month report

April 2007

Data as of Jun 4, 2026, 13:24 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

April 2007 closed with 632 published CVEs. 114 criticals, oracle led volume, mostly via database server. Biggest breakout: oracle at ×11.6 their 12-month median. Top weakness class — CWE-94 (13 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

632

— MoM— YoY

Severity mix

114 / 264

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.5%

3 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

6906.0

n=3

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

—

n=0

Weakness × Vendor

What's spreading where in April 2007

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

11.6×oracle29 CVE
5.0×adobe5 CVE
5.0×kaspersky lab5 CVE
4.0×apache6 CVE
3.5×debian7 CVE
3.0×sap6 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#14web-app.net6 CVE
#20web-app.org5 CVE
#21afflib4 CVE
#25asterisk3 CVE
#27drake team3 CVE
#29inoutmailinglistmanager3 CVE
#33maian3 CVE
#39onelook3 CVE
#41pl-php3 CVE
#45sam crew3 CVE

Top vendors

Ranked by distinct CVE count this period.

1oracle—
29 CVE16 critCVSS 8.4
×11.6
database server (13) · application server (7) · e-business suite (6)
2microsoft—
24 CVE5 critCVSS 7.3
PoC 4
windows xp (10) · windows 2000 (10) · windows 2003 server (8)
3apple—
19 CVE5 critCVSS 7.4
mac os x (15) · mac os x server (8) · quicktime (2)
4cisco—
15 CVE3 critCVSS 6.8
wireless lan controller software (4) · wireless control system (4) · unified callmanager (3)
5php—
14 CVECVSS 6.6
PoC 5
php (14)
6xoops—
12 CVECVSS 7.5
PoC 12
core module (1) · friendfinder module (1) · happy linux xfsection module (1)
7ibm—
8 CVE3 critCVSS 7.4
websphere application server (3) · lotus notes (1) · tivoli business service manager (1)
8debian—
7 CVE3 critCVSS 7.3
×3.5PoC 1
debian linux (7)
9gentoo foundation inc.—
7 CVE4 critCVSS 8.4
PoC 1
gentoo linux (7)
10apache—
6 CVECVSS 5.2
×4.0
http server (3) · tomcat (2) · axis (1)
11canonical—
6 CVE3 critCVSS 7.7
ubuntu linux (6)
12hp—
6 CVE2 critCVSS 6.4
hp-ux (2) · mercury quality center (2) · power manager remote agent (1)
13sap—
6 CVE2 critCVSS 7.5
×3.0
rfc library (6)
14web-app.net—
6 CVECVSS 5.1
NEW
webapp (6)
15adobe—
5 CVE2 critCVSS 8.6
×5.0PoC 2
golive (2) · illustrator (2) · photoshop (2)
16kaspersky lab—
5 CVE3 critCVSS 8.5
×5.0
kaspersky anti-virus (5) · kaspersky internet security (5)
17mozilla—
5 CVE2 critCVSS 6.9
firefox (4) · mozilla (1) · seamonkey (1)
18phorum—
5 CVECVSS 6.2
PoC 1
phorum (5)
19symantec—
5 CVE1 critCVSS 5.9
norton save and recovery (3) · norton ghost (3) · livestate recovery (3)
20web-app.org—
5 CVECVSS 5.0
NEW
webapp (5)
21afflib—
4 CVE2 critCVSS 8.8
NEW
afflib (4)
22mybb—
4 CVECVSS 7.0
PoC 1
mybb (3) · mybb hot editor plugin (1)
23nortel—
4 CVE3 critCVSS 9.0
vpn router 5000 (3) · contivity (2) · vpn router 1100 (1)
24сообщество свободного программного обеспечения—
4 CVECVSS 4.6
debian gnu/linux (4)
25asterisk—
3 CVECVSS 7.7
NEW
asterisk (3)
26clam anti-virus—
3 CVECVSS 7.5
clamav (3)
27drake team—
3 CVECVSS 5.6
NEWPoC 1
drake cms (3)
28emc—
3 CVE2 critCVSS 8.9
rsa security sitekey (3)
29inoutmailinglistmanager—
3 CVECVSS 7.0
NEWPoC 3
inoutmailinglistmanager (3)
30irfanview—
3 CVE2 critCVSS 9.3
PoC 3
irfanview (3)
31joomla—
3 CVECVSS 6.8
PoC 2
jambook (1) · joomla (1) · taskhopper component (1)
32linux—
3 CVECVSS 4.9
linux kernel (3)
33maian—
3 CVECVSS 7.0
NEW
gallery (1) · search (1) · weblog (1)
34mambo—
3 CVECVSS 6.8
PoC 2
jambook (1) · mambo calendar (1) · taskhopper component (1)
35mit—
3 CVE3 critCVSS 9.3
kerberos 5 (3)
36mybulletinboard—
3 CVECVSS 7.0
PoC 2
mybulletinboard (3)
37novell inc.—
3 CVE1 critCVSS 6.9
opensuse (2) · suse linux enterprise (1)
38nullsoft—
3 CVE2 critCVSS 8.6
PoC 1
winamp (3)
39onelook—
3 CVECVSS 7.5
NEW
