month report
September 2004
Data as of Jun 4, 2026, 13:24 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
September 2004 closed with 565 published CVEs — +438.1% YoY . 41 criticals, microsoft led volume, mostly via windows xp. Biggest breakout: apache at ×23.0 their 12-month median. Top weakness class — CWE-119 (5 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
565
— MoM+438.1% YoY
Severity mix
41 / 253
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
0.0%
0 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
—
n=0
Within 7 days
—%
Within 30 days
—%
Days → KEV (median)
—
n=0
Weakness × Vendor
What's spreading where in September 2004
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
Breakout vendors
CVE count ≥3× their own 12-period median.
- 23.0×apache23 CVE
- 19.0×mozilla19 CVE
- 18.3×red hat inc.55 CVE
- 12.2×microsoft73 CVE
- 12.0×cisco24 CVE
- 10.0×conectiva10 CVE
- 10.0×freebsd10 CVE
- 9.0×kde9 CVE
- 9.0×mandrakesoft9 CVE
- 8.7×apple26 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #30paul l daniels7 CVE
- #35lbl6 CVE
- #46red-m4 CVE
- #53enlightenment3 CVE
- #54imagemagick3 CVE
- #56namazu3 CVE
- #57ncipher3 CVE
- #59rxvt3 CVE
- #61the cacti group3 CVE
- #62ubuntu3 CVE
Top vendors
Ranked by distinct CVE count this period.
- 73 CVE4 critCVSS 7.0×12.2PoC 8windows xp (18) · windows 2000 (17) · internet explorer (14)
- 55 CVE4 critCVSS 5.7×18.3PoC 12red hat enterprise linux (55)
- 32 CVE3 critCVSS 6.5×6.4PoC 7debian gnu/linux (32)
- 26 CVE2 critCVSS 6.3×8.7PoC 5mac os x (16) · darwin streaming server (6) · mac os x server (6)
- 24 CVECVSS 5.8×12.0PoC 1vpn 3000 concentrator series software (8) · vpn client (6) · vpn 3002 hardware client (6)
- 23 CVE1 critCVSS 6.0×23.0PoC 1http server (17) · tomcat (5) · mod python (1)
- 21 CVE3 critCVSS 7.0×8.4PoC 3enterprise linux desktop (11) · enterprise linux (11) · linux (9)
- 21 CVE2 critCVSS 6.5×8.4PoC 2solaris (12) · sunos (11) · java desktop system (4)
- 19 CVE3 critCVSS 6.7×19.0PoC 3mozilla (12) · thunderbird (7) · bugzilla (5)
- 17 CVE1 critCVSS 6.0×8.5PoC 1irix (12) · propack (4) · freeware (1)
- 12 CVE1 critCVSS 5.3aix (6) · lotus domino (2) · lotus notes client (2)
- 12 CVECVSS 4.4×6.0PoC 3linux kernel (12)
- 12 CVECVSS 5.5×4.0PoC 1openbsd (11) · openssh (1)
- 12 CVE2 critCVSS 6.8×6.0PoC 1suse linux (12)
- 11 CVE2 critCVSS 7.4×5.5PoC 2mysql (5) · oracle9i (4) · oracle8i (3)
- 10 CVE4 critCVSS 7.7×10.0linux (10)
- 10 CVE1 critCVSS 6.7×5.0PoC 3debian linux (6) · fsp (2) · netkit (1)
- 10 CVECVSS 5.1×10.0freebsd (10)
- 10 CVE2 critCVSS 7.3×5.0PoC 3hp-ux (5) · secure os (3) · secure web server for tru64 (1)
- 9 CVECVSS 7.0×9.0PoC 2kde (8) · konqueror (4)
- 9 CVECVSS 5.9×9.0PoC 1mandrake linux (9) · mandrake linux corporate server (4)
- 9 CVE1 critCVSS 7.1×4.5PoC 1x11r6 (9)
- 8 CVECVSS 6.8×4.0internet gatekeeper (8) · f-secure anti-virus (1) · f-secure content scanner server (1)
