| | CVE-2016-1480 | Cisco | high | 7.5 | 0.3%
| | A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Softwar… | Oct 28, 2016 | May 6, 2026 |
| | CVE-2016-1423 | Cisco | medium | 6.1 | 0.5%
| | A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco A… | Oct 28, 2016 | May 6, 2026 |
| | CVE-2016-6446 | Cisco | high | 7.5 | 0.5%
| | A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attack… | Oct 27, 2016 | May 6, 2026 |
| | CVE-2016-6445 | Cisco | critical | 9.1 | 0.8%
| | A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meetin… | Oct 27, 2016 | May 6, 2026 |
| | CVE-2016-6444 | Cisco | high | 8.8 | 0.2%
| | A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a… | Oct 27, 2016 | May 6, 2026 |
| | CVE-2016-6443 | Cisco | high | 8.8 | 1.9%
| | A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL datab… | Oct 27, 2016 | May 6, 2026 |
| | CVE-2016-6442 | Cisco | high | 8.8 | 0.2%
| | A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an unauthenticate… | Oct 27, 2016 | May 6, 2026 |
| | CVE-2016-6440 | Cisco | medium | 6.5 | 0.3%
| | The Cisco Unified Communications Manager (CUCM) may be vulnerable to data that can be displayed insi… | Oct 27, 2016 | May 6, 2026 |
| | CVE-2016-6439 | Cisco | high | 7.5 | 0.1%
| | A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Softwa… | Oct 27, 2016 | May 6, 2026 |
| | CVE-2016-6437 | Cisco | medium | 5.9 | 0.7%
| | A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) c… | Oct 27, 2016 | May 6, 2026 |
| | CVE-2016-1000031 | Apache | critical | 9.8 | 56.4%
| | Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution | Oct 25, 2016 | May 6, 2026 |
| | CVE-2016-7194 | Microsoft | high | 7.5 | 79.0%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-7193 | Microsoft | high | 7.8 | 71.2%
| ⚠ KEV | Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2… | Oct 14, 2016 | Apr 22, 2026 |
| | CVE-2016-7190 | Microsoft | high | 7.5 | 78.5%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-7189 | Microsoft | high | 7.5 | 74.6%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via… | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-7182 | Microsoft | critical | 9.8 | 41.5%
| | The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7… | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3396 | Microsoft | high | 7.8 | 32.4%
| | Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3392 | Microsoft | medium | 5.3 | 9.4%
| | The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents, whi… | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3391 | Microsoft | medium | 5.3 | 27.4%
| | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discov… | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3390 | Microsoft | high | 7.5 | 20.5%
| | The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to… | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3389 | Microsoft | high | 7.5 | 16.8%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3388 | Microsoft | medium | 5.3 | 47.2%
| | Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3387 | Microsoft | high | 7.5 | 33.3%
| | Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3386 | Microsoft | high | 7.5 | 75.9%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3385 | Microsoft | high | 7.5 | 14.9%
| | The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3384 | Microsoft | high | 7.5 | 16.3%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3383 | Microsoft | high | 7.5 | 14.5%
| | Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d… | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3382 | Microsoft | high | 7.5 | 17.8%
| | The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote at… | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3331 | Microsoft | high | 7.5 | 17.8%
| | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o… | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3298 | Microsoft | medium | 6.5 | 27.7%
| ⚠ KEV | Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Window… | Oct 14, 2016 | Apr 22, 2026 |
| | CVE-2016-3267 | Microsoft | medium | 5.3 | 18.4%
| | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3263 | Microsoft | medium | 5.5 | 19.1%
| | Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3262 | Microsoft | medium | 5.5 | 19.1%
| | Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-3209 | Microsoft | medium | 5.5 | 19.2%
| | Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 … | Oct 14, 2016 | May 6, 2026 |
| | CVE-2016-6325 | Apache | high | 7.8 | 0.1%
| | The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss E… | Oct 13, 2016 | May 6, 2026 |
| | CVE-2016-5425 | Apache | high | 7.8 | 11.6%
| | The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly … | Oct 13, 2016 | May 6, 2026 |
| | CVE-2016-6436 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco… | Oct 6, 2016 | May 6, 2026 |
| | CVE-2016-6435 | Cisco | medium | 6.5 | 55.0%
| | The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read… | Oct 6, 2016 | May 6, 2026 |
| | CVE-2016-6434 | Cisco | high | 7.8 | 0.4%
| | Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users… | Oct 6, 2016 | May 6, 2026 |
| | CVE-2016-6433 | Cisco | high | 8.8 | 69.7%
| | The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote… | Oct 6, 2016 | May 6, 2026 |
| | CVE-2016-6427 | Cisco | high | 8.8 | 0.1%
| | Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 th… | Oct 6, 2016 | May 6, 2026 |
| | CVE-2016-6425 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9… | Oct 6, 2016 | May 6, 2026 |
| | CVE-2016-6426 | Cisco | high | 7.5 | 0.2%
| | The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 through… | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-6418 | Cisco | medium | 6.1 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Cisco Videoscape Distribution Suite Service Manager (VDS… | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-6417 | Cisco | high | 8.8 | 0.1%
| | Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through 6.… | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-6416 | Cisco | medium | 5.9 | 0.9%
| | The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-0… | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-7561 | Fortinet | high | 7.2 | 0.3%
| | Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow admin… | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-7560 | Fortinet | critical | 9.8 | 2.6%
| | The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, an… | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-5745 | F5 | critical | 9.8 | 3.9%
| | F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF11, 11.5.0, 11.5.1 bef… | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-6420 | Cisco | medium | 6.5 | 0.0%
| | Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote au… | Oct 5, 2016 | May 6, 2026 |