066 | Fortinet | high | 8.8 | 0.1%
| | Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb before 5.5.3 allows remote atta… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3284 |  Microsoft | high | 7.8 | 30.0%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for M… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3283 | Microsoft | high | 7.8 | 30.0%
| | Microsoft Word Viewer allows remote attackers to execute arbitrary code via a crafted Office documen… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3282 | Microsoft | high | 7.8 | 54.6%
| | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016,… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3281 | Microsoft | high | 7.8 | 48.4%
| | Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3280 | Microsoft | high | 7.8 | 30.0%
| | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for M… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3279 | Microsoft | medium | 5.5 | 34.4%
| | Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, Power… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3278 | Microsoft | high | 7.8 | 24.4%
| | Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbit… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3277 | Microsoft | medium | 5.3 | 32.5%
| | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive … | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3276 | Microsoft | low | 3.1 | 7.2%
| | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3274 | Microsoft | low | 3.1 | 7.2%
| | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct conten… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3273 | Microsoft | medium | 5.3 | 22.9%
| | The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly rest… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3271 | Microsoft | medium | 6.5 | 26.0%
| | The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from p… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3269 | Microsoft | high | 8.8 | 17.9%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3265 | Microsoft | high | 8.8 | 20.1%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3264 | Microsoft | high | 7.5 | 18.3%
| | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitr… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3261 | Microsoft | medium | 5.3 | 36.7%
| | Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information via a crafted… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3260 | Microsoft | high | 8.8 | 20.4%
| | The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft I… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3259 | Microsoft | high | 8.8 | 18.1%
| | The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft I… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3255 | Microsoft | high | 7.5 | 29.5%
| | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to read … | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3248 | Microsoft | high | 8.8 | 20.4%
| | The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft I… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3246 | Microsoft | high | 7.5 | 15.9%
| | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memor… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3245 | Microsoft | medium | 6.5 | 10.5%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP conn… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3244 | Microsoft | medium | 4.3 | 25.7%
| | Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web sit… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3243 | Microsoft | high | 7.5 | 12.8%
| | Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3242 | Microsoft | high | 7.5 | 12.8%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3241 | Microsoft | high | 7.5 | 12.8%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3240 | Microsoft | high | 7.5 | 12.8%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Jul 13, 2016 | May 6, 2026 |
| | CVE-2016-3204 | Microsoft | high | 8.8 | 22.8%
| | The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explor… | Jul 13, 2016 | May 6, 2026 |
| | CVE-2015-3192 |  VMware | medium | 5.5 | 1.4%
| | Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD decla… | Jul 12, 2016 | May 6, 2026 |
| | CVE-2016-1445 |  Cisco | medium | 5.3 | 0.3%
| | Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 allows remote attackers to bypa… | Jul 12, 2016 | May 6, 2026 |
| | CVE-2016-4463 | Apache | high | 7.5 | 38.3%
| | Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to … | Jul 8, 2016 | May 6, 2026 |
| | CVE-2016-1444 | Cisco | medium | 6.5 | 0.1%
| | The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) … | Jul 7, 2016 | May 6, 2026 |
| | CVE-2016-1443 | Cisco | high | 8.1 | 0.4%
| | The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote atta… | Jul 7, 2016 | May 6, 2026 |
| | CVE-2016-1442 | Cisco | high | 8.8 | 0.7%
| | The administrative web interface in Cisco Prime Infrastructure (PI) before 3.1.1 allows remote authe… | Jul 7, 2016 | May 6, 2026 |
| | CVE-2016-4979 | Apache | high | 7.5 | 17.4%
| | The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not prope… | Jul 6, 2016 | May 6, 2026 |
| | CVE-2016-1546 | Apache | medium | 5.9 | 41.5%
| | The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of si… | Jul 6, 2016 | May 6, 2026 |
| | CVE-2016-4465 | Apache | medium | 5.3 | 10.4%
| | The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remo… | Jul 4, 2016 | May 6, 2026 |
| | CVE-2016-4438 | Apache | critical | 9.8 | 62.1%
| | The REST plugin in Apache Struts 2 2.3.19 through 2.3.28.1 allows remote attackers to execute arbitr… | Jul 4, 2016 | May 6, 2026 |
| | CVE-2016-4433 | Apache | high | 7.5 | 3.5%
| | Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictio… | Jul 4, 2016 | May 6, 2026 |
| | CVE-2016-4431 | Apache | high | 7.5 | 8.2%
| | Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictio… | Jul 4, 2016 | May 6, 2026 |
| | CVE-2016-4430 | Apache | high | 8.8 | 1.3%
| | Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers t… | Jul 4, 2016 | May 6, 2026 |
| | CVE-2016-3092 | Apache | high | 7.5 | 33.9%
| | The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x be… | Jul 4, 2016 | May 6, 2026 |
| | CVE-2016-1182 | Apache | high | 8.2 | 1.8%
| | ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator co… | Jul 4, 2016 | May 6, 2026 |
| | CVE-2016-1181 | Apache | high | 8.1 | 9.4%
| | ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an Actio… | Jul 4, 2016 | May 6, 2026 |
| | CVE-2015-0899 | Apache | high | 7.5 | 69.5%
| | The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers … | Jul 4, 2016 | May 6, 2026 |
| | CVE-2016-2082 | VMware | high | 8.8 | 0.1%
| | Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.… | Jul 3, 2016 | May 6, 2026 |
| | CVE-2016-2081 | VMware | medium | 6.1 | 0.2%
| | Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 all… | Jul 3, 2016 | May 6, 2026 |