month report

September 2007

Data as of Jun 4, 2026, 13:24 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

September 2007 closed with 453 published CVEs. 59 criticals, php led volume, mostly via php. Biggest breakout: canonical at ×5.0 their 12-month median. Top weakness class — CWE-119 (76 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

453

— MoM— YoY

Severity mix

59 / 135

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

1.3%

6 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

6741.4

n=6

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

5323

n=1

Weakness × Vendor

What's spreading where in September 2007

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

5.0×canonical10 CVE
4.0×claroline4 CVE
3.0×debian6 CVE
3.0×google3 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#11vmware7 CVE
#13firebirdsql6 CVE
#19auracms4 CVE
#20boesch-it4 CVE
#22dibbler4 CVE
#26wordpress4 CVE
#27xwiki4 CVE
#31izicontents3 CVE
#32jspwiki3 CVE
#33kwsphp3 CVE

Top vendors

Ranked by distinct CVE count this period.

1php—
20 CVECVSS 6.3
PoC 3
php (20) · mysql extension (1)
2apple—
14 CVE3 critCVSS 5.9
Nuclei 1PoC 1
safari (8) · iphone (3) · iphone os (3)
3ibm—
14 CVE1 critCVSS 6.9
aix (9) · tivoli storage manager client (2) · websphere application server (2)
4сообщество свободного программного обеспечения—
14 CVECVSS 5.8
PoC 1
debian gnu/linux (14)
5microsoft—
11 CVE2 critCVSS 6.9
PoC 6
visual studio (2) · internet explorer (2) · windows 2003 server (2)
6canonical—
10 CVE3 critCVSS 7.6
×5.0
ubuntu linux (10)
7joomla—
10 CVECVSS 6.5
PoC 6
joomla (6) · flash fun component (1) · akobook (1)
8sun—
8 CVE3 critCVSS 7.8
PoC 2
solaris (5) · sunos (3) · jre (1)
9cisco—
7 CVE2 critCVSS 6.8
content switching modules (2) · content switching module with ssl (2) · video surveillance ip gateway encoder decoder (2)
10linux—
7 CVECVSS 4.9
PoC 1
linux kernel (7)
11vmware—
7 CVE4 critCVSS 8.4
NEW
ace (7) · server (6) · player (6)
12debian—
6 CVE1 critCVSS 6.9
×3.0
debian linux (4) · debian-goodies (1) · reprepro (1)
13firebirdsql—
6 CVECVSS 5.3
NEW
firebird (6)
14gentoo foundation inc.—
6 CVECVSS 6.0
gentoo linux (6)
15redhat—
6 CVECVSS 2.9
enterprise linux (5) · linux (2)
16axis—
5 CVE1 critCVSS 5.3
PoC 1
207w network camera (4) · 207w camera (1)
17red hat inc.—
5 CVE1 critCVSS 6.8
red hat enterprise linux (5)
18apache—
4 CVE1 critCVSS 6.2
tomcat (1) · http server (1) · openoffice (1)
19auracms—
4 CVECVSS 7.3
NEWPoC 4
auracms (4)
20boesch-it—
4 CVECVSS 4.7
NEW
simpgb (2) · simpnews (2)
21claroline—
4 CVECVSS 4.1
×4.0PoC 1
claroline (4)
22dibbler—
4 CVECVSS 5.6
NEW
dibbler (4)
23hitachi—
4 CVE1 critCVSS 6.3
ucosminexus service platform (3) · ucosminexus application server enterprise (3) · ucosminexus application server standard (3)
24imagemagick—
4 CVE1 critCVSS 7.0
imagemagick (4)
25mozilla—
4 CVE2 critCVSS 7.8
PoC 1
firefox (3) · seamonkey (2) · bugzilla (1)
26wordpress—
4 CVECVSS 5.1
NEWNuclei 4PoC 1
wordpress (4)
27xwiki—
4 CVECVSS 4.3
NEW
xwiki (4)
28google—
3 CVECVSS 6.4
×3.0
picasa (3)
29hp—
3 CVE2 critCVSS 7.8
all-in-on printer (1) · hp-ux (1) · photo and imaging gallery (1)
30invision power services—
3 CVECVSS 5.9
invision power board (3)
31izicontents—
3 CVECVSS 7.5
NEWPoC 3
izicontents (3)
32jspwiki—
3 CVECVSS 4.3
NEWPoC 1
jspwiki (3)
33kwsphp—
3 CVECVSS 7.2
NEWPoC 3
kwsphp (3)
34mit—
3 CVE2 critCVSS 9.5
kerberos 5 (3)
35roi revolution—
3 CVECVSS 4.5
NEW
urchin (3)
36winimage—
3 CVE2 critCVSS 7.9
NEWPoC 1
winimage (3)
37adam scheinberg—
2 CVECVSS 6.3
NEWPoC 2
flip (2)
38adobe—
2 CVE1 critCVSS 7.9
acrobat (1) · acrobat reader (1) · connect enterprise server (1)
39alexander palmo—
2 CVECVSS 5.9
simple php blog (2)
