CVE Tools
Sign in
month report

May 2007

Data as of Jun 4, 2026, 13:24 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

May 2007 closed with 575 published CVEs. 111 criticals, microsoft led volume, mostly via internet explorer. Biggest breakout: apache at ×4.7 their 12-month median. Top weakness class — CWE-119 (20 CVE). 10 vendors cracked the top-100 for the first time.

Print view
Total CVEs
575
— MoM— YoY
Severity mix
111 / 236
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
1.6%
9 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)
6882.2
n=9
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
n=0
Weakness × Vendor

What's spreading where in May 2007

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

119Memory Buffer Bounds94Code Injection79XSS20Improper Input Validation200Information Exposure399CWE-39989SQL Injection264CWE-264287Improper Authentication134Format Stringmicrosoft12431apple11sun11beaphp211ciscodebian1linux11apache21jetboxсообщество свободного программного обеспечения11hp1

Breakout vendors

CVE count ≥3× their own 12-period median.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

Top vendors

Ranked by distinct CVE count this period.

  • 1microsoft
    26 CVE14 critCVSS 7.9
    PoC 3
    internet explorer (8) · exchange server (4) · office (4)
  • 2apple
    15 CVE8 critCVSS 7.5
    PoC 1
    mac os x (7) · mac os x server (5) · quicktime (3)
  • 3sun
    11 CVE2 critCVSS 6.4
    sunos (3) · jre (3) · sdk (3)
  • 4bea
    10 CVECVSS 5.7
    PoC 1
    weblogic server (9) · weblogic integration (1) · weblogic workshop (1)
  • 5php
    10 CVE2 critCVSS 5.6
    PoC 1
    php (10)
  • 6cisco
    9 CVE2 critCVSS 7.8
    PoC 1
    pix (4) · adaptive security appliance software (4) · ios (3)
  • 7debian
    8 CVECVSS 4.9
    ×4.0PoC 1
    debian linux (8)
  • 8linux
    8 CVECVSS 5.1
    PoC 1
    linux kernel (8)
  • 9apache
    7 CVECVSS 4.4
    ×4.7PoC 1
    tomcat (6) · tomcat jk web server connector (1)
  • 10jetbox
    7 CVECVSS 5.6
    PoC 2
    jetbox cms (7)
  • 11сообщество свободного программного обеспечения
    7 CVECVSS 5.2
    PoC 2
    debian gnu/linux (7)
  • 12hp
    6 CVE2 critCVSS 8.0
    PoC 1
    tru64 (2) · openvms (1) · procurve switch 9300m (1)
  • 13lead technologies
    6 CVE3 critCVSS 8.5
    NEWPoC 3
    leadtools raster dialog file object (2) · leadtools jpeg 2000 (1) · leadtools isis activex control (1)
  • 14vmware
    6 CVECVSS 7.3
    NEW×3.0
    workstation (6) · server (1)
  • 15canonical
    5 CVECVSS 5.7
    PoC 1
    ubuntu linux (5)
  • 16jelsoft
    5 CVECVSS 5.1
    vbulletin (5)
  • 17maven
    5 CVECVSS 4.6
    PoC 1
    org.apache.tomcat:tomcat (4) · org.apache.tomcat:jsp-api (1) · org.apache.tomcat:servlet-api (1)
  • 18oracle
    5 CVECVSS 4.1
    PoC 1
    mysql (3) · weblogic portal (2)
  • 19ruben boelinger
    5 CVECVSS 6.9
    NEWNuclei 5PoC 5
