CVE Tools
Sign in
month report

March 2007

Data as of Jun 4, 2026, 13:24 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

March 2007 closed with 640 published CVEs. 125 criticals, php led volume, mostly via php. Biggest breakout: php at ×6.0 their 12-month median. Top weakness class — CWE-119 (22 CVE). 10 vendors cracked the top-100 for the first time.

Print view
Total CVEs
640
— MoM— YoY
Severity mix
125 / 204
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
0.8%
5 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)
6941.0
n=5
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
n=0
Weakness × Vendor

What's spreading where in March 2007

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

119Memory Buffer Bounds94Code Injection79XSS20Improper Input Validation89SQL Injection264CWE-264189CWE-189200Information Exposure22Path Traversal399CWE-399php3121microsoft212apple22сообщество свободного программного обеспечения21ibm1joomlalinux21oracle1mozilla111wordpress11mambo1radscan

Breakout vendors

CVE count ≥3× their own 12-period median.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

Top vendors

Ranked by distinct CVE count this period.

  • 1php
    39 CVE3 critCVSS 6.6
    ×6.0PoC 22
    php (38) · com extensions (1)
  • 2microsoft
    24 CVE6 critCVSS 7.1
    PoC 4
    windows vista (13) · windows xp (5) · windows 2003 server (4)
  • 3apple
    20 CVE5 critCVSS 6.9
    mac os x (9) · mac os x server (8) · quicktime (8)
  • 4сообщество свободного программного обеспечения
    14 CVE5 critCVSS 6.8
    PoC 4
    debian gnu/linux (14)
  • 5ibm
    12 CVE2 critCVSS 5.9
    PoC 1
    websphere application server (6) · lotus domino (3) · db2 (1)
  • 6joomla
    9 CVE2 critCVSS 7.7
    PoC 4
    bsq sitestats (5) · car manager (1) · nfn address book (1)
  • 7linux
    8 CVECVSS 5.9
    PoC 1
    linux kernel (8)
  • 8oracle
    8 CVECVSS 5.2
    PoC 1
    apex (2) · database server (2) · oracle10g (1)
  • 9mozilla
    7 CVE1 critCVSS 7.0
    PoC 1
    firefox (6) · seamonkey (2) · thunderbird (1)
  • 10wordpress
    7 CVECVSS 5.6
    ×3.5Nuclei 5PoC 3
    wordpress (7)
  • 11mambo
    6 CVE2 critCVSS 7.6
    PoC 4
    flatmenu (1) · mambo (1) · mambo open source (1)
  • 12radscan
    6 CVE1 critCVSS 6.6
    NEWPoC 4
    network audio system (5) · conquest (1)
  • 13sun
    6 CVECVSS 6.5
    java system web server (2) · sunos (1) · java dynamic management kit (1)
  • 14w-agora
    6 CVECVSS 5.2
    NEWPoC 1
    w-agora (6)
  • 15broadcom
    5 CVE1 critCVSS 6.2
    brightstor arcserve backup (3) · etrust intrusion detection (1) · etrust admin (1)
  • 16kde
    5 CVECVSS 5.9
    PoC 1
    konqueror (3) · k-mail (2)
  • 17madwifi
    5 CVECVSS 7.5
    NEW
    madwifi (5)
  • 18novell
    5 CVE2 critCVSS 8.0
    PoC 2
    access manager (1) · bordermanager (1) · imanager (1)
  • 19phpbb
    5 CVE2 critCVSS 8.2
    NEWPoC 2
    dimension (1) · import tools (1) · insert user (1)
