| | CVE-2015-1047 | VMware | medium | 5.0 | 2.9%
| | vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote attacke… | Oct 12, 2015 | May 6, 2026 |
| | CVE-2015-6311 | Cisco | medium | 6.1 | 0.3%
| | Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), 7.3(101.0), and 7.4(1.19) allo… | Oct 8, 2015 | May 6, 2026 |
| | CVE-2015-6310 | Cisco | medium | 5.0 | 0.7%
| | The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows re… | Oct 8, 2015 | May 6, 2026 |
| | CVE-2015-7600 | Cisco | high | 7.2 | 0.1%
| | Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for vpnclient.ini, which allows local… | Oct 6, 2015 | May 6, 2026 |
| | CVE-2015-7612 | Trellix | medium | 6.8 | 0.1%
| | Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations page in Enterprise M… | Oct 1, 2015 | May 6, 2026 |
| | CVE-2015-7604 | Splunk | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.6 and S… | Sep 29, 2015 | May 6, 2026 |
| | CVE-2015-5442 | HPE | medium | 4.6 | 0.1%
| | Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain priv… | Sep 29, 2015 | May 6, 2026 |
| | CVE-2015-6307 | Cisco | medium | 6.1 | 0.1%
| | Cisco FirePOWER (formerly Sourcefire) 7000 and 8000 devices with software 5.4.0.1 allow remote attac… | Sep 28, 2015 | May 6, 2026 |
| | CVE-2015-6306 | Cisco | high | 7.2 | 3.5%
| | Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before in… | Sep 26, 2015 | May 6, 2026 |
| | CVE-2015-6305 | Cisco | high | 7.2 | 2.0%
| | Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.e… | Sep 26, 2015 | May 6, 2026 |
| | CVE-2015-6304 | Cisco | medium | 6.8 | 0.1%
| | Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Server software 3.0(2.24) allo… | Sep 24, 2015 | May 6, 2026 |
| | CVE-2015-6303 | Cisco | medium | 4.3 | 0.1%
| | The Cisco Spark application 2015-07-04 for mobile operating systems does not properly verify X.509 c… | Sep 24, 2015 | May 6, 2026 |
| | CVE-2015-7310 | Trellix | medium | 6.5 | 0.5%
| | McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enter… | Sep 22, 2015 | May 6, 2026 |
| | CVE-2015-6300 | Cisco | medium | 4.0 | 0.4%
| | Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users… | Sep 20, 2015 | May 6, 2026 |
| | CVE-2015-6299 | Cisco | medium | 6.5 | 0.3%
| | SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allo… | Sep 20, 2015 | May 6, 2026 |
| | CVE-2015-6284 | Cisco | high | 7.8 | 0.4%
| | Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server s… | Sep 20, 2015 | May 6, 2026 |
| | CVE-2015-4307 | Cisco | critical | 9.0 | 0.4%
| | The web framework in Cisco Prime Collaboration Provisioning before 11.0 allows remote authenticated … | Sep 20, 2015 | May 6, 2026 |
| | CVE-2015-4306 | Cisco | high | 8.5 | 0.4%
| | The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authent… | Sep 20, 2015 | May 6, 2026 |
| | CVE-2015-4305 | Cisco | medium | 4.0 | 0.2%
| | The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authent… | Sep 20, 2015 | May 6, 2026 |
| | CVE-2015-4304 | Cisco | critical | 9.0 | 0.4%
| | The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authent… | Sep 20, 2015 | May 6, 2026 |
| | CVE-2015-6932 | VMware | medium | 5.8 | 0.2%
| | VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LD… | Sep 18, 2015 | May 6, 2026 |
| | CVE-2015-6296 | Cisco | high | 7.2 | 0.1%
| | Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allow… | Sep 18, 2015 | May 6, 2026 |
| | CVE-2015-7238 | Trellix | low | 2.1 | 0.0%
| | The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for un… | Sep 18, 2015 | May 6, 2026 |
| | CVE-2015-7237 | Trellix | medium | 5.0 | 0.2%
| | Directory traversal vulnerability in the remote log viewing functionality in McAfee Agent (MA) 5.x b… | Sep 18, 2015 | May 6, 2026 |
| | CVE-2015-4638 | F5 | medium | 5.0 | 0.7%
| | The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and… | Sep 18, 2015 | May 6, 2026 |
| | CVE-2015-4040 | F5 | medium | 4.0 | 6.8%
| | Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterp… | Sep 17, 2015 | May 6, 2026 |
| | CVE-2015-5440 | HPE | medium | 4.9 | 0.2%
| | HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21… | Sep 16, 2015 | May 6, 2026 |
| | CVE-2015-2136 | HPE | medium | 4.0 | 0.1%
| | HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorizat… | Sep 16, 2015 | May 6, 2026 |
| | CVE-2015-5426 | HPE | medium | 4.6 | 0.1%
| | Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privil… | Sep 16, 2015 | May 6, 2026 |
| | CVE-2015-6290 | Cisco | medium | 4.3 | 0.5%
| | Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (me… | Sep 14, 2015 | May 6, 2026 |
| | CVE-2015-6288 | Cisco | medium | 5.0 | 0.7%
| | Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, … | Sep 14, 2015 | May 6, 2026 |
| | CVE-2015-6287 | Cisco | medium | 5.0 | 0.7%
| | Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial… | Sep 14, 2015 | May 6, 2026 |
| | CVE-2015-6286 | Cisco | medium | 5.7 | 0.2%
| | Cisco Application Visibility and Control (AVC) 15.3(3)JA, when FlexConnect is enabled, allows remote… | Sep 14, 2015 | May 6, 2026 |
| | CVE-2015-2545 | Microsoft | high | 7.8 | 93.3%
| ⚠ KEV | Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute ar… | Sep 9, 2015 | Apr 22, 2026 |
| | CVE-2015-2544 | Microsoft | medium | 4.3 | 6.9%
| | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2543 | Microsoft | medium | 4.3 | 6.9%
| | Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2542 | Microsoft | critical | 9.3 | 14.8%
| | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2541 | Microsoft | critical | 9.3 | 14.8%
| | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause … | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2536 | Microsoft | medium | 4.3 | 9.0%
| | Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 and Skype for Business Server… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2532 | Microsoft | medium | 4.3 | 9.6%
| | Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 allows remote attackers to in… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2531 | Microsoft | medium | 4.3 | 13.2%
| | Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skyp… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2526 | Microsoft | medium | 5.0 | 18.4%
| | Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of ser… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2523 | Microsoft | critical | 9.3 | 74.0%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and … | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2522 | Microsoft | low | 3.5 | 8.6%
| | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 allows remote a… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2521 | Microsoft | critical | 9.3 | 69.2%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remo… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2520 | Microsoft | critical | 9.3 | 69.2%
| | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2510 | Microsoft | critical | 9.3 | 70.6%
| | Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 200… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2505 | Microsoft | medium | 5.0 | 14.3%
| | Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows … | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2504 | Microsoft | critical | 9.3 | 31.8%
| | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts object… | Sep 9, 2015 | May 6, 2026 |
| | CVE-2015-2501 | Microsoft | critical | 9.3 | 14.8%
| | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of… | Sep 9, 2015 | May 6, 2026 |