    wp-table (2) · wordtube (2) · myflash (1)
  • 20symantec
    5 CVE2 critCVSS 8.1
    norton internet security (2) · enterprise security manager (1) · discovery (1)
  • 21alstrasoft
    4 CVE3 critCVSS 9.4
    ×4.0PoC 4
    template seller (2) · e-friends (1) · live support (1)
  • 22f-secure
    4 CVE1 critCVSS 8.1
    f-secure anti-virus (3) · f-secure anti-virus client security (3) · f-secure anti-virus linux client security (3)
  • 23office ocx
    4 CVE2 critCVSS 8.7
    NEWPoC 2
    excel viewer ocx (1) · office viewer ocx (1) · powerpoint viewer ocx (1)
  • 24turnkey web tools
    4 CVECVSS 6.4
    sunshop shopping cart (4)
  • 25wikkawiki
    4 CVECVSS 6.3
    NEW
    wikkawiki (4)
  • 26xoops
    4 CVECVSS 7.5
    PoC 3
    flashgames module (1) · myconference module (1) · wfquotes module (1)
  • 27acp3
    3 CVECVSS 6.9
    NEW
    acp3 (3)
  • 28advanced guestbook
    3 CVECVSS 5.5
    advanced guestbook (3)
  • 29avast
    3 CVE1 critCVSS 8.1
    NEWPoC 1
    avast antivirus (3) · avast antivirus home (1) · avast antivirus professional (1)
  • 30caucho technology
    3 CVE1 critCVSS 6.5
    resin (3)
  • 31cerulean studios
    3 CVE2 critCVSS 8.4
    trillian pro (2) · trillian (1)
  • 32dokeos
    3 CVECVSS 6.4
    NEWPoC 3
    dokeos (2) · open source learning and knowledge management tool (1)
  • 33globalmegacorp
    3 CVECVSS 5.1
    NEW
    phpchain (2) · dvddb (1)
  • 34madwifi
    3 CVE1 critCVSS 6.7
    NEW
    madwifi (3)
  • 35mysql
    3 CVECVSS 4.8
    mysql (3)
  • 36nokia
    3 CVECVSS 6.1
    PoC 2
    groupwise mobile server (3) · intellisync mobile suite (3) · intellisync wireless email express (3)
  • 37novell
    3 CVE2 critCVSS 8.8
    securelogin (2) · netmail (1)
  • 38novell inc.
    3 CVE1 critCVSS 7.1
    PoC 2
    opensuse (2) · suse linux enterprise (1)
  • 39precisionid barcode
    3 CVE1 critCVSS 8.4
    NEWPoC 2
    precisionid barcode (3)
  • 40qemu
    3 CVECVSS 3.8
    NEW
    qemu (3)
  • 41red hat inc.
    3 CVE1 critCVSS 6.9
    PoC 1
    red hat enterprise linux (3)
  • 42samba
    3 CVE1 critCVSS 7.7
    NEWPoC 1
    samba (3)
  • 43sonicbb
    3 CVECVSS 4.6
    NEW
    sonicbb (3)
  • 44squirrelmail
    3 CVECVSS 5.6
    squirrelmail (3)
  • 45trend micro
    3 CVE3 critCVSS 10.0
    serverprotect (3)
  • 46wavelink media
    3 CVE1 critCVSS 7.9
    NEWPoC 3
    tutorialcms (3)
  • 472z project
    2 CVECVSS 7.5
    NEWPoC 2
    2z project (2)
  • 48adempiere
    2 CVE1 critCVSS 8.3
    NEW
    adempiere (2)
  • 49adobe
    2 CVECVSS 5.4
    robohelp server (1) · creative suite (1) · robohelp (1)
  • 50agner fog
    2 CVECVSS 7.2
    NEWPoC 1
    aforum (2)

Top weaknesses

CWE classes by distinct CVE count.

1CWE-11920
2CWE-9411
3CWE-7910
4CWE-208
5CWE-2007
6CWE-3997
7CWE-895
8CWE-2644
9CWE-2874
10CWE-1342
11CWE-1892
12CWE-1201
13CWE-1901
14CWE-221
15CWE-2551
16CWE-2691
17CWE-3521
18CWE-3621
19CWE-3691
20CWE-4001