month report
October 2008
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
October 2008 closed with 543 published CVEs — -44.8% YoY . 114 criticals, oracle led volume, mostly via database 10g. Biggest breakout: oracle at ×6.3 their 12-month median. Top weakness class — CWE-89 (114 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
543
— MoM-44.8% YoY
Severity mix
114 / 184
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
1.8%
10 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
6343.4
n=10
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
6418
n=1
Weakness × Vendor
What's spreading where in October 2008
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
89SQL Injection79XSS119Memory Buffer Bounds264CWE-26422Path Traversal20Improper Input Validation399CWE-399200Information Exposure287Improper Authentication94Code Injectionoracle1microsoft12527111ibm11132121apple4212drupal236vastal i-tech10сообщество свободного программного обеспечения32111cisco1122adobe421gentoo foundation inc.212hp2111linux22111
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #15typo37 CVE
- #16availscript6 CVE
- #18phlatline5 CVE
- #23condor project4 CVE
- #24ec-cube4 CVE
- #25ffmpeg4 CVE
- #28portalapp4 CVE
- #29sentex4 CVE
- #32atarone3 CVE
- #33dovecot3 CVE
Top vendors
Ranked by distinct CVE count this period.
- 38 CVE1 critCVSS 4.8×6.3PoC 1database 10g (14) · database 9i (8) · database 11i (7)
- 30 CVE13 critCVSS 8.1KEV 1Nuclei 1PoC 7internet explorer (9) · windows xp (8) · windows 2000 (8)
- 16 CVE4 critCVSS 7.1lotus connections (5) · lotus quickr (3) · db2 (3)
- 15 CVE5 critCVSS 7.7PoC 1mac os x (9) · mac os x server (8) · cups (3)
- 12 CVECVSS 6.0drupal (5) · shindig-integrator (3) · brilliant gallery (2)
- 10 CVECVSS 7.5PoC 10cosmetics zone (1) · dating zone (1) · dvd zone (1)
- 10 CVE4 critCVSS 7.1PoC 2debian gnu/linux (10)
- 9 CVECVSS 6.2unity (5) · pix security appliance (2) · adaptive security appliance 5500 series (2)
- 8 CVE6 critCVSS 8.4PoC 1flash player (5) · pagemaker (3)
- 8 CVE3 critCVSS 7.9PoC 3gentoo linux (8)
- 8 CVE1 critCVSS 5.7PoC 1openview network node manager (2) · insight diagnostics (1) · oncplus (1)
- 8 CVECVSS 5.8PoC 1linux kernel (8)
- 8 CVE3 critCVSS 6.4PoC 3opera (4) · opera browser (4)
- 7 CVE1 critCVSS 6.5debian linux (4) · xsabre (2) · feta (1)
- 7 CVECVSS 7.0NEWeconda plugin (1) · frontend users view (1) · jobcontrol (1)
- 6 CVECVSS 6.4NEWPoC 6availscript article script (2) · availscript photo album (2) · availscript jobs portal script (1)
- 6 CVECVSS 4.7PoC 1wireshark (6)
- 5 CVE1 critCVSS 7.6NEWPoC 5personal information manager (5)
- 5 CVE2 critCVSS 6.5PoC 1red hat enterprise linux (5)
- 5 CVE4 critCVSS 8.9PoC 2integrated lights-out manager (1) · java access manager (1) · java system web proxy server (1)
- 4 CVE1 critCVSS 6.3×4.0arcserve backup (4) · business protection suite (4) · server protection suite (4)
- 4 CVE1 critCVSS 6.3arcserve backup (4) · business protection suite (4)
