month report

December 2007

Data as of Jun 4, 2026, 13:24 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

December 2007 closed with 449 published CVEs. 71 criticals, apple led volume, mostly via mac os x. Biggest breakout: apple at ×5.2 their 12-month median. Top weakness class — CWE-119 (69 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

449

— MoM— YoY

Severity mix

71 / 114

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.4%

2 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

6658.3

n=2

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

—

n=0

Weakness × Vendor

What's spreading where in December 2007

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

5.2×apple26 CVE
4.0×hp12 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#6hosting controller11 CVE
#19xigla5 CVE
#21bcoos4 CVE
#23real time logic4 CVE
#25aertherwide3 CVE
#26badblue3 CVE
#32falcon3 CVE
#33flac3 CVE
#34flat php3 CVE
#35gadu-gadu3 CVE

Top vendors

Ranked by distinct CVE count this period.

1apple—
26 CVE9 critCVSS 7.4
×5.2PoC 3
mac os x (20) · mac os x server (3) · quicktime (3)
2microsoft—
17 CVE7 critCVSS 7.7
PoC 5
internet explorer (5) · ie (4) · windows vista (2)
3sun—
13 CVE2 critCVSS 5.6
solaris (4) · java system web server (4) · java system web proxy server (4)
4hp—
12 CVE7 critCVSS 7.9
×4.0PoC 6
quick launch button (3) · info center (3) · openview network node manager (2)
5ibm—
12 CVE3 critCVSS 6.4
PoC 1
hardware management console (3) · lotus notes (2) · tivoli netcool security manager (2)
6hosting controller—
11 CVE1 critCVSS 6.4
NEWPoC 11
hosting controller (11)
7сообщество свободного программного обеспечения—
8 CVE3 critCVSS 7.4
PoC 2
debian gnu/linux (8)
8gentoo foundation inc.—
6 CVE2 critCVSS 6.2
PoC 2
gentoo linux (6)
9linux—
6 CVECVSS 5.6
linux kernel (6)
10oracle—
6 CVECVSS 5.0
PoC 1
mysql (3) · http server (1) · linux (1)
11runcms—
6 CVECVSS 6.7
PoC 5
runcms (6)
12adobe—
5 CVE1 critCVSS 6.1
flash player (5)
13clam anti-virus—
5 CVE1 critCVSS 6.3
PoC 1
clamav (5)
14maven—
5 CVECVSS 6.0
org.mortbay.jetty:jetty (3) · org.apache.tomcat:tomcat-juli (1) · net.sf.robocode:robocode.core (1)
15mit—
5 CVE3 critCVSS 8.4
kerberos 5 (5)
16opera—
5 CVE1 critCVSS 6.8
PoC 1
opera browser (5)
17redhat—
5 CVECVSS 4.3
enterprise linux (4) · enterprise linux desktop (3) · enterprise linux server (2)
18wireshark—
5 CVECVSS 4.7
wireshark (5)
19xigla—
5 CVECVSS 5.9
NEWPoC 1
absolute news manager.net (4) · absolute banner manager.net (1)
20apache—
4 CVECVSS 4.8
PoC 1
http server (3) · tomcat (1)
21bcoos—
4 CVECVSS 5.9
NEWPoC 2
bcoos (3) · event calendar (1)
22cisco—
4 CVE1 critCVSS 7.5
PoC 1
ciscoworks server (1) · firewall services module (1) · ip phone 7940 (1)
23real time logic—
4 CVECVSS 4.7
NEWPoC 2
barracudadrive web server home server (4) · barracudadrive web server (4)
24red hat inc.—
4 CVE1 critCVSS 7.4
red hat enterprise linux (4) · jboss enterprise application platform (1) · red hat web application (1)
25aertherwide—
3 CVE2 critCVSS 8.3
NEW
exiftags (3)
26badblue—
3 CVECVSS 6.7
NEWPoC 2
badblue (3)
27bea—
3 CVECVSS 5.8
PoC 2
aqualogic interaction (2) · weblogic mobility server (1)
28bitweaver—
3 CVECVSS 6.2
PoC 2
bitweaver (3)
29canonical—
3 CVECVSS 4.6
ubuntu linux (3)
30debian—
3 CVECVSS 3.9
debian linux (3)
31drupal—
3 CVECVSS 5.4
drupal (1) · feature module (1) · shoutbox (1)
32falcon—
3 CVECVSS 6.2
NEWPoC 3
series one cms (3)
33flac—
3 CVE3 critCVSS 9.3
NEW
libflac (3)
34flat php—
3 CVECVSS 5.0
NEWPoC 3
board (3)
35gadu-gadu—
3 CVECVSS 4.3
NEW
gadu-gadu instant messenger (3)
36gf 3xplorer—
3 CVECVSS 5.2
NEWPoC 3
gf 3xplorer (3)
37google—
3 CVECVSS 5.4
NEWPoC 1
kml (1) · toolbar (1) · web toolkit (1)
38mortbay jetty—
3 CVECVSS 5.6
NEW
jetty (3)
39mysql—
3 CVECVSS 6.0
PoC 2
mysql (2) · community server (1) · mysql enterprise server (1)
40openbiblio—
3 CVECVSS 4.8
NEWPoC 2
openbiblio (3)
41phprpg—
3 CVE1 critCVSS 7.5
NEWPoC 1
phprpg (3)
42suse—
3 CVECVSS 4.0
