| | CVE-2016-7268 | Microsoft | high | 7.1 | 10.9%
| | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer,… | Dec 20, 2016 | May 6, 2026 |
| | CVE-2016-7267 | Microsoft | medium | 5.5 | 21.7%
| | Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses file formats, which makes it eas… | Dec 20, 2016 | May 6, 2026 |
| | CVE-2016-7266 | Microsoft | high | 7.8 | 16.9%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Comp… | Dec 20, 2016 | May 6, 2026 |
| | CVE-2016-7265 | Microsoft | high | 7.1 | 10.3%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Comp… | Dec 20, 2016 | May 6, 2026 |
| | CVE-2016-7264 | Microsoft | high | 7.1 | 11.3%
| | Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel… | Dec 20, 2016 | May 6, 2026 |
| | CVE-2016-7263 | Microsoft | high | 7.8 | 18.9%
| | Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code… | Dec 20, 2016 | May 6, 2026 |
| | CVE-2016-7262 | Microsoft | high | 7.8 | 87.1%
| ⚠ KEV | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Comp… | Dec 20, 2016 | Apr 22, 2026 |
| | CVE-2016-7257 | Microsoft | medium | 6.5 | 13.3%
| | The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,… | Dec 20, 2016 | May 6, 2026 |
| | CVE-2016-7206 | Microsoft | medium | 6.1 | 7.6%
| | Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitra… | Dec 20, 2016 | May 6, 2026 |
| | CVE-2016-7181 | Microsoft | high | 7.5 | 27.3%
| | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memor… | Dec 20, 2016 | May 6, 2026 |
| | CVE-2015-3271 | Apache | medium | 5.3 | 1.1%
| | Apache Tika server (aka tika-server) in Apache Tika 1.9 might allow remote attackers to read arbitra… | Dec 15, 2016 | May 6, 2026 |
| | CVE-2016-9214 | Cisco | medium | 6.1 | 0.3%
| | Cisco Identity Services Engine (ISE) contains a vulnerability that could allow an unauthenticated, r… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9212 | Cisco | high | 7.5 | 0.9%
| | A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS So… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9211 | Cisco | high | 7.5 | 1.6%
| | A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9210 | Cisco | high | 7.5 | 2.3%
| | A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communicat… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9209 | Cisco | medium | 4.3 | 0.5%
| | A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated,… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9208 | Cisco | medium | 6.5 | 1.0%
| | A vulnerability in the File Management Utility, the Download File form, and the Serviceability appli… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9207 | Cisco | medium | 6.5 | 0.8%
| | A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthentica… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9206 | Cisco | medium | 6.1 | 0.4%
| | A vulnerability in the ccmadmin page of Cisco Unified Communications Manager (CUCM) could allow an u… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9204 | Cisco | medium | 6.5 | 0.3%
| | A vulnerability in the Cisco Intercloud Fabric (ICF) Director could allow an unauthenticated, remote… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9203 | Cisco | high | 7.5 | 1.8%
| | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Soft… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9202 | Cisco | medium | 6.1 | 0.3%
| | A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switch… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9200 | Cisco | medium | 6.1 | 0.3%
| | A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unau… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9199 | Cisco | medium | 6.5 | 0.9%
| | A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authent… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9198 | Cisco | high | 7.5 | 1.6%
| | A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9193 | Cisco | high | 7.5 | 0.4%
| | A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management … | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-9192 | Cisco | high | 7.8 | 31.1%
| | A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated,… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6471 | Cisco | medium | 6.5 | 0.4%
| | A vulnerability in the web-based management interface of Cisco Firepower Management Center running F… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6470 | Cisco | high | 7.8 | 0.1%
| | A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authe… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6469 | Cisco | high | 7.5 | 1.0%
| | A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could al… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6468 | Cisco | high | 8.8 | 0.3%
| | A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an un… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6467 | Cisco | high | 7.5 | 1.8%
| | A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6465 | Cisco | medium | 4.3 | 0.2%
| | A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Sec… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6464 | Cisco | high | 7.5 | 1.4%
| | A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and P… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-6449 | Cisco | high | 7.8 | 0.1%
| | A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connec… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-1411 | Cisco | medium | 5.9 | 0.2%
| | A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appli… | Dec 14, 2016 | May 6, 2026 |
| | CVE-2016-8740 | Apache | high | 7.5 | 68.3%
| | The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configurati… | Dec 5, 2016 | May 6, 2026 |
| | CVE-2016-2887 | Microsoft | high | 8.1 | 0.2%
| | IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .NET allows remote authenticated… | Nov 30, 2016 | May 6, 2026 |
| | CVE-2016-1247 | F5 | high | 7.8 | 9.8%
| | The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6… | Nov 29, 2016 | May 6, 2026 |
| | CVE-2016-5393 | Apache | high | 8.8 | 2.6%
| | In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with … | Nov 29, 2016 | May 6, 2026 |
| | CVE-2016-6472 | Cisco | medium | 6.1 | 0.3%
| | A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager (Cal… | Nov 19, 2016 | May 6, 2026 |
| | CVE-2016-6466 | Cisco | high | 7.5 | 0.8%
| | A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an un… | Nov 19, 2016 | May 6, 2026 |
| | CVE-2016-6460 | Cisco | high | 7.5 | 0.2%
| | A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST A… | Nov 19, 2016 | May 6, 2026 |
| | CVE-2016-6459 | Cisco | medium | 5.5 | 0.6%
| | Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could all… | Nov 19, 2016 | May 6, 2026 |
| | CVE-2016-6457 | Cisco | medium | 6.5 | 0.4%
| | A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infras… | Nov 19, 2016 | May 6, 2026 |
| | CVE-2016-7254 | Microsoft | high | 8.8 | 16.6%
| | Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointe… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7253 | Microsoft | high | 8.8 | 18.2%
| | The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7252 | Microsoft | medium | 6.5 | 19.7%
| | Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7251 | Microsoft | medium | 6.1 | 7.6%
| | Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote a… | Nov 10, 2016 | May 6, 2026 |
| | CVE-2016-7250 | Microsoft | high | 8.8 | 16.6%
| | Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified… | Nov 10, 2016 | May 6, 2026 |