month report
October 2007
Data as of Jun 4, 2026, 13:24 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
October 2007 closed with 984 published CVEs. 129 criticals, oracle led volume, mostly via database server. Biggest breakout: oracle at ×12.3 their 12-month median. Top weakness class — CWE-119 (150 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
984
— MoM— YoY
Severity mix
129 / 238
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
0.3%
3 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
6702.1
n=3
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
—
n=0
Weakness × Vendor
What's spreading where in October 2007
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
119Memory Buffer Bounds79XSS94Code Injection264CWE-26420Improper Input Validation22Path Traversal89SQL Injection200Information Exposure16CWE-16189CWE-189oracle11122microsoft513722sun116221hp816112cisco313431ibm11111broadcom711211111сообщество свободного программного обеспечения312123mozilla51522joomla28opera112drupal3111
Breakout vendors
CVE count ≥3× their own 12-period median.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #15phrozensmoke7 CVE
- #19netscape6 CVE
- #22phpbb6 CVE
- #23sitebar6 CVE
- #283com4 CVE
- #30atthat.com4 CVE
- #31axis4 CVE
- #33cmsmadesimple4 CVE
- #34epic games4 CVE
- #38libpng4 CVE
Top vendors
Ranked by distinct CVE count this period.
- 37 CVE6 critCVSS 7.6×12.3PoC 2database server (16) · application server (14) · collaboration suite (7)
- 30 CVE3 critCVSS 6.0PoC 4internet explorer (9) · windows xp (4) · outlook express (3)
- 30 CVE3 critCVSS 5.5×3.8PoC 3jre (9) · jdk (9) · solaris (8)
- 25 CVE4 critCVSS 7.0×8.3PoC 1hp-ux (13) · openview network node manager (2) · openvms (2)
- 22 CVE6 critCVSS 7.6PoC 2ios (11) · firewall services module (3) · unified communications manager (2)
- 22 CVE6 critCVSS 6.6PoC 1db2 universal database (6) · lotus domino (4) · db2 (4)
- 21 CVE14 critCVSS 9.1×7.0PoC 1brightstor arcserve backup (8) · brightstor enterprise backup (8) · brightstor arcserve backup laptops desktops (4)
- 17 CVE2 critCVSS 6.1×4.3PoC 7debian gnu/linux (17)
- 15 CVE1 critCVSS 4.8PoC 2firefox (11) · seamonkey (5) · mozilla (3)
- 10 CVECVSS 6.1PoC 6joomla (9) · com search component (1) · joomla\! (1)
- 9 CVE3 critCVSS 7.0opera browser (9)
- 8 CVECVSS 4.1PoC 1drupal (7) · asin field module (1) · drupal project issue tracking (1)
- 8 CVE3 critCVSS 8.6PoC 1norton personal firewall (3) · norton antivirus (3) · mail security 8820 appliance (2)
- 7 CVE7 critCVSS 9.9protection suites (4) · brightstor arcserve backup (3) · business protection suite (3)
- 7 CVECVSS 6.4NEWgyach enhanced (7)
- 7 CVE7 critCVSS 9.4realone player (6) · realplayer (6) · realplayer enterprise (4)
- 6 CVE2 critCVSS 6.0PoC 1darwin streaming server (2) · quicktime streaming server (2) · tcp ip configuration utility (1)
- 6 CVECVSS 6.5PoC 1debian linux (5) · guilt (1)
- 6 CVE1 critCVSS 5.8NEWPoC 2communicator (4) · navigator (3)
- 6 CVECVSS 5.8PoC 1meridian option 51c (4) · meridian option 11c (4) · meridian option 61c (4)
- 6 CVE1 critCVSS 6.0PoC 2phorum (6)
- 6 CVECVSS 6.0NEW×3.0PoC 3phpbb (4) · advanced quick reply hack (1) · phpbbmod (1)