  • 20scriptmagix
    5 CVECVSS 7.5
    NEWPoC 5
    scriptmagix faq builder (1) · scriptmagix jokes (1) · scriptmagix lyrics (1)
  • 21sql-ledger
    5 CVE2 critCVSS 7.7
    NEW
    sql-ledger (5)
  • 22active web softwares
    4 CVECVSS 7.5
    PoC 4
    active auction house (1) · active link engine (1) · active newsletter (1)
  • 23apache
    4 CVECVSS 5.5
    http server (1) · mod perl (1) · mod python (1)
  • 24avaya
    4 CVE1 critCVSS 6.2
    s8700 (2) · s8300 (2) · s8500 (2)
  • 25canonical
    4 CVE1 critCVSS 7.2
    PoC 1
    ubuntu linux (4)
  • 26cisco
    4 CVE1 critCVSS 5.8
    network analysis module (2) · catalyst 7600 ws-x6380-nam (1) · ciscoworks (1)
  • 27drupal
    4 CVECVSS 5.4
    imce module (2) · nodefamily (1) · drupal project issue tracking (1)
  • 28horde
    4 CVECVSS 5.5
    PoC 1
    horde application framework (2) · imp (2) · groupware (1)
  • 29ledgersmb
    4 CVE2 critCVSS 7.7
    NEW
    ledgersmb (4)
  • 30mcafee
    4 CVE1 critCVSS 7.4
    PoC 1
    virex (2) · protectionpilot (1) · epolicy orchestrator (1)
  • 31phpnuke
    4 CVECVSS 5.7
    NEWPoC 2
    php-nuke (4)
  • 32adobe
    3 CVECVSS 4.5
    acrobat reader (2) · coldfusion (1) · jrun (1)
  • 33aj square
    3 CVECVSS 7.5
    NEWPoC 3
    ajauction (1) · aj classifieds (1) · ajdating (1)
  • 34asterisk
    3 CVECVSS 7.7
    NEW
    asterisk (3)
  • 35atrium software
    3 CVE3 critCVSS 10.0
    NEWPoC 2
    mercur imapd (2) · mercur mailserver (1) · mercur messaging 2005 (1)
  • 36audins audiens
    3 CVECVSS 6.9
    NEW
    audins audiens (3)
  • 37bj sintay
    3 CVECVSS 5.6
    NEWPoC 2
    sitex (3)
  • 38call-center-software
    3 CVECVSS 6.3
    NEWPoC 2
    call-center-software (3)
  • 39debian
    3 CVE1 critCVSS 7.6
    PoC 1
    debian linux (2) · apache (1)
  • 40gentoo foundation inc.
    3 CVECVSS 5.6
    gentoo linux (3)
  • 41gnu
    3 CVECVSS 5.5
    gnumail (1) · gpgme (1) · libtool-ltdl (1)
  • 42grayscale
    3 CVECVSS 6.4
    grayscale blog (3)
  • 43jelsoft
    3 CVECVSS 5.9
    PoC 2
    vbulletin (3)
  • 44opera
    3 CVECVSS 6.4
    opera browser (3)
  • 45phpx
    3 CVECVSS 6.2
    NEW
    phpx (3)
  • 46realguestbook
    3 CVECVSS 5.4
    NEW
    realguestbook (3)
  • 47redhat
    3 CVECVSS 5.7
    PoC 1
    enterprise linux server (2) · enterprise linux workstation (2) · enterprise linux desktop (2)
  • 48red hat inc.
    3 CVECVSS 4.5
    red hat enterprise linux (3)
  • 49symantec
    3 CVE1 critCVSS 3.2
    PoC 1
    norton personal firewall (2) · mail security (1) · norton antispam (1)
  • 50tyger
    3 CVECVSS 6.6
    NEWPoC 1
    bug tracking system (3)

Top weaknesses

CWE classes by distinct CVE count.

1CWE-11922↑2
2CWE-9421↓1
3CWE-7916↓1
4CWE-2014↑2
5CWE-8910·
6CWE-2649↑1
7CWE-1897↑8
8CWE-2005·
9CWE-224↓5
10CWE-3994↓1
11CWE-3523↑6
12CWE-162·
13CWE-2872↓2
14CWE-1201·
15CWE-1341↓5
16CWE-1901
17CWE-3621
18CWE-4001
19CWE-4761·
20CWE-5021