month report

December 2004

Data as of Jun 4, 2026, 13:24 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

December 2004 closed with 248 published CVEs — +570.3% YoY . 101 criticals, redhat led volume, mostly via fedora core. Biggest breakout: suse at ×17.0 their 12-month median. Top weakness class — CWE-119 (4 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

248

— MoM+570.3% YoY

Severity mix

101 / 40

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.0%

0 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

—

n=0

Within 7 days

—%

Within 30 days

—%

Days → KEV (median)

—

n=0

Weakness × Vendor

What's spreading where in December 2004

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

17.0×suse17 CVE
13.5×redhat27 CVE
8.0×gentoo16 CVE
8.0×linux16 CVE
7.0×mandrakesoft7 CVE
6.5×trustix13 CVE
6.0×mplayer6 CVE
5.5×debian11 CVE
5.3×сообщество свободного программного обеспечения24 CVE
5.0×carnegie mellon university5 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#4ubuntu17 CVE
#20gadu-gadu5 CVE
#26sugarcrm4 CVE
#27tips4 CVE
#29altlinux3 CVE
#30burut3 CVE
#31canonical3 CVE
#34zgv3 CVE
#37darryl burgdorf2 CVE
#38enlightenment2 CVE

Top vendors

Ranked by distinct CVE count this period.