- 4 CVECVSS 5.3NEWcondor (4)
- 4 CVECVSS 5.1NEWec-cube (4)
- 4 CVE4 critCVSS 10.0NEWPoC 1ffmpeg (4)
- 4 CVECVSS 7.5PoC 4mystats (2) · minibloggie (1) · myevent (1)
- 4 CVE2 critCVSS 8.3opensuse (4) · novell linux desktop (2)
- 4 CVE1 critCVSS 7.3NEWPoC 3portalapp (4)
- 4 CVE1 critCVSS 5.8NEWjhead (4)
- 4 CVE2 critCVSS 7.0officescan (4) · worry free business security (1)
- 4 CVE2 critCVSS 7.2Nuclei 3PoC 1wordpress (2) · spambam plugin (1) · wordpress mu (1)
- 3 CVE1 critCVSS 7.0NEWatarone (3)
- 3 CVECVSS 4.9NEWdovecot (3)
- 3 CVECVSS 7.3NEWPoC 3myforum (1) · myktools (1) · tlads (1)
- 3 CVECVSS 5.0cman (2) · fence (2) · portage (1)
- 3 CVE2 critCVSS 8.8NEWPoC 1jasper (3)
- 3 CVE1 critCVSS 7.2PoC 1mantis (3)
- 3 CVECVSS 5.0PoC 1firefox (2) · seamonkey (1) · bugzilla (1)
- 3 CVE3 critCVSS 10.0edirectory (3)
- 3 CVECVSS 5.4NEWPoC 3voip841 dect phone (3)
- 3 CVECVSS 5.6NEWPoC 3php-daily (3)
- 3 CVE1 critCVSS 6.9NEWPoC 3phpwebgallery (3)
- 3 CVECVSS 6.4NEWNuclei 3PoC 1wp comment remix plugin (3)
- 3 CVECVSS 5.6NEWPoC 3questcms (3)
- 3 CVE1 critCVSS 5.9PoC 1enterprise linux (1) · enterprise linux desktop (1) · enterprise virtualization (1)
- 3 CVECVSS 5.4NEWPoC 1minishop module (2) · downloads plus module (1)
- 3 CVE1 critCVSS 7.4NEWcentos (3)
- 3 CVE2 critCVSS 8.5PoC 2vlc media player (3)
- 3 CVECVSS 5.6NEWv-webmail (3)
- 3 CVE3 critCVSS 9.3NEWastra linux common edition (2) · astra linux special edition (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | oracle | 38 | 1 | · | · | ×6.3PoC 1 | database 10g (14) · database 9i (8) · database 11i (7) | — | |
| 2 | microsoft | 30 | 13 | 1 | 1 | KEV 1Nuclei 1PoC 7 | internet explorer (9) · windows xp (8) · windows 2000 (8) | — | |
| 3 | ibm | 16 | 4 | · | · | lotus connections (5) · lotus quickr (3) · db2 (3) | — | ||
| 4 | apple | 15 | 5 | · | · | PoC 1 | mac os x (9) · mac os x server (8) · cups (3) | — | |
| 5 | drupal | 12 | · | · | · | drupal (5) · shindig-integrator (3) · brilliant gallery (2) | — | ||
| 6 | vastal i-tech | 10 | · | · | · | PoC 10 | cosmetics zone (1) · dating zone (1) · dvd zone (1) | — | |
| 7 | сообщество свободного программного обеспечения | 10 | 4 | · | · | PoC 2 | debian gnu/linux (10) | — | |
| 8 | cisco | 9 | · | · | · | unity (5) · pix security appliance (2) · adaptive security appliance 5500 series (2) | — | ||
| 9 | adobe | 8 | 6 | · | · | PoC 1 | flash player (5) · pagemaker (3) | — | |
| 10 | gentoo foundation inc. | 8 | 3 | · | · | PoC 3 | gentoo linux (8) | — | |
| 11 | hp | 8 | 1 | · | · | PoC 1 | openview network node manager (2) · insight diagnostics (1) · oncplus (1) | — | |
| 12 | linux | 8 | · | · | · | PoC 1 | linux kernel (8) | — | |
| 13 | opera | 8 | 3 | · | · | PoC 3 | opera (4) · opera browser (4) | — | |
| 14 | debian | 7 | 1 | · | · | debian linux (4) · xsabre (2) · feta (1) | — | ||
| 15 | typo3 | 7 | · | · | · | NEW | econda plugin (1) · frontend users view (1) · jobcontrol (1) | — | |