- 6 CVE1 critCVSS 6.2NEWPoC 4sitebar (6)
- 5 CVE1 critCVSS 6.1gentoo linux (5)
- 5 CVE1 critCVSS 6.9PoC 4mambo site server (2) · mambo (2) · site server (1)
- 5 CVECVSS 4.7PoC 1openbsd (3) · openssh (2)
- 5 CVECVSS 6.5PoC 2virus control system (2) · pc-cillin internet security 2007 (1) · scan engine (1)
- 4 CVE1 critCVSS 6.9NEW×4.0PoC 13crwe554g72t (2) · 3c17210-us (1) · superstack 3 switch (1)
- 4 CVECVSS 5.4PoC 3tomcat (2) · http server (2) · jakarta slide (1)
- 4 CVECVSS 7.0NEWPoC 1thatware (4)
- 4 CVE1 critCVSS 6.3NEWPoC 22100 network camera (3) · 2100 network camera firmware (2) · 2400 video server (1)
- 4 CVECVSS 5.6weblogic server (4) · tuxedo (1) · weblogic integration (1)
- 4 CVECVSS 4.8NEWcms made simple (4)
- 4 CVE1 critCVSS 7.3NEWPoC 1unreal engine (4) · unreal tournament 2003 (1)
- 4 CVECVSS 6.5fedora (4) · fedora core (1)
- 4 CVECVSS 5.3php-nuke (4)
- 4 CVE1 critCVSS 5.8PoC 1kaspersky anti-virus (2) · kaspersky anti-hacker (1) · online scanner (1)
- 4 CVECVSS 4.5NEWlibpng (4)
- 4 CVECVSS 3.3PoC 1linux kernel (4)
- 4 CVECVSS 6.4PoC 1fm114p (3) · ssl312 (1)
- 4 CVECVSS 5.4NEWPoC 1opera web browser (3) · opera (1)
- 4 CVE1 critCVSS 7.2PoC 2php (4)
- 4 CVECVSS 5.5NEWPoC 1phpmychat (4)
- 4 CVECVSS 7.3NEWcryptobuddy (4)
- 4 CVECVSS 6.7PoC 1tikiwiki cms\/groupware (4)
- 4 CVE1 critCVSS 5.6workstation (2) · player (2) · server (2)
- 4 CVECVSS 5.9NEWPoC 1xoops (4)
- 4 CVECVSS 6.1NEWPoC 1else if cms (4)
- 3 CVE2 critCVSS 8.1flash player (1) · pagemaker (1) · shockwave player (1)
- 3 CVECVSS 3.1NEWakfingerd (3)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | oracle | 37 | 6 | · | · | ×12.3PoC 2 | database server (16) · application server (14) · collaboration suite (7) | — | |
| 2 | microsoft | 30 | 3 | · | · | PoC 4 | internet explorer (9) · windows xp (4) · outlook express (3) | — | |
| 3 | sun | 30 | 3 | · | · | ×3.8PoC 3 | jre (9) · jdk (9) · solaris (8) | — | |
| 4 | hp | 25 | 4 | · | · | ×8.3PoC 1 | hp-ux (13) · openview network node manager (2) · openvms (2) | — | |
| 5 | cisco | 22 | 6 | · | · | PoC 2 | ios (11) · firewall services module (3) · unified communications manager (2) | — | |
| 6 | ibm | 22 | 6 | · | · | PoC 1 | db2 universal database (6) · lotus domino (4) · db2 (4) | — | |
| 7 | broadcom | 21 | 14 | · | · | ×7.0PoC 1 | brightstor arcserve backup (8) · brightstor enterprise backup (8) · brightstor arcserve backup laptops desktops (4) | — | |
| 8 | сообщество свободного программного обеспечения | 17 | 2 | · | · | ×4.3PoC 7 | debian gnu/linux (17) | — | |
| 9 | mozilla | 15 | 1 | · | · | PoC 2 | firefox (11) · seamonkey (5) · mozilla (3) | — | |
| 10 | joomla | 10 | · | · | · | PoC 6 | joomla (9) · com search component (1) · joomla\! (1) | — | |
| 11 | opera | 9 | 3 | · | · | opera browser (9) | — | ||
| 12 | drupal | 8 | · | · | · | PoC 1 | drupal (7) · asin field module (1) · drupal project issue tracking (1) | — | |
| 13 | symantec | 8 | 3 | · | · | PoC 1 | norton personal firewall (3) · norton antivirus (3) · mail security 8820 appliance (2) | — | |
| 14 | ca | 7 | 7 | · | · | protection suites (4) · brightstor arcserve backup (3) · business protection suite (3) | — | ||
