| | CVE-2015-6314 | Cisco | critical | 9.8 | 1.1%
| | Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 befor… | Jan 15, 2016 | May 6, 2026 |
| | CVE-2016-0777 | HPE | medium | 6.5 | 71.7%
| | The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p… | Jan 14, 2016 | May 29, 2026 |
| | CVE-2016-0035 | Microsoft | high | 7.8 | 24.4%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for M… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0034 | Microsoft | high | 8.8 | 52.8%
| ⚠ KEV | Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows… | Jan 13, 2016 | Apr 22, 2026 |
| | CVE-2016-0032 | Microsoft | medium | 6.1 | 1.2%
| | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0031 | Microsoft | medium | 6.1 | 1.2%
| | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0030 | Microsoft | medium | 6.1 | 1.2%
| | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0029 | Microsoft | medium | 6.1 | 1.3%
| | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0024 | Microsoft | high | 8.8 | 32.4%
| | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0012 | Microsoft | medium | 4.3 | 10.6%
| | Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Offic… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0011 | Microsoft | medium | 5.4 | 1.0%
| | Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated u… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0010 | Microsoft | high | 7.8 | 53.9%
| | Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel … | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0005 | Microsoft | medium | 4.3 | 31.1%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy vi… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0003 | Microsoft | critical | 9.6 | 6.3%
| | Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Micro… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-0002 | Microsoft | high | 7.5 | 47.2%
| | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Expl… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2015-6117 | Microsoft | medium | 6.1 | 1.2%
| | Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated u… | Jan 13, 2016 | May 6, 2026 |
| | CVE-2016-1715 | Trellix | medium | 6.6 | 0.4%
| | The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before … | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-8611 | F5 | critical | 9.8 | 3.6%
| | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 20… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-7759 | F5 | low | 3.7 | 0.8%
| | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP … | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-7393 | F5 | high | 7.4 | 0.1%
| | dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 befor… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-8098 | F5 | critical | 9.8 | 10.9%
| | F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6.0 before 11.6.0 HF4 allow rem… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-6933 | VMware | medium | 6.3 | 1.8%
| | The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, … | Jan 9, 2016 | May 6, 2026 |
| | CVE-2015-8765 | Trellix | high | 8.3 | 2.3%
| | Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041,… | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-7362 | Fortinet | high | 7.8 | 0.0%
| | Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory tha… | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-5259 | Apache | high | 8.6 | 34.3%
| | Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x b… | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-5254 | Apache | critical | 9.8 | 80.4%
| | Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker… | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-6862 | HPE | high | 8.4 | 0.5%
| | HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass inte… | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-6434 | Cisco | medium | 6.1 | 0.2%
| | Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it easier … | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-6433 | Cisco | medium | 6.5 | 0.2%
| | SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote … | Jan 8, 2016 | May 6, 2026 |
| | CVE-2015-6858 | HPE | low | 3.7 | 0.4%
| | HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensi… | Jan 5, 2016 | May 6, 2026 |
| | CVE-2015-5434 | HPE | medium | 6.5 | 0.7%
| | HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attack… | Jan 5, 2016 | May 6, 2026 |
| | CVE-2015-7430 | Apache | high | 8.4 | 0.0%
| | The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General … | Jan 2, 2016 | May 6, 2026 |
| | CVE-2015-8651 | HPE | high | 8.8 | 89.1%
| ⚠ KEV | Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Wind… | Dec 28, 2015 | Apr 22, 2026 |
| | CVE-2015-6409 | Cisco | medium | 5.9 | 0.3%
| | Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STA… | Dec 26, 2015 | May 6, 2026 |
| | CVE-2015-1836 | Apache | high | 7.3 | 2.1%
| | Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoS… | Dec 21, 2015 | May 6, 2026 |
| | CVE-2015-1772 | Apache | high | 7.3 | 0.2%
| | The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used i… | Dec 21, 2015 | May 6, 2026 |
| | CVE-2015-6934 | VMware | high | 7.3 | 1.8%
| | Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize… | Dec 21, 2015 | May 6, 2026 |
| | CVE-2015-6427 | Cisco | medium | 5.0 | 0.4%
| | Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection featur… | Dec 18, 2015 | May 6, 2026 |
| | CVE-2015-6426 | Cisco | high | 7.2 | 0.1%
| | Cisco Prime Network Services Controller 3.0 allows local users to bypass intended access restriction… | Dec 18, 2015 | May 6, 2026 |
| | CVE-2015-6424 | Cisco | high | 7.2 | 0.1%
| | The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) allows loc… | Dec 18, 2015 | May 6, 2026 |
| | CVE-2015-5204 | Apache | medium | 4.3 | 1.0%
| | CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-plugin-file-transfe… | Dec 17, 2015 | May 6, 2026 |
| | CVE-2015-8577 | Trellix | low | 2.6 | 0.0%
| | The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 alloc… | Dec 16, 2015 | May 6, 2026 |
| | CVE-2015-6425 | Cisco | medium | 5.0 | 0.5%
| | The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.980… | Dec 16, 2015 | May 6, 2026 |
| | CVE-2015-8317 | HPE | medium | 5.0 | 0.3%
| | The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers … | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-8242 | HPE | medium | 5.8 | 1.4%
| | The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-8241 | HPE | medium | 6.4 | 1.0%
| | The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-de… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-7500 | HPE | medium | 5.0 | 1.5%
| | The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to … | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-7499 | HPE | medium | 5.0 | 1.6%
| | Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows contex… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-7498 | HPE | medium | 5.0 | 3.3%
| | Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allow… | Dec 15, 2015 | May 6, 2026 |
| | CVE-2015-7497 | HPE | medium | 5.0 | 3.1%
| | Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 … | Dec 15, 2015 | May 6, 2026 |