| 16 | availscript | 6 | · | · | · | NEWPoC 6 | availscript article script (2) · availscript photo album (2) · availscript jobs portal script (1) | — | |
| 17 | wireshark | 6 | · | · | · | PoC 1 | wireshark (6) | — | |
| 18 | phlatline | 5 | 1 | · | · | NEWPoC 5 | personal information manager (5) | — | |
| 19 | red hat inc. | 5 | 2 | · | · | PoC 1 | red hat enterprise linux (5) | — | |
| 20 | sun | 5 | 4 | · | · | PoC 2 | integrated lights-out manager (1) · java access manager (1) · java system web proxy server (1) | — | |
| 21 | broadcom | 4 | 1 | · | · | ×4.0 | arcserve backup (4) · business protection suite (4) · server protection suite (4) | — | |
| 22 | ca | 4 | 1 | · | · | arcserve backup (4) · business protection suite (4) | — | ||
| 23 | condor project | 4 | · | · | · | NEW | condor (4) | — | |
| 24 | ec-cube | 4 | · | · | · | NEW | ec-cube (4) | — | |
| 25 | ffmpeg | 4 | 4 | · | · | NEWPoC 1 | ffmpeg (4) | — | |
| 26 | mywebland | 4 | · | · | · | PoC 4 | mystats (2) · minibloggie (1) · myevent (1) | — | |
| 27 | novell inc. | 4 | 2 | · | · | opensuse (4) · novell linux desktop (2) | — | ||
| 28 | portalapp | 4 | 1 | · | · | NEWPoC 3 | portalapp (4) | — | |
| 29 | sentex | 4 | 1 | · | · | NEW | jhead (4) | — | |
| 30 | trend micro | 4 | 2 | · | · | officescan (4) · worry free business security (1) | — | ||
| 31 | wordpress | 4 | 2 | · | 3 | Nuclei 3PoC 1 | wordpress (2) · spambam plugin (1) · wordpress mu (1) | — | |
| 32 | atarone | 3 | 1 | · | · | NEW | atarone (3) | — | |
| 33 | dovecot | 3 | · | · | · | NEW | dovecot (3) | — | |
| 34 | easy-script | 3 | · | · | · | NEWPoC 3 | myforum (1) · myktools (1) · tlads (1) | — | |
| 35 | gentoo | 3 | · | · | · | cman (2) · fence (2) · portage (1) | — | ||
| 36 | jasper project | 3 | 2 | · | · | NEWPoC 1 | jasper (3) | — | |
| 37 | mantis | 3 | 1 | · | · | PoC 1 | mantis (3) | — | |
| 38 | mozilla | 3 | · | · | · | PoC 1 | firefox (2) · seamonkey (1) · bugzilla (1) | — | |
| 39 | novell | 3 | 3 | · | · | edirectory (3) | — | ||
| 40 | philips electronics | 3 | · | · | · | NEWPoC 3 | voip841 dect phone (3) | — | |
| 41 | php-daily | 3 | · | · | · | NEWPoC 3 | php-daily (3) | — | |
| 42 | phpwebgallery | 3 | 1 | · | · | NEWPoC 3 | phpwebgallery (3) | — | |
| 43 | pressography | 3 | · | · | 3 | NEWNuclei 3PoC 1 | wp comment remix plugin (3) | — | |
| 44 | questwork | 3 | · | · | · | NEWPoC 3 | questcms (3) | — | |
| 45 | redhat | 3 | 1 | · | · | PoC 1 | enterprise linux (1) · enterprise linux desktop (1) · enterprise virtualization (1) | — | |
| 46 | rmsoft | 3 | · | · | · | NEWPoC 1 | minishop module (2) · downloads plus module (1) | — | |
| 47 | the centos project | 3 | 1 | · | · | NEW | centos (3) | — | |
| 48 | videolan | 3 | 2 | · | · | PoC 2 | vlc media player (3) | — | |
| 49 | v-webmail | 3 | · | · | · | NEW | v-webmail (3) | — | |
| 50 | ооо «русбитех-астра» | 3 | 3 | · | · | NEW | astra linux common edition (2) · astra linux special edition (1) | — |