| 15 | phrozensmoke | 7 | · | · | · | NEW | gyach enhanced (7) | — | |
| 16 | realnetworks | 7 | 7 | · | · | realone player (6) · realplayer (6) · realplayer enterprise (4) | — | ||
| 17 | apple | 6 | 2 | · | · | PoC 1 | darwin streaming server (2) · quicktime streaming server (2) · tcp ip configuration utility (1) | — | |
| 18 | debian | 6 | · | · | · | PoC 1 | debian linux (5) · guilt (1) | — | |
| 19 | netscape | 6 | 1 | · | · | NEWPoC 2 | communicator (4) · navigator (3) | — | |
| 20 | nortel | 6 | · | · | · | PoC 1 | meridian option 51c (4) · meridian option 11c (4) · meridian option 61c (4) | — | |
| 21 | phorum | 6 | 1 | · | · | PoC 2 | phorum (6) | — | |
| 22 | phpbb | 6 | · | · | · | NEW×3.0PoC 3 | phpbb (4) · advanced quick reply hack (1) · phpbbmod (1) | — | |
| 23 | sitebar | 6 | 1 | · | · | NEWPoC 4 | sitebar (6) | — | |
| 24 | gentoo foundation inc. | 5 | 1 | · | · | gentoo linux (5) | — | ||
| 25 | mambo | 5 | 1 | · | · | PoC 4 | mambo site server (2) · mambo (2) · site server (1) | — | |
| 26 | openbsd | 5 | · | · | · | PoC 1 | openbsd (3) · openssh (2) | — | |
| 27 | trend micro | 5 | · | · | · | PoC 2 | virus control system (2) · pc-cillin internet security 2007 (1) · scan engine (1) | — | |
| 28 | 3com | 4 | 1 | · | · | NEW×4.0PoC 1 | 3crwe554g72t (2) · 3c17210-us (1) · superstack 3 switch (1) | — | |
| 29 | apache | 4 | · | · | · | PoC 3 | tomcat (2) · http server (2) · jakarta slide (1) | — | |
| 30 | atthat.com | 4 | · | · | · | NEWPoC 1 | thatware (4) | — | |
| 31 | axis | 4 | 1 | · | · | NEWPoC 2 | 2100 network camera (3) · 2100 network camera firmware (2) · 2400 video server (1) | — | |
| 32 | bea | 4 | · | · | · | weblogic server (4) · tuxedo (1) · weblogic integration (1) | — | ||
| 33 | cmsmadesimple | 4 | · | · | · | NEW | cms made simple (4) | — | |
| 34 | epic games | 4 | 1 | · | · | NEWPoC 1 | unreal engine (4) · unreal tournament 2003 (1) | — | |
| 35 | fedoraproject | 4 | · | · | · | fedora (4) · fedora core (1) | — | ||
| 36 | francisco burzi | 4 | · | · | · | php-nuke (4) | — | ||
| 37 | kaspersky lab | 4 | 1 | · | · | PoC 1 | kaspersky anti-virus (2) · kaspersky anti-hacker (1) · online scanner (1) | — | |
| 38 | libpng | 4 | · | · | · | NEW | libpng (4) | — | |
| 39 | linux | 4 | · | · | · | PoC 1 | linux kernel (4) | — | |
| 40 | netgear | 4 | · | · | · | PoC 1 | fm114p (3) · ssl312 (1) | — | |
| 41 | opera software | 4 | · | · | · | NEWPoC 1 | opera web browser (3) · opera (1) | — | |
| 42 | php | 4 | 1 | · | · | PoC 2 | php (4) | — | |
| 43 | php heaven | 4 | · | · | · | NEWPoC 1 | phpmychat (4) | — | |
| 44 | research triangle software | 4 | · | · | · | NEW | cryptobuddy (4) | — | |
| 45 | tiki | 4 | · | · | · | PoC 1 | tikiwiki cms\/groupware (4) | — | |
| 46 | vmware | 4 | 1 | · | · | workstation (2) · player (2) · server (2) | — | ||
| 47 | xoops | 4 | · | · | · | NEWPoC 1 | xoops (4) | — | |
| 48 | yannick tanguy | 4 | · | · | · | NEWPoC 1 | else if cms (4) | — | |
| 49 | adobe | 3 | 2 | · | · | flash player (1) · pagemaker (1) · shockwave player (1) | — | ||
| 50 | akfingerd | 3 | · | · | · | NEW | akfingerd (3) | — |