month report

September 2008

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

September 2008 closed with 455 published CVEs — +0.4% YoY . 87 criticals, apple led volume, mostly via mac os x. Biggest breakout: freebsd at ×5.0 their 12-month median. Top weakness class — CWE-89 (77 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

455

— MoM+0.4% YoY

Severity mix

87 / 156

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.4%

2 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

6378.1

n=2

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

—

n=0

Weakness × Vendor

What's spreading where in September 2008

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

5.0×freebsd5 CVE
4.5×cisco25 CVE
4.5×mozilla18 CVE
4.4×canonical11 CVE
3.8×debian17 CVE
3.0×gnu3 CVE
3.0×netbsd3 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#16hans oesterholt4 CVE
#21zanfi solutions4 CVE
#22attachmax3 CVE
#23cannot3 CVE
#24clamav3 CVE
#25friendly technologies3 CVE
#26gallery3 CVE
#30myphpnuke3 CVE
#32nooms3 CVE
#36source workshop3 CVE

Top vendors

Ranked by distinct CVE count this period.

1apple—
40 CVE16 critCVSS 7.1
PoC 2
mac os x (19) · mac os x server (17) · quicktime (11)
2cisco—
25 CVE3 critCVSS 7.6
×4.5PoC 1
ios (18) · adaptive security appliance 5500 (5) · unified callmanager (2)
3сообщество свободного программного обеспечения—
22 CVE6 critCVSS 6.9
PoC 7
debian gnu/linux (22)
4microsoft—
20 CVE11 critCVSS 8.8
PoC 9
windows xp (8) · windows vista (6) · sql server (6)
5mozilla—
18 CVE7 critCVSS 7.6
×4.5PoC 4
firefox (17) · seamonkey (12) · thunderbird (9)
6debian—
17 CVE4 critCVSS 6.8
×3.8PoC 6
debian linux (13) · python-dns (2) · honeyd common (1)
7canonical—
11 CVE5 critCVSS 7.5
×4.4PoC 4
ubuntu linux (11)
8vmware—
10 CVE7 critCVSS 9.2
PoC 1
server (9) · player (8) · ace (8)
9hp—
9 CVE1 critCVSS 3.9
openvms (4) · openview network node manager (2) · hpsi acf2 connector (1)
10linux—
9 CVE1 critCVSS 5.9
PoC 6
linux kernel (9)
11ibm—
8 CVE1 critCVSS 6.3
aix (2) · db2 (2) · db2 universal database (1)
12opera—
8 CVE2 critCVSS 6.8
opera browser (7) · opera (1)
13drupal—
6 CVECVSS 4.9
talk (2) · link to us (1) · mailsave (1)
14redhat—
6 CVECVSS 5.5
PoC 1
adminutil (1) · cman (1) · enterprise ipa (1)
15freebsd—
5 CVECVSS 7.2
×5.0
freebsd (5)
16hans oesterholt—
4 CVECVSS 4.7
NEWPoC 4
cmme (4)
17joomla—
4 CVECVSS 6.5
joomla (3) · com mailto (1)
18red hat inc.—
4 CVE2 critCVSS 7.6
PoC 2
red hat enterprise linux (4)
19sun—
4 CVECVSS 6.5
solaris (3) · opensolaris (2) · management center (1)
20wireshark—
4 CVE1 critCVSS 5.4
wireshark (4)
21zanfi solutions—
4 CVECVSS 7.4
NEWPoC 4
autodealers cms autonline (2) · zanfi cms lite (2) · jaw portal (1)
22attachmax—
3 CVECVSS 6.7
NEWPoC 3
dolphin (3)
23cannot—
3 CVECVSS 6.4
NEWPoC 3
php infoboard (3)
24clamav—
3 CVE1 critCVSS 6.7
NEW
clamav (3)
25friendly technologies—
3 CVE1 critCVSS 7.6
NEWPoC 3
friendly pppoe client (3)
26gallery—
3 CVECVSS 4.4
NEW
gallery (3)
27gnu—
3 CVE1 critCVSS 5.9
×3.0PoC 1
adns (1) · ed (1) · grub legacy (1)
28horde—
3 CVECVSS 4.3
PoC 1
horde (2) · turba contact manager h3 (1)
29mybb—
3 CVECVSS 6.4
mybb (3)
30myphpnuke—
3 CVECVSS 6.4
NEWPoC 3
myphpnuke (3)
31netbsd—
3 CVE1 critCVSS 8.0
×3.0
netbsd (3)
32nooms—
3 CVECVSS 4.5
NEW
nooms (3)
33novell—
3 CVE1 critCVSS 7.4
PoC 1
iprint client (1) · linux desktop (1) · novell forum (1)
34oracle—
3 CVECVSS 4.4
mysql (3)
35powie—
3 CVECVSS 7.5
PoC 3
pforum (1) · plink (1) · pnews (1)
36source workshop—
3 CVECVSS 7.3
NEWPoC 3
reciprocal links manager (1) · web directory script (1) · words tag script (1)
37vastal—
3 CVECVSS 7.5
NEWPoC 3
agent zone (1) · phpvid (1) · shaadi zone (1)
