| | CVE-2016-2084 |  F5 | high | 7.4 | 0.5%
| | F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build… | Apr 13, 2016 | May 6, 2026 |
| | CVE-2016-2001 |  HPE | high | 7.4 | 0.5%
| | HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-1377 |  Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attack… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0166 |  Microsoft | high | 7.5 | 9.8%
| | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0164 | Microsoft | high | 7.5 | 12.8%
| | Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0162 | Microsoft | medium | 4.3 | 38.0%
| ⚠ KEV | Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files… | Apr 12, 2016 | Apr 21, 2026 |
| | CVE-2016-0161 | Microsoft | medium | 6.5 | 23.9%
| | Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0160 | Microsoft | high | 7.8 | 1.2%
| | Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges v… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0159 | Microsoft | high | 7.5 | 9.8%
| | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0158 | Microsoft | medium | 6.5 | 18.9%
| | Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0157 | Microsoft | high | 7.5 | 12.4%
| | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memor… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0156 | Microsoft | high | 7.5 | 18.4%
| | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memor… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0155 | Microsoft | high | 7.5 | 16.0%
| | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memor… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0154 | Microsoft | high | 7.5 | 16.3%
| | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitr… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0148 | Microsoft | high | 7.8 | 8.2%
| | Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, which allows local users to gain … | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0147 | Microsoft | high | 8.8 | 26.4%
| | Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web … | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0145 | Microsoft | high | 8.8 | 74.8%
| | The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; … | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0139 | Microsoft | high | 7.8 | 30.3%
| | Microsoft Excel 2010 SP2, Word for Mac 2011, and Excel Viewer allow remote attackers to execute arbi… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0136 | Microsoft | high | 7.8 | 40.6%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoin… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0127 | Microsoft | high | 7.8 | 29.9%
| | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Com… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0122 | Microsoft | high | 7.8 | 39.9%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 f… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2015-7520 |  Apache | medium | 6.1 | 1.4%
| | Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleCh… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2015-5347 | Apache | medium | 6.1 | 1.7%
| | Cross-site scripting (XSS) vulnerability in the getWindowOpenJavaScript function in org.apache.wicke… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-4003 | Apache | medium | 6.1 | 2.6%
| | Cross-site scripting (XSS) vulnerability in the URLDecoder function in JRE before 1.8, as used in Ap… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-2162 | Apache | medium | 6.1 | 1.2%
| | Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInter… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0785 | Apache | high | 8.8 | 17.8%
| | Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequen… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-2170 | Apache | critical | 9.8 | 13.6%
| | Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute a… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-2166 | Apache | medium | 6.5 | 0.3%
| | The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnect… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2016-0733 | Apache | critical | 9.8 | 1.7%
| | The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lac… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2015-8021 | F5 | medium | 4.3 | 0.1%
| | Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, AS… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2015-5167 | Apache | medium | 6.5 | 0.2%
| | The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass inte… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2015-3268 | Apache | medium | 6.1 | 5.3%
| | Cross-site scripting (XSS) vulnerability in the DisplayEntityField.getDescription method in ModelFor… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2015-5349 | Apache | high | 7.8 | 1.4%
| | The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly … | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-0735 | Apache | high | 8.8 | 0.1%
| | Apache Ranger 0.5.x before 0.5.2 allows remote authenticated users to bypass intended parent resourc… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2015-0266 | Apache | high | 7.1 | 0.1%
| | The Policy Admin Tool in Apache Ranger before 0.5.0 allows remote authenticated users to bypass inte… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2015-0265 | Apache | medium | 6.1 | 2.0%
| | Cross-site scripting (XSS) vulnerability in the Policy Admin Tool in Apache Ranger before 0.5.0 allo… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-2171 | Apache | high | 7.5 | 16.6%
| | The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using Jet… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-2164 | Apache | high | 7.5 | 1.2%
| | The (1) FileService.importFileByInternalUserId and (2) FileService.importFile SOAP API methods in Ap… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-2163 | Apache | medium | 6.1 | 2.7%
| | Cross-site scripting (XSS) vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-0784 | Apache | medium | 6.5 | 6.1%
| | Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMe… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-0783 | Apache | high | 7.5 | 0.9%
| | The sendHashByUser function in Apache OpenMeetings before 3.1.1 generates predictable password reset… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-0712 | Apache | medium | 6.1 | 2.6%
| | Cross-site scripting (XSS) vulnerability in Apache Jetspeed before 2.3.1 allows remote attackers to … | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-0711 | Apache | medium | 6.1 | 2.6%
| | Multiple cross-site scripting (XSS) vulnerabilities in Apache Jetspeed before 2.3.1 allow remote att… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-0710 | Apache | high | 8.8 | 79.2%
| | Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 a… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-0709 | Apache | high | 7.2 | 70.9%
| | Directory traversal vulnerability in the Import/Export function in the Portal Site Manager in Apache… | Apr 11, 2016 | May 6, 2026 |
| | CVE-2015-8240 | F5 | high | 7.5 | 1.2%
| | The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link … | Apr 11, 2016 | May 6, 2026 |
| | CVE-2016-3984 |  Trellix | medium | 5.1 | 0.3%
| | The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent … | Apr 8, 2016 | May 6, 2026 |
| | CVE-2016-3983 | Trellix | high | 7.5 | 0.2%
| | McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass malware… | Apr 8, 2016 | May 6, 2026 |
| | CVE-2016-1375 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco IP Interoperability and Collaboration System 4.10(… | Apr 8, 2016 | May 6, 2026 |
| | CVE-2016-0734 | Apache | medium | 6.1 | 3.0%
| | The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-O… | Apr 7, 2016 | May 6, 2026 |