month report

September 2001

Data as of Jun 4, 2026, 13:24 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

September 2001 closed with 490 published CVEs. 31 criticals, microsoft led volume, mostly via internet explorer. Biggest breakout: sun at ×26.0 their 12-month median. Top weakness class — CWE-20 (2 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

490

— MoM— YoY

Severity mix

31 / 188

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.0%

0 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

—

n=0

Within 7 days

—%

Within 30 days

—%

Days → KEV (median)

—

n=0

Weakness × Vendor

What's spreading where in September 2001

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

26.0×sun26 CVE
22.0×sgi22 CVE
16.0×cisco16 CVE
14.0×microsoft56 CVE
9.0×mandrakesoft9 CVE
7.0×kde7 CVE
6.7×hp20 CVE
6.0×redhat12 CVE
6.0×digital6 CVE
5.0×apache5 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#13ipswitch8 CVE
#24id software4 CVE
#29broadcom3 CVE
#31dec3 CVE
#32excite3 CVE
#34qualcomm3 CVE
#383com2 CVE
#40auto ftp2 CVE
#41behold software2 CVE
#42bmc2 CVE

Top vendors

Ranked by distinct CVE count this period.

1microsoft—
56 CVE3 critCVSS 5.7
×14.0PoC 6
internet explorer (12) · internet information server (11) · windows nt (10)
2sun—
26 CVE2 critCVSS 6.2
×26.0PoC 4
sunos (16) · solaris (5) · solstice adminsuite (5)
3sgi—
22 CVE1 critCVSS 6.4
×22.0PoC 4
irix (21) · quake 1 server (1)
4hp—
20 CVE1 critCVSS 5.5
×6.7
hp-ux (17) · jetdirect (2) · apollo domain os (1)
5cisco—
16 CVE1 critCVSS 6.3
×16.0
ios (6) · resource manager (2) · vpn 3005 concentrator (1)
6ibm—
13 CVE1 critCVSS 5.7
×4.3PoC 1
aix (8) · tivoli opc tracker agent (2) · http server ssl module common (1)
7redhat—
12 CVE1 critCVSS 6.0
×6.0PoC 2
linux (12)
8freebsd—
10 CVE1 critCVSS 5.6
PoC 2
freebsd (10)
9mandrakesoft—
9 CVE1 critCVSS 6.7
×9.0PoC 1
mandrake linux (9) · mandrake linux corporate server (1)
10sco—
9 CVECVSS 7.2
unix (5) · openserver enterprise system (5) · open desktop (5)
11slackware—
9 CVE1 critCVSS 6.6
PoC 1
slackware linux (9)
12debian—
8 CVECVSS 5.0
×4.0PoC 2
debian linux (8)
13ipswitch—
8 CVE1 critCVSS 6.4
NEWPoC 2
imail (7) · ws ftp pro (1)
14linux—
8 CVECVSS 5.4
PoC 1
linux kernel (8)
15kde—
7 CVECVSS 5.8
×7.0PoC 1
kde (6) · kde beta 3 (1)
16apple—
6 CVECVSS 4.7
×4.0PoC 3
macos (5) · appleshare mail server (1)
17digital—
6 CVECVSS 5.9
×6.0
unix (3) · ultrix (2) · digital openvms axp (1)
18apache—
5 CVE3 critCVSS 8.5
×5.0
http server (5)
19matt wright—
5 CVE1 critCVSS 6.5
PoC 1
formhandler.cgi (2) · download.cgi (1) · matt wright guestbook (1)
20netscape—
5 CVECVSS 6.0
×5.0PoC 1
communicator (1) · directory server (1) · enterprise server (1)
21novell—