- 7 CVECVSS 7.5×3.5mailsweeper (7)
- 7 CVECVSS 4.2×3.5PoC 1glibc (2) · radius (2) · libtool (1)
- 7 CVECVSS 6.1×7.0bind (5) · dhcpd (1) · inn (1)
- 7 CVE1 critCVSS 6.3×7.0kerberos 5 (7)
- 7 CVE1 critCVSS 5.1×7.0PoC 2netbsd (7)
- 7 CVECVSS 5.8×3.5PoC 1netware (6) · small business suite (2) · edirectory (1)
- 7 CVECVSS 7.5NEW×7.0ripmime (7)
- 7 CVE1 critCVSS 6.7samba (6) · jitterbug (1)
- 6 CVE2 critCVSS 7.7×6.0PoC 5cups (6)
- 6 CVE1 critCVSS 5.5×3.0PoC 2linux (6)
- 6 CVECVSS 6.2×4.0gdkpixbuf (5) · gtk (4) · gnome-terminal (1)
- 6 CVECVSS 6.3NEWPoC 1tcpdump (6)
- 6 CVE1 critCVSS 7.5PoC 2navigator (5) · directory server (1) · certificate server (1)
- 5 CVECVSS 6.5×5.0opensuse (5)
- 5 CVECVSS 7.5gaim (5)
- 5 CVECVSS 6.8gateway security (2) · raptor firewall (2) · velociraptor (2)
- 4 CVECVSS 6.1PoC 2s8100 (3) · ip600 media servers (3) · modular messaging message storage server (3)
- 4 CVECVSS 6.3PoC 1mantis (4)
- 4 CVECVSS 5.6×4.0org.apache.tomcat:tomcat (4)
- 4 CVECVSS 6.9php (4)
- 4 CVECVSS 6.7phpgedview (4)
- 4 CVECVSS 6.0xpressa (4)
- 4 CVE2 critCVSS 8.1NEWPoC 31050ap lan acess point (4)
- 4 CVECVSS 4.8PoC 2superscout email filter (4)
- 4 CVECVSS 5.5PoC 2secure linux (4)
- 4 CVECVSS 6.0PoC 1turbolinux desktop (3) · turbolinux server (3) · turbolinux workstation (2)
- 4 CVE4 critCVSS 10.0PoC 1firebox (2) · soho firewall (2)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | microsoft | 73 | 4 | · | · | ×12.2PoC 8 | windows xp (18) · windows 2000 (17) · internet explorer (14) | — | |
| 2 | red hat inc. | 55 | 4 | · | · | ×18.3PoC 12 | red hat enterprise linux (55) | — | |
| 3 | сообщество свободного программного обеспечения | 32 | 3 | · | · | ×6.4PoC 7 | debian gnu/linux (32) | — | |
| 4 | apple | 26 | 2 | · | · | ×8.7PoC 5 | mac os x (16) · darwin streaming server (6) · mac os x server (6) | — | |
| 5 | cisco | 24 | · | · | · | ×12.0PoC 1 | vpn 3000 concentrator series software (8) · vpn client (6) · vpn 3002 hardware client (6) | — | |
| 6 | apache | 23 | 1 | · | · | ×23.0PoC 1 | http server (17) · tomcat (5) · mod python (1) | — | |
| 7 | redhat | 21 | 3 | · | · | ×8.4PoC 3 | enterprise linux desktop (11) · enterprise linux (11) · linux (9) | — | |
| 8 | sun | 21 | 2 | · | · | ×8.4PoC 2 | solaris (12) · sunos (11) · java desktop system (4) | — | |
| 9 | mozilla | 19 | 3 | · | · | ×19.0PoC 3 | mozilla (12) · thunderbird (7) · bugzilla (5) | — | |
| 10 | sgi | 17 | 1 | · | · | ×8.5PoC 1 | irix (12) · propack (4) · freeware (1) | — | |
| 11 | ibm | 12 | 1 | · | · | aix (6) · lotus domino (2) · lotus notes client (2) | — | ||
| 12 | linux | 12 | · | · | · | ×6.0PoC 3 | linux kernel (12) | — | |
| 13 | openbsd | 12 | · | · | · | ×4.0PoC 1 | openbsd (11) · openssh (1) | — | |
| 14 | suse | 12 | 2 | · | · | ×6.0PoC 1 | suse linux (12) | — | |