linux enterprise desktop (2) · linux enterprise server (2) · linux enterprise software development kit (1)
43tiki—
3 CVE1 critCVSS 6.4
PoC 1
tikiwiki cms\/groupware (3)
44xzero scripts—
3 CVECVSS 7.1
NEWPoC 3
xzero community classifieds (3)
451024 cms—
2 CVECVSS 7.0
NEWPoC 2
1024 cms (2)
463ivx—
2 CVE2 critCVSS 9.3
NEWPoC 1
mpeg-4 codec (2)
47adultscript—
2 CVECVSS 7.5
NEWPoC 2
adultscript (2)
48anon proxy server—
2 CVECVSS 5.5
NEWPoC 1
anon proxy server (2)
49beehive forum—
2 CVECVSS 7.5
NEW
beehive forum (2)
50citrix—
2 CVECVSS 2.6
PoC 1
edgesight for endpoints (1) · edgesight for netscaler (1) · edgesight for presentation server (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	apple	26	9	·	·	×5.2PoC 3	mac os x (20) · mac os x server (3) · quicktime (3)	—
2	microsoft	17	7	·	·	PoC 5	internet explorer (5) · ie (4) · windows vista (2)	—
3	sun	13	2	·	·		solaris (4) · java system web server (4) · java system web proxy server (4)	—
4	hp	12	7	·	·	×4.0PoC 6	quick launch button (3) · info center (3) · openview network node manager (2)	—
5	ibm	12	3	·	·	PoC 1	hardware management console (3) · lotus notes (2) · tivoli netcool security manager (2)	—
6	hosting controller	11	1	·	·	NEWPoC 11	hosting controller (11)	—
7	сообщество свободного программного обеспечения	8	3	·	·	PoC 2	debian gnu/linux (8)	—
8	gentoo foundation inc.	6	2	·	·	PoC 2	gentoo linux (6)	—
9	linux	6	·	·	·		linux kernel (6)	—
10	oracle	6	·	·	·	PoC 1	mysql (3) · http server (1) · linux (1)	—
11	runcms	6	·	·	·	PoC 5	runcms (6)	—
12	adobe	5	1	·	·		flash player (5)	—
13	clam anti-virus	5	1	·	·	PoC 1	clamav (5)	—
14	maven	5	·	·	·		org.mortbay.jetty:jetty (3) · org.apache.tomcat:tomcat-juli (1) · net.sf.robocode:robocode.core (1)	—
15	mit	5	3	·	·		kerberos 5 (5)	—
16	opera	5	1	·	·	PoC 1	opera browser (5)	—
17	redhat	5	·	·	·		enterprise linux (4) · enterprise linux desktop (3) · enterprise linux server (2)	—
18	wireshark	5	·	·	·		wireshark (5)	—
19	xigla	5	·	·	·	NEWPoC 1	absolute news manager.net (4) · absolute banner manager.net (1)	—
20	apache	4	·	·	·	PoC 1	http server (3) · tomcat (1)	—
21	bcoos	4	·	·	·	NEWPoC 2	bcoos (3) · event calendar (1)	—
22	cisco	4	1	·	·	PoC 1	ciscoworks server (1) · firewall services module (1) · ip phone 7940 (1)	—
23	real time logic	4	·	·	·	NEWPoC 2	barracudadrive web server home server (4) · barracudadrive web server (4)	—
24	red hat inc.	4	1	·	·		red hat enterprise linux (4) · jboss enterprise application platform (1) · red hat web application (1)	—
25	aertherwide	3	2	·	·	NEW	exiftags (3)	—
26	badblue	3	·	·	·	NEWPoC 2	badblue (3)	—
27	bea	3	·	·	·	PoC 2	aqualogic interaction (2) · weblogic mobility server (1)	—
28	bitweaver	3	·	·	·	PoC 2	bitweaver (3)	—
29	canonical	3	·	·	·		ubuntu linux (3)	—
30	debian	3	·	·	·		debian linux (3)	—
31	drupal	3	·	·	·		drupal (1) · feature module (1) · shoutbox (1)	—
32	falcon	3	·	·	·	NEWPoC 3	series one cms (3)	—
33	flac	3	3	·	·	NEW	libflac (3)	—
34	flat php	3	·	·	·	NEWPoC 3	board (3)	—
35	gadu-gadu	3	·	·	·	NEW	gadu-gadu instant messenger (3)	—
36	gf 3xplorer	3	·	·	·	NEWPoC 3	gf 3xplorer (3)	—
37	google	3	·	·	·	NEWPoC 1	kml (1) · toolbar (1) · web toolkit (1)	—
38	mortbay jetty	3	·	·	·	NEW	jetty (3)	—
39	mysql	3	·	·	·	PoC 2	mysql (2) · community server (1) · mysql enterprise server (1)	—
40	openbiblio	3	·	·	·	NEWPoC 2	openbiblio (3)	—
41	phprpg	3	1	·	·	NEWPoC 1	phprpg (3)	—
42	suse	3	·	·	·		linux enterprise desktop (2) · linux enterprise server (2) · linux enterprise software development kit (1)	—
43	tiki	3	1	·	·	PoC 1	tikiwiki cms\/groupware (3)	—
44	xzero scripts	3	·	·	·	NEWPoC 3	xzero community classifieds (3)	—
45	1024 cms	2	·	·	·	NEWPoC 2	1024 cms (2)	—
46	3ivx	2	2	·	·	NEWPoC 1	mpeg-4 codec (2)	—
47	adultscript	2	·	·	·	NEWPoC 2	adultscript (2)	—
48	anon proxy server	2	·	·	·	NEWPoC 1	anon proxy server (2)	—
49	beehive forum	2	·	·	·	NEW	beehive forum (2)	—
50	citrix	2	·	·	·	PoC 1	edgesight for endpoints (1) · edgesight for netscaler (1) · edgesight for presentation server (1)	—