40aol—
2 CVECVSS 6.0
instant messenger (2) · aim lite (1) · aim pro (1)
41aprelium technologies—
2 CVECVSS 5.9
NEW
abyss web server (2)
42ask.com—
2 CVE2 critCVSS 9.7
NEWPoC 1
ask toolbar (2)
43baofeng—
2 CVE1 critCVSS 8.4
NEWPoC 1
storm (2)
44chupix—
2 CVECVSS 7.2
NEWPoC 2
chupix cms (2)
45coppermine—
2 CVECVSS 5.0
PoC 1
coppermine photo gallery (2)
46cor entertainment—
2 CVECVSS 6.3
NEW
alien arena 2007 (2)
47cowon america—
2 CVE1 critCVSS 7.5
NEWPoC 2
jetaudio (1) · jetcast server (1)
48data-vision—
2 CVE1 critCVSS 5.6
NEW
remotedocs r-viewer (2)
49dragonfrugal—
2 CVECVSS 5.5
NEWPoC 1
dfd cart (2)
50eb design pty ltd—
2 CVECVSS 5.9
NEWPoC 2
ebcrypt (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	php	20	·	·	·	PoC 3	php (20) · mysql extension (1)	—
2	apple	14	3	·	1	Nuclei 1PoC 1	safari (8) · iphone (3) · iphone os (3)	—
3	ibm	14	1	·	·		aix (9) · tivoli storage manager client (2) · websphere application server (2)	—
4	сообщество свободного программного обеспечения	14	·	·	·	PoC 1	debian gnu/linux (14)	—
5	microsoft	11	2	·	·	PoC 6	visual studio (2) · internet explorer (2) · windows 2003 server (2)	—
6	canonical	10	3	·	·	×5.0	ubuntu linux (10)	—
7	joomla	10	·	·	·	PoC 6	joomla (6) · flash fun component (1) · akobook (1)	—
8	sun	8	3	·	·	PoC 2	solaris (5) · sunos (3) · jre (1)	—
9	cisco	7	2	·	·		content switching modules (2) · content switching module with ssl (2) · video surveillance ip gateway encoder decoder (2)	—
10	linux	7	·	·	·	PoC 1	linux kernel (7)	—
11	vmware	7	4	·	·	NEW	ace (7) · server (6) · player (6)	—
12	debian	6	1	·	·	×3.0	debian linux (4) · debian-goodies (1) · reprepro (1)	—
13	firebirdsql	6	·	·	·	NEW	firebird (6)	—
14	gentoo foundation inc.	6	·	·	·		gentoo linux (6)	—
15	redhat	6	·	·	·		enterprise linux (5) · linux (2)	—
16	axis	5	1	·	·	PoC 1	207w network camera (4) · 207w camera (1)	—
17	red hat inc.	5	1	·	·		red hat enterprise linux (5)	—
18	apache	4	1	·	·		tomcat (1) · http server (1) · openoffice (1)	—
19	auracms	4	·	·	·	NEWPoC 4	auracms (4)	—
20	boesch-it	4	·	·	·	NEW	simpgb (2) · simpnews (2)	—
21	claroline	4	·	·	·	×4.0PoC 1	claroline (4)	—
22	dibbler	4	·	·	·	NEW	dibbler (4)	—
23	hitachi	4	1	·	·		ucosminexus service platform (3) · ucosminexus application server enterprise (3) · ucosminexus application server standard (3)	—
24	imagemagick	4	1	·	·		imagemagick (4)	—
25	mozilla	4	2	·	·	PoC 1	firefox (3) · seamonkey (2) · bugzilla (1)	—
26	wordpress	4	·	·	4	NEWNuclei 4PoC 1	wordpress (4)	—
27	xwiki	4	·	·	·	NEW	xwiki (4)	—
28	google	3	·	·	·	×3.0	picasa (3)	—
29	hp	3	2	·	·		all-in-on printer (1) · hp-ux (1) · photo and imaging gallery (1)	—
30	invision power services	3	·	·	·		invision power board (3)	—
31	izicontents	3	·	·	·	NEWPoC 3	izicontents (3)	—
32	jspwiki	3	·	·	·	NEWPoC 1	jspwiki (3)	—
33	kwsphp	3	·	·	·	NEWPoC 3	kwsphp (3)	—
34	mit	3	2	·	·		kerberos 5 (3)	—
35	roi revolution	3	·	·	·	NEW	urchin (3)	—
36	winimage	3	2	·	·	NEWPoC 1	winimage (3)	—
37	adam scheinberg	2	·	·	·	NEWPoC 2	flip (2)	—
38	adobe	2	1	·	·		acrobat (1) · acrobat reader (1) · connect enterprise server (1)	—
39	alexander palmo	2	·	·	·		simple php blog (2)	—
40	aol	2	·	·	·		instant messenger (2) · aim lite (1) · aim pro (1)	—
41	aprelium technologies	2	·	·	·	NEW	abyss web server (2)	—
42	ask.com	2	2	·	·	NEWPoC 1	ask toolbar (2)	—
43	baofeng	2	1	·	·	NEWPoC 1	storm (2)	—
44	chupix	2	·	·	·	NEWPoC 2	chupix cms (2)	—
45	coppermine	2	·	·	·	PoC 1	coppermine photo gallery (2)	—
46	cor entertainment	2	·	·	·	NEW	alien arena 2007 (2)	—
47	cowon america	2	1	·	·	NEWPoC 2	jetaudio (1) · jetcast server (1)	—
48	data-vision	2	1	·	·	NEW	remotedocs r-viewer (2)	—
49	dragonfrugal	2	·	·	·	NEWPoC 1	dfd cart (2)	—
50	eb design pty ltd	2	·	·	·	NEWPoC 2	ebcrypt (2)	—