| 15 | oracle | 11 | 2 | · | · | ×5.5PoC 2 | mysql (5) · oracle9i (4) · oracle8i (3) | — | |
| 16 | conectiva | 10 | 4 | · | · | ×10.0 | linux (10) | — | |
| 17 | debian | 10 | 1 | · | · | ×5.0PoC 3 | debian linux (6) · fsp (2) · netkit (1) | — | |
| 18 | freebsd | 10 | · | · | · | ×10.0 | freebsd (10) | — | |
| 19 | hp | 10 | 2 | · | · | ×5.0PoC 3 | hp-ux (5) · secure os (3) · secure web server for tru64 (1) | — | |
| 20 | kde | 9 | · | · | · | ×9.0PoC 2 | kde (8) · konqueror (4) | — | |
| 21 | mandrakesoft | 9 | · | · | · | ×9.0PoC 1 | mandrake linux (9) · mandrake linux corporate server (4) | — | |
| 22 | xfree86 project | 9 | 1 | · | · | ×4.5PoC 1 | x11r6 (9) | — | |
| 23 | f-secure | 8 | · | · | · | ×4.0 | internet gatekeeper (8) · f-secure anti-virus (1) · f-secure content scanner server (1) | — | |
| 24 | clearswift | 7 | · | · | · | ×3.5 | mailsweeper (7) | — | |
| 25 | gnu | 7 | · | · | · | ×3.5PoC 1 | glibc (2) · radius (2) · libtool (1) | — | |
| 26 | isc | 7 | · | · | · | ×7.0 | bind (5) · dhcpd (1) · inn (1) | — | |
| 27 | mit | 7 | 1 | · | · | ×7.0 | kerberos 5 (7) | — | |
| 28 | netbsd | 7 | 1 | · | · | ×7.0PoC 2 | netbsd (7) | — | |
| 29 | novell | 7 | · | · | · | ×3.5PoC 1 | netware (6) · small business suite (2) · edirectory (1) | — | |
| 30 | paul l daniels | 7 | · | · | · | NEW×7.0 | ripmime (7) | — | |
| 31 | samba | 7 | 1 | · | · | samba (6) · jitterbug (1) | — | ||
| 32 | easy software products | 6 | 2 | · | · | ×6.0PoC 5 | cups (6) | — | |
| 33 | gentoo | 6 | 1 | · | · | ×3.0PoC 2 | linux (6) | — | |
| 34 | gnome | 6 | · | · | · | ×4.0 | gdkpixbuf (5) · gtk (4) · gnome-terminal (1) | — | |
| 35 | lbl | 6 | · | · | · | NEWPoC 1 | tcpdump (6) | — | |
| 36 | netscape | 6 | 1 | · | · | PoC 2 | navigator (5) · directory server (1) · certificate server (1) | — | |
| 37 | novell inc. | 5 | · | · | · | ×5.0 | opensuse (5) | — | |
| 38 | rob flynn | 5 | · | · | · | gaim (5) | — | ||
| 39 | symantec | 5 | · | · | · | gateway security (2) · raptor firewall (2) · velociraptor (2) | — | ||
| 40 | avaya | 4 | · | · | · | PoC 2 | s8100 (3) · ip600 media servers (3) · modular messaging message storage server (3) | — | |
| 41 | mantis | 4 | · | · | · | PoC 1 | mantis (4) | — | |
| 42 | maven | 4 | · | · | · | ×4.0 | org.apache.tomcat:tomcat (4) | — | |
| 43 | php | 4 | · | · | · | php (4) | — | ||
| 44 | phpgedview | 4 | · | · | · | phpgedview (4) | — | ||
| 45 | pingtel | 4 | · | · | · | xpressa (4) | — | ||
| 46 | red-m | 4 | 2 | · | · | NEWPoC 3 | 1050ap lan acess point (4) | — | |
| 47 | surfcontrol | 4 | · | · | · | PoC 2 | superscout email filter (4) | — | |
| 48 | trustix | 4 | · | · | · | PoC 2 | secure linux (4) | — | |
| 49 | turbolinux | 4 | · | · | · | PoC 1 | turbolinux desktop (3) · turbolinux server (3) · turbolinux workstation (2) | — | |
| 50 | watchguard | 4 | 4 | · | · | PoC 1 | firebox (2) · soho firewall (2) | — |