| | CVE-2016-6419 | Cisco | high | 7.5 | 0.5%
| | SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote … | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-4390 | HPE | high | 8.1 | 2.0%
| | The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code … | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-4389 | HPE | high | 8.1 | 2.0%
| | The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code … | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-4388 | HPE | high | 8.1 | 2.2%
| | The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code … | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-4387 | HPE | high | 8.1 | 2.0%
| | The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code … | Oct 5, 2016 | May 6, 2026 |
| | CVE-2015-1832 | Apache | critical | 9.1 | 0.8%
| | XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, whe… | Oct 3, 2016 | May 6, 2026 |
| | CVE-2016-5019 | Apache | critical | 9.8 | 6.0%
| | CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x… | Oct 3, 2016 | May 6, 2026 |
| | CVE-2016-5700 | F5 | critical | 9.8 | 5.6%
| | Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, … | Oct 3, 2016 | May 6, 2026 |
| | CVE-2016-4436 | Apache | critical | 9.8 | 5.7%
| | Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via … | Oct 3, 2016 | May 6, 2026 |
| | CVE-2016-1240 | Apache | high | 7.8 | 22.1%
| | The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.… | Oct 3, 2016 | May 6, 2026 |
| | CVE-2016-4386 | HPE | high | 7.8 | 0.1%
| | HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified… | Sep 29, 2016 | May 6, 2026 |
| | CVE-2016-4385 | HPE | high | 7.3 | 3.7%
| | The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x be… | Sep 29, 2016 | May 6, 2026 |
| | CVE-2016-7191 | Microsoft | high | 8.1 | 3.8%
| | The Microsoft Azure Active Directory Passport (aka Passport-Azure-AD) library 1.x before 1.4.6 and 2… | Sep 28, 2016 | May 6, 2026 |
| | CVE-2016-4978 | Apache | high | 7.2 | 6.9%
| | The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis br… | Sep 27, 2016 | Jun 15, 2026 |
| | CVE-2016-6306 | HPE | medium | 5.9 | 8.1%
| | The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers… | Sep 26, 2016 | May 6, 2026 |
| | CVE-2016-5395 | Apache | medium | 4.8 | 0.1%
| | Cross-site scripting (XSS) vulnerability in the create user functionality in the policy admin tool i… | Sep 26, 2016 | May 6, 2026 |
| | CVE-2016-6413 | Cisco | high | 7.8 | 0.1%
| | The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 1.3(… | Sep 24, 2016 | May 6, 2026 |
| | CVE-2016-6411 | Cisco | high | 7.5 | 0.2%
| | Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between … | Sep 24, 2016 | May 6, 2026 |
| | CVE-2016-6408 | Cisco | high | 7.5 | 0.4%
| | Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document containin… | Sep 24, 2016 | May 6, 2026 |
| | CVE-2016-6374 | Cisco | critical | 9.8 | 5.6%
| | Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote attackers to execute arbitrary code via a… | Sep 22, 2016 | May 6, 2026 |
| | CVE-2016-6373 | Cisco | high | 7.2 | 0.8%
| | The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote authenticated admini… | Sep 22, 2016 | May 6, 2026 |
| | CVE-2016-4464 | Apache | critical | 9.8 | 2.1%
| | The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match S… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-6801 | Apache | high | 8.8 | 0.4%
| | Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav … | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-5017 | Apache | high | 8.1 | 6.1%
| | Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when usi… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4969 | Fortinet | medium | 6.1 | 0.7%
| | Cross-site scripting (XSS) vulnerability in Fortinet FortiWan (formerly AscernLink) before 4.2.5 all… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4968 | Fortinet | medium | 6.5 | 3.5%
| | The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows … | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4967 | Fortinet | medium | 6.5 | 1.9%
| | Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to obtain sen… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4966 | Fortinet | medium | 6.5 | 2.3%
| | The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4965 | Fortinet | high | 8.8 | 7.7%
| | Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with access t… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4384 | HPE | high | 8.6 | 2.9%
| | HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a de… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4382 | HPE | high | 8.3 | 0.2%
| | HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass inten… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2015-8960 | Microsoft | high | 8.1 | 0.3%
| | The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-6802 | Apache | high | 7.5 | 13.5%
| | Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by lev… | Sep 20, 2016 | May 6, 2026 |
| | CVE-2016-1483 | Cisco | high | 7.5 | 0.5%
| | Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumptio… | Sep 19, 2016 | May 6, 2026 |
| | CVE-2016-6405 | Cisco | medium | 6.5 | 0.2%
| | Cisco Fog Director 1.0(0) for IOx allows remote authenticated users to bypass intended access restri… | Sep 18, 2016 | May 6, 2026 |
| | CVE-2016-6402 | Cisco | high | 7.8 | 0.1%
| | UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d… | Sep 18, 2016 | May 6, 2026 |
| | CVE-2016-1482 | Cisco | high | 8.1 | 1.4%
| | Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting t… | Sep 17, 2016 | May 6, 2026 |
| | CVE-2016-6407 | Cisco | high | 7.5 | 0.7%
| | Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to c… | Sep 17, 2016 | May 6, 2026 |
| | CVE-2016-6401 | Cisco | medium | 5.3 | 0.3%
| | Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 an… | Sep 17, 2016 | May 6, 2026 |
| | CVE-2016-2182 | HPE | critical | 9.8 | 29.2%
| | The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate di… | Sep 16, 2016 | May 6, 2026 |
| | CVE-2016-3381 | Microsoft | high | 7.8 | 20.0%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Comp… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3379 | Microsoft | medium | 6.1 | 7.6%
| | Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3378 | Microsoft | high | 7.4 | 3.1%
| | Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 C… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3377 | Microsoft | high | 7.5 | 15.9%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or … | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3375 | Microsoft | high | 7.5 | 21.6%
| | The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through … | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3374 | Microsoft | medium | 6.5 | 32.3%
| | The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3370 | Microsoft | medium | 6.5 | 15.5%
| | The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3367 | Microsoft | high | 8.8 | 19.7%
| | StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not properly allocate memory for st… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3366 | Microsoft | medium | 6.5 | 10.4%
| | Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, a… | Sep 14, 2016 | May 6, 2026 |
| | CVE-2016-3365 | Microsoft | high | 7.8 | 19.0%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Comp… | Sep 14, 2016 | May 6, 2026 |