1redhat—
27 CVE10 critCVSS 6.5
×13.5PoC 5
fedora core (19) · enterprise linux desktop (12) · enterprise linux (12)
2сообщество свободного программного обеспечения—
24 CVE9 critCVSS 6.7
×5.3PoC 7
debian gnu/linux (24)
3suse—
17 CVE3 critCVSS 6.2
×17.0PoC 2
suse linux (17)
4ubuntu—
17 CVE8 critCVSS 7.2
NEWPoC 1
ubuntu linux (17)
5gentoo—
16 CVE4 critCVSS 6.5
×8.0PoC 3
linux (15) · mirrorselect (1)
6linux—
16 CVE2 critCVSS 5.6
×8.0PoC 2
linux kernel (16)
7microsoft—
16 CVE6 critCVSS 8.6
×3.6PoC 1
windows nt (8) · windows 2003 server (7) · windows 2000 (7)
8trustix—
13 CVE7 critCVSS 8.2
×6.5
secure linux (13)
9debian—
11 CVE2 critCVSS 5.3
×5.5PoC 1
debian linux (10) · debmake (1)
10mandrakesoft—
7 CVE2 critCVSS 6.9
×7.0PoC 2
mandrake linux (7) · mandrake linux corporate server (2)
11conectiva—
6 CVE3 critCVSS 7.5
linux (6)
12gentoo foundation inc.—
6 CVE1 critCVSS 5.2
PoC 2
gentoo linux (6)
13mplayer—
6 CVE6 critCVSS 10.0
×6.0PoC 1
mplayer (5) · unix mplayer (1)
14php—
6 CVE5 critCVSS 9.2
PoC 1
php (6)
15red hat inc.—
6 CVE3 critCVSS 8.3
PoC 2
red hat enterprise linux (6)
16carnegie mellon university—
5 CVE5 critCVSS 10.0
×5.0
cyrus imap server (5)
17cisco—
5 CVE1 critCVSS 5.7
cns network registrar (2) · multiservice platform 2650xm (1) · multiservice platform 2651xm (1)
18easy software products—
5 CVE1 critCVSS 5.0
PoC 4
cups (5)
19ethereal group—
5 CVECVSS 5.0
×3.3
ethereal (5)
20gadu-gadu—
5 CVE1 critCVSS 6.5
NEW
gadu-gadu instant messenger (5)
21openpkg—
5 CVE5 critCVSS 10.0
×5.0
openpkg (5)
22apple—
4 CVECVSS 5.7
PoC 1
safari (3) · mac os x (1) · quicktime streaming server (1)
23kde—
4 CVE1 critCVSS 6.8
×4.0PoC 1
kde (2) · konqueror (2) · kdelibs (1)
24mozilla—
4 CVECVSS 4.6
×4.0PoC 2
firefox (2) · mozilla (2) · bugzilla (1)
25sgi—
4 CVE1 critCVSS 6.3
propack (3) · irix (1)
26sugarcrm—
4 CVE2 critCVSS 7.8
NEWPoC 1
sugarcrm (2) · sugar sales (2)
27tips—
4 CVECVSS 5.7
NEWPoC 1
mailpost (4)
28turbolinux—
4 CVECVSS 5.9
turbolinux server (4)
29altlinux—
3 CVECVSS 5.0
NEW
alt linux (3)
30burut—
3 CVE1 critCVSS 6.7
NEWPoC 2
kreed (3)
31canonical—
3 CVE3 critCVSS 10.0
NEW
ubuntu linux (3)
32kerio—
3 CVECVSS 2.5
serverfirewall (2) · kerio mailserver (2) · winroute firewall (2)
33xine—
3 CVE3 critCVSS 10.0
×3.0
xine-lib (3) · xine (2)
34zgv—
3 CVE2 critCVSS 8.5
NEW
zgv image viewer (3) · xzgv image viewer (2)
35adobe—
2 CVE2 critCVSS 10.0
PoC 1
acrobat reader (2)
36broadcom—
2 CVECVSS 7.5
PoC 1
etrust ez antivirus (2) · etrust antivirus (1) · brightstor arcserve backup (1)
37darryl burgdorf—
2 CVE1 critCVSS 7.5
NEWPoC 1
weblibs (2)
38enlightenment—
2 CVE2 critCVSS 10.0
NEW
imlib (2)
39greed—
2 CVE2 critCVSS 10.0
NEWPoC 1
greed (2)
40ibm—
2 CVECVSS 7.2
aix (2)
41iglooftp—
2 CVECVSS 3.5
NEWPoC 2
iglooftp (2)
42insite—
2 CVECVSS 6.8
NEWPoC 1
inmail (2) · inshop (2)
43junkie—
2 CVE1 critCVSS 7.5
NEWPoC 2
junkie ftp client (2)
44lucasarts—
2 CVECVSS 5.0
NEW
star wars battlefront (2)
45michael kohn—
2 CVE2 critCVSS 10.0
NEWPoC 1
ringtonetools (1) · vb2c (1)
46mysql—
2 CVE1 critCVSS 7.5
maxdb (2)
47nfs—
2 CVE1 critCVSS 7.5
nfs-utils (2)
48opera—
2 CVECVSS 6.3