courts online (1) · oboshop (1) · onebyone cms (1)
40openbsd—
3 CVECVSS 5.8
openbsd (2) · openssh (1)
41pl-php—
3 CVECVSS 7.5
NEWPoC 3
pl-php (3)
42punbb—
3 CVECVSS 6.2
punbb (3)
43redhat—
3 CVECVSS 5.4
enterprise linux (3) · enterprise linux desktop (2) · fedora core (2)
44red hat inc.—
3 CVECVSS 4.2
red hat enterprise linux (3)
45sam crew—
3 CVECVSS 6.2
NEWPoC 1
myblog (3)
46stephen craton—
3 CVE2 critCVSS 8.8
NEW
chatness (3)
47sun—
3 CVECVSS 6.7
java web console (1) · sunos (1) · solaris (1)
48wordpress—
3 CVECVSS 5.2
Nuclei 3PoC 1
wordpress (3)
49x.org—
3 CVE1 critCVSS 7.1
NEW
libxfont (2) · x11 (1)
50acd systems—
2 CVE2 critCVSS 9.3
NEWPoC 2
acdsee (1) · acdsee photo manager (1) · photo editor (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	29	16	·	·	×11.6	database server (13) · application server (7) · e-business suite (6)	—
2	microsoft	24	5	·	·	PoC 4	windows xp (10) · windows 2000 (10) · windows 2003 server (8)	—
3	apple	19	5	·	·		mac os x (15) · mac os x server (8) · quicktime (2)	—
4	cisco	15	3	·	·		wireless lan controller software (4) · wireless control system (4) · unified callmanager (3)	—
5	php	14	·	·	·	PoC 5	php (14)	—
6	xoops	12	·	·	·	PoC 12	core module (1) · friendfinder module (1) · happy linux xfsection module (1)	—
7	ibm	8	3	·	·		websphere application server (3) · lotus notes (1) · tivoli business service manager (1)	—
8	debian	7	3	·	·	×3.5PoC 1	debian linux (7)	—
9	gentoo foundation inc.	7	4	·	·	PoC 1	gentoo linux (7)	—
10	apache	6	·	·	·	×4.0	http server (3) · tomcat (2) · axis (1)	—
11	canonical	6	3	·	·		ubuntu linux (6)	—
12	hp	6	2	·	·		hp-ux (2) · mercury quality center (2) · power manager remote agent (1)	—
13	sap	6	2	·	·	×3.0	rfc library (6)	—
14	web-app.net	6	·	·	·	NEW	webapp (6)	—
15	adobe	5	2	·	·	×5.0PoC 2	golive (2) · illustrator (2) · photoshop (2)	—
16	kaspersky lab	5	3	·	·	×5.0	kaspersky anti-virus (5) · kaspersky internet security (5)	—
17	mozilla	5	2	·	·		firefox (4) · mozilla (1) · seamonkey (1)	—
18	phorum	5	·	·	·	PoC 1	phorum (5)	—
19	symantec	5	1	·	·		norton save and recovery (3) · norton ghost (3) · livestate recovery (3)	—
20	web-app.org	5	·	·	·	NEW	webapp (5)	—
21	afflib	4	2	·	·	NEW	afflib (4)	—
22	mybb	4	·	·	·	PoC 1	mybb (3) · mybb hot editor plugin (1)	—
23	nortel	4	3	·	·		vpn router 5000 (3) · contivity (2) · vpn router 1100 (1)	—
24	сообщество свободного программного обеспечения	4	·	·	·		debian gnu/linux (4)	—
25	asterisk	3	·	·	·	NEW	asterisk (3)	—
26	clam anti-virus	3	·	·	·		clamav (3)	—
27	drake team	3	·	·	·	NEWPoC 1	drake cms (3)	—
28	emc	3	2	·	·		rsa security sitekey (3)	—
29	inoutmailinglistmanager	3	·	·	·	NEWPoC 3	inoutmailinglistmanager (3)	—
30	irfanview	3	2	·	·	PoC 3	irfanview (3)	—
31	joomla	3	·	·	·	PoC 2	jambook (1) · joomla (1) · taskhopper component (1)	—
32	linux	3	·	·	·		linux kernel (3)	—
33	maian	3	·	·	·	NEW	gallery (1) · search (1) · weblog (1)	—
34	mambo	3	·	·	·	PoC 2	jambook (1) · mambo calendar (1) · taskhopper component (1)	—
35	mit	3	3	·	·		kerberos 5 (3)	—
36	mybulletinboard	3	·	·	·	PoC 2	mybulletinboard (3)	—
37	novell inc.	3	1	·	·		opensuse (2) · suse linux enterprise (1)	—
38	nullsoft	3	2	·	·	PoC 1	winamp (3)	—
39	onelook	3	·	·	·	NEW	courts online (1) · oboshop (1) · onebyone cms (1)	—
40	openbsd	3	·	·	·		openbsd (2) · openssh (1)	—
41	pl-php	3	·	·	·	NEWPoC 3	pl-php (3)	—
42	punbb	3	·	·	·		punbb (3)	—
43	redhat	3	·	·	·		enterprise linux (3) · enterprise linux desktop (2) · fedora core (2)	—
44	red hat inc.	3	·	·	·		red hat enterprise linux (3)	—
45	sam crew	3	·	·	·	NEWPoC 1	myblog (3)	—
46	stephen craton	3	2	·	·	NEW	chatness (3)	—
47	sun	3	·	·	·		java web console (1) · sunos (1) · solaris (1)	—
48	wordpress	3	·	·	3	Nuclei 3PoC 1	wordpress (3)	—
49	x.org	3	1	·	·	NEW	libxfont (2) · x11 (1)	—
50	acd systems	2	2	·	·	NEWPoC 2	acdsee (1) · acdsee photo manager (1) · photo editor (1)	—