5 CVE1 critCVSS 6.9
×5.0PoC 1
netware (2) · web server (1) · bordermanager (1)
22oracle—
5 CVE1 critCVSS 6.4
×3.3PoC 1
http server (2) · web listener (2) · database assistant (1)
23conectiva—
4 CVECVSS 6.9
×4.0PoC 1
linux (4)
24id software—
4 CVECVSS 5.5
NEW
quake (1) · quake 2 (1) · quake 2 server (1)
25macromedia—
4 CVECVSS 4.2
shockwave flash plugin (2) · dreamweaver (1) · matrix screen saver (1)
26openbsd—
4 CVECVSS 4.7
openbsd (3) · openssh (1)
27red hat inc.—
4 CVE1 critCVSS 8.1
×4.0PoC 2
red hat enterprise linux (4)
28trend micro—
4 CVE1 critCVSS 8.2
PoC 1
interscan viruswall (3) · virus buster 2001 (1)
29broadcom—
3 CVE1 critCVSS 6.7
NEW
arcserve backup (2) · inoculan (1) · inoculateit (1)
30compaq—
3 CVECVSS 7.2
×3.0PoC 1
insight management agent (1) · management agents for servers (1) · microcom 6000 firmware (1)
31dec—
3 CVECVSS 6.5
NEW
dec openvms (2) · dec openvms axp (1) · dec openvms vax (1)
32excite—
3 CVECVSS 7.2
NEW
ews (3)
33mirabilis—
3 CVECVSS 5.9
×3.0
icq (1) · icq 98a (1) · icq web front (1)
34qualcomm—
3 CVECVSS 5.1
NEWPoC 1
eudora (2) · eudora light (1) · qpopper (1)
35ssh—
3 CVECVSS 5.5
PoC 1
ssh2 (2) · ssh (1)
36suse—
3 CVE1 critCVSS 6.4
×3.0
suse linux (3)
37university of washington—
3 CVECVSS 3.4
imap (1) · imapd (1) · pine (1)
383com—
2 CVECVSS 7.5
NEW
superstack ii hub (1) · total control netserver card (1)
39allaire—
2 CVECVSS 6.3
coldfusion (1) · coldfusion server (1)
40auto ftp—
2 CVECVSS 6.0
NEW
auto ftp (2)
41behold software—
2 CVECVSS 5.0
NEWPoC 1
web page counter (2)
42bmc—
2 CVECVSS 7.2
NEW
patrol agent (2)
43bsd—
2 CVECVSS 4.7
NEW
bsd (2)
44cactus software—
2 CVECVSS 4.7
NEW
shell-lock (2)
45checkpoint—
2 CVECVSS 5.0
firewall-1 (2)
46computer software manufaktur—
2 CVECVSS 5.0
alibaba (1) · csm proxy (1)
47darren reed—
2 CVECVSS 7.3
NEW
ipfilter (2)
48elm development group—
2 CVECVSS 6.0
NEW
elm (2)
49gftp—
2 CVECVSS 6.0
NEW
ftp client (1) · gftp (1)
50gnu—
2 CVECVSS 5.9
bash (1) · fingerd (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	microsoft	56	3	·	·	×14.0PoC 6	internet explorer (12) · internet information server (11) · windows nt (10)	—
2	sun	26	2	·	·	×26.0PoC 4	sunos (16) · solaris (5) · solstice adminsuite (5)	—
3	sgi	22	1	·	·	×22.0PoC 4	irix (21) · quake 1 server (1)	—
4	hp	20	1	·	·	×6.7	hp-ux (17) · jetdirect (2) · apollo domain os (1)	—
5	cisco	16	1	·	·	×16.0	ios (6) · resource manager (2) · vpn 3005 concentrator (1)	—
6	ibm	13	1	·	·	×4.3PoC 1	aix (8) · tivoli opc tracker agent (2) · http server ssl module common (1)	—
7	redhat	12	1	·	·	×6.0PoC 2	linux (12)	—
8	freebsd	10	1	·	·	PoC 2	freebsd (10)	—
9	mandrakesoft	9	1	·	·	×9.0PoC 1	mandrake linux (9) · mandrake linux corporate server (1)	—