opera browser (2)
49phpcms—
2 CVECVSS 5.9
NEWPoC 1
phpcms (2)
50phpmyadmin—
2 CVE1 critCVSS 7.5
NEW
phpmyadmin (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	redhat	27	10	·	·	×13.5PoC 5	fedora core (19) · enterprise linux desktop (12) · enterprise linux (12)	—
2	сообщество свободного программного обеспечения	24	9	·	·	×5.3PoC 7	debian gnu/linux (24)	—
3	suse	17	3	·	·	×17.0PoC 2	suse linux (17)	—
4	ubuntu	17	8	·	·	NEWPoC 1	ubuntu linux (17)	—
5	gentoo	16	4	·	·	×8.0PoC 3	linux (15) · mirrorselect (1)	—
6	linux	16	2	·	·	×8.0PoC 2	linux kernel (16)	—
7	microsoft	16	6	·	·	×3.6PoC 1	windows nt (8) · windows 2003 server (7) · windows 2000 (7)	—
8	trustix	13	7	·	·	×6.5	secure linux (13)	—
9	debian	11	2	·	·	×5.5PoC 1	debian linux (10) · debmake (1)	—
10	mandrakesoft	7	2	·	·	×7.0PoC 2	mandrake linux (7) · mandrake linux corporate server (2)	—
11	conectiva	6	3	·	·		linux (6)	—
12	gentoo foundation inc.	6	1	·	·	PoC 2	gentoo linux (6)	—
13	mplayer	6	6	·	·	×6.0PoC 1	mplayer (5) · unix mplayer (1)	—
14	php	6	5	·	·	PoC 1	php (6)	—
15	red hat inc.	6	3	·	·	PoC 2	red hat enterprise linux (6)	—
16	carnegie mellon university	5	5	·	·	×5.0	cyrus imap server (5)	—
17	cisco	5	1	·	·		cns network registrar (2) · multiservice platform 2650xm (1) · multiservice platform 2651xm (1)	—
18	easy software products	5	1	·	·	PoC 4	cups (5)	—
19	ethereal group	5	·	·	·	×3.3	ethereal (5)	—
20	gadu-gadu	5	1	·	·	NEW	gadu-gadu instant messenger (5)	—
21	openpkg	5	5	·	·	×5.0	openpkg (5)	—
22	apple	4	·	·	·	PoC 1	safari (3) · mac os x (1) · quicktime streaming server (1)	—
23	kde	4	1	·	·	×4.0PoC 1	kde (2) · konqueror (2) · kdelibs (1)	—
24	mozilla	4	·	·	·	×4.0PoC 2	firefox (2) · mozilla (2) · bugzilla (1)	—
25	sgi	4	1	·	·		propack (3) · irix (1)	—
26	sugarcrm	4	2	·	·	NEWPoC 1	sugarcrm (2) · sugar sales (2)	—
27	tips	4	·	·	·	NEWPoC 1	mailpost (4)	—
28	turbolinux	4	·	·	·		turbolinux server (4)	—
29	altlinux	3	·	·	·	NEW	alt linux (3)	—
30	burut	3	1	·	·	NEWPoC 2	kreed (3)	—
31	canonical	3	3	·	·	NEW	ubuntu linux (3)	—
32	kerio	3	·	·	·		serverfirewall (2) · kerio mailserver (2) · winroute firewall (2)	—
33	xine	3	3	·	·	×3.0	xine-lib (3) · xine (2)	—
34	zgv	3	2	·	·	NEW	zgv image viewer (3) · xzgv image viewer (2)	—
35	adobe	2	2	·	·	PoC 1	acrobat reader (2)	—
36	broadcom	2	·	·	·	PoC 1	etrust ez antivirus (2) · etrust antivirus (1) · brightstor arcserve backup (1)	—
37	darryl burgdorf	2	1	·	·	NEWPoC 1	weblibs (2)	—
38	enlightenment	2	2	·	·	NEW	imlib (2)	—
39	greed	2	2	·	·	NEWPoC 1	greed (2)	—
40	ibm	2	·	·	·		aix (2)	—
41	iglooftp	2	·	·	·	NEWPoC 2	iglooftp (2)	—
42	insite	2	·	·	·	NEWPoC 1	inmail (2) · inshop (2)	—
43	junkie	2	1	·	·	NEWPoC 2	junkie ftp client (2)	—
44	lucasarts	2	·	·	·	NEW	star wars battlefront (2)	—
45	michael kohn	2	2	·	·	NEWPoC 1	ringtonetools (1) · vb2c (1)	—
46	mysql	2	1	·	·		maxdb (2)	—
47	nfs	2	1	·	·		nfs-utils (2)	—
48	opera	2	·	·	·		opera browser (2)	—
49	phpcms	2	·	·	·	NEWPoC 1	phpcms (2)	—
50	phpmyadmin	2	1	·	·	NEW	phpmyadmin (2)	—

Top weaknesses

CWE classes by distinct CVE count.

1CWE-1194—

2CWE-202—

3CWE-7872—

4CWE-2641—

5CWE-4001—

6CWE-741—

7CWE-941—