38webcms—
3 CVECVSS 6.4
NEWPoC 1
webcms portal edition (3)
39zoneminder—
3 CVE1 critCVSS 7.3
NEW
zoneminder (3)
40acoustica—
2 CVE1 critCVSS 8.1
NEWPoC 2
beatcraft (1) · mixcraft (1)
41addalink—
2 CVECVSS 5.9
NEWPoC 2
addalink (2)
42adobe—
2 CVE1 critCVSS 7.2
PoC 1
acrobat (1) · illustrator (1)
43aj square—
2 CVECVSS 7.5
PoC 2
aj hyip (2)
44bitlbee—
2 CVECVSS 6.3
NEW
bitlbee (2)
45blogn—
2 CVECVSS 5.5
NEW
blogn (2)
46brim-project—
2 CVECVSS 4.0
NEWPoC 2
brim (2)
47deslock—
2 CVECVSS 6.0
NEWPoC 2
deslock (2)
48discountedscripts—
2 CVECVSS 7.5
NEWPoC 2
acg ptp (1) · e-gold script shop (1)
49dotproject—
2 CVECVSS 5.2
NEW
dotproject (2)
50google—
2 CVECVSS 5.9
PoC 1
chrome (1) · google apps (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	apple	40	16	·	·	PoC 2	mac os x (19) · mac os x server (17) · quicktime (11)	—
2	cisco	25	3	·	·	×4.5PoC 1	ios (18) · adaptive security appliance 5500 (5) · unified callmanager (2)	—
3	сообщество свободного программного обеспечения	22	6	·	·	PoC 7	debian gnu/linux (22)	—
4	microsoft	20	11	·	·	PoC 9	windows xp (8) · windows vista (6) · sql server (6)	—
5	mozilla	18	7	·	·	×4.5PoC 4	firefox (17) · seamonkey (12) · thunderbird (9)	—
6	debian	17	4	·	·	×3.8PoC 6	debian linux (13) · python-dns (2) · honeyd common (1)	—
7	canonical	11	5	·	·	×4.4PoC 4	ubuntu linux (11)	—
8	vmware	10	7	·	·	PoC 1	server (9) · player (8) · ace (8)	—
9	hp	9	1	·	·		openvms (4) · openview network node manager (2) · hpsi acf2 connector (1)	—
10	linux	9	1	·	·	PoC 6	linux kernel (9)	—
11	ibm	8	1	·	·		aix (2) · db2 (2) · db2 universal database (1)	—
12	opera	8	2	·	·		opera browser (7) · opera (1)	—
13	drupal	6	·	·	·		talk (2) · link to us (1) · mailsave (1)	—
14	redhat	6	·	·	·	PoC 1	adminutil (1) · cman (1) · enterprise ipa (1)	—
15	freebsd	5	·	·	·	×5.0	freebsd (5)	—
16	hans oesterholt	4	·	·	·	NEWPoC 4	cmme (4)	—
17	joomla	4	·	·	·		joomla (3) · com mailto (1)	—
18	red hat inc.	4	2	·	·	PoC 2	red hat enterprise linux (4)	—
19	sun	4	·	·	·		solaris (3) · opensolaris (2) · management center (1)	—
20	wireshark	4	1	·	·		wireshark (4)	—
21	zanfi solutions	4	·	·	·	NEWPoC 4	autodealers cms autonline (2) · zanfi cms lite (2) · jaw portal (1)	—
22	attachmax	3	·	·	·	NEWPoC 3	dolphin (3)	—
23	cannot	3	·	·	·	NEWPoC 3	php infoboard (3)	—
24	clamav	3	1	·	·	NEW	clamav (3)	—
25	friendly technologies	3	1	·	·	NEWPoC 3	friendly pppoe client (3)	—
26	gallery	3	·	·	·	NEW	gallery (3)	—
27	gnu	3	1	·	·	×3.0PoC 1	adns (1) · ed (1) · grub legacy (1)	—
28	horde	3	·	·	·	PoC 1	horde (2) · turba contact manager h3 (1)	—
29	mybb	3	·	·	·		mybb (3)	—
30	myphpnuke	3	·	·	·	NEWPoC 3	myphpnuke (3)	—
31	netbsd	3	1	·	·	×3.0	netbsd (3)	—
32	nooms	3	·	·	·	NEW	nooms (3)	—
33	novell	3	1	·	·	PoC 1	iprint client (1) · linux desktop (1) · novell forum (1)	—
34	oracle	3	·	·	·		mysql (3)	—
35	powie	3	·	·	·	PoC 3	pforum (1) · plink (1) · pnews (1)	—
36	source workshop	3	·	·	·	NEWPoC 3	reciprocal links manager (1) · web directory script (1) · words tag script (1)	—
37	vastal	3	·	·	·	NEWPoC 3	agent zone (1) · phpvid (1) · shaadi zone (1)	—
38	webcms	3	·	·	·	NEWPoC 1	webcms portal edition (3)	—
39	zoneminder	3	1	·	·	NEW	zoneminder (3)	—
40	acoustica	2	1	·	·	NEWPoC 2	beatcraft (1) · mixcraft (1)	—
41	addalink	2	·	·	·	NEWPoC 2	addalink (2)	—
42	adobe	2	1	·	·	PoC 1	acrobat (1) · illustrator (1)	—
43	aj square	2	·	·	·	PoC 2	aj hyip (2)	—
44	bitlbee	2	·	·	·	NEW	bitlbee (2)	—
45	blogn	2	·	·	·	NEW	blogn (2)	—
46	brim-project	2	·	·	·	NEWPoC 2	brim (2)	—
47	deslock	2	·	·	·	NEWPoC 2	deslock (2)	—
48	discountedscripts	2	·	·	·	NEWPoC 2	acg ptp (1) · e-gold script shop (1)	—
49	dotproject	2	·	·	·	NEW	dotproject (2)	—
50	google	2	·	·	·	PoC 1	chrome (1) · google apps (1)	—