10	sco	9	·	·	·		unix (5) · openserver enterprise system (5) · open desktop (5)	—
11	slackware	9	1	·	·	PoC 1	slackware linux (9)	—
12	debian	8	·	·	·	×4.0PoC 2	debian linux (8)	—
13	ipswitch	8	1	·	·	NEWPoC 2	imail (7) · ws ftp pro (1)	—
14	linux	8	·	·	·	PoC 1	linux kernel (8)	—
15	kde	7	·	·	·	×7.0PoC 1	kde (6) · kde beta 3 (1)	—
16	apple	6	·	·	·	×4.0PoC 3	macos (5) · appleshare mail server (1)	—
17	digital	6	·	·	·	×6.0	unix (3) · ultrix (2) · digital openvms axp (1)	—
18	apache	5	3	·	·	×5.0	http server (5)	—
19	matt wright	5	1	·	·	PoC 1	formhandler.cgi (2) · download.cgi (1) · matt wright guestbook (1)	—
20	netscape	5	·	·	·	×5.0PoC 1	communicator (1) · directory server (1) · enterprise server (1)	—
21	novell	5	1	·	·	×5.0PoC 1	netware (2) · web server (1) · bordermanager (1)	—
22	oracle	5	1	·	·	×3.3PoC 1	http server (2) · web listener (2) · database assistant (1)	—
23	conectiva	4	·	·	·	×4.0PoC 1	linux (4)	—
24	id software	4	·	·	·	NEW	quake (1) · quake 2 (1) · quake 2 server (1)	—
25	macromedia	4	·	·	·		shockwave flash plugin (2) · dreamweaver (1) · matrix screen saver (1)	—
26	openbsd	4	·	·	·		openbsd (3) · openssh (1)	—
27	red hat inc.	4	1	·	·	×4.0PoC 2	red hat enterprise linux (4)	—
28	trend micro	4	1	·	·	PoC 1	interscan viruswall (3) · virus buster 2001 (1)	—
29	broadcom	3	1	·	·	NEW	arcserve backup (2) · inoculan (1) · inoculateit (1)	—
30	compaq	3	·	·	·	×3.0PoC 1	insight management agent (1) · management agents for servers (1) · microcom 6000 firmware (1)	—
31	dec	3	·	·	·	NEW	dec openvms (2) · dec openvms axp (1) · dec openvms vax (1)	—
32	excite	3	·	·	·	NEW	ews (3)	—
33	mirabilis	3	·	·	·	×3.0	icq (1) · icq 98a (1) · icq web front (1)	—
34	qualcomm	3	·	·	·	NEWPoC 1	eudora (2) · eudora light (1) · qpopper (1)	—
35	ssh	3	·	·	·	PoC 1	ssh2 (2) · ssh (1)	—
36	suse	3	1	·	·	×3.0	suse linux (3)	—
37	university of washington	3	·	·	·		imap (1) · imapd (1) · pine (1)	—
38	3com	2	·	·	·	NEW	superstack ii hub (1) · total control netserver card (1)	—
39	allaire	2	·	·	·		coldfusion (1) · coldfusion server (1)	—
40	auto ftp	2	·	·	·	NEW	auto ftp (2)	—
41	behold software	2	·	·	·	NEWPoC 1	web page counter (2)	—
42	bmc	2	·	·	·	NEW	patrol agent (2)	—
43	bsd	2	·	·	·	NEW	bsd (2)	—
44	cactus software	2	·	·	·	NEW	shell-lock (2)	—
45	checkpoint	2	·	·	·		firewall-1 (2)	—
46	computer software manufaktur	2	·	·	·		alibaba (1) · csm proxy (1)	—
47	darren reed	2	·	·	·	NEW	ipfilter (2)	—
48	elm development group	2	·	·	·	NEW	elm (2)	—
49	gftp	2	·	·	·	NEW	ftp client (1) · gftp (1)	—
50	gnu	2	·	·	·		bash (1) · fingerd (1)	—

Top weaknesses

CWE classes by distinct CVE count.

1CWE-202—

2CWE-1201—

3CWE-1311—

4CWE-2001—

5CWE-2091—

6CWE-2641—

7CWE-3071—

8CWE-3101—

9CWE-3461—

10CWE-4011—

11CWE-4341—

12CWE-6671—