month report
November 2008
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
November 2008 closed with 433 published CVEs — -10.9% YoY . 92 criticals, сообщество свободного программного обеспечения led volume, mostly via debian gnu/linux. Biggest breakout: debian at ×9.5 their 12-month median. Top weakness class — CWE-59 (85 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
433
— MoM-10.9% YoY
Severity mix
92 / 116
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
0.5%
2 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
6306.9
n=2
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
4867
n=1
Detection gap
KEV pressure, no Nuclei coverage
November 2008 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 1adobe17 CVE
- KEV 1novell inc.3 CVE
Weakness × Vendor
What's spreading where in November 2008
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
59CWE-5989SQL Injection119Memory Buffer Bounds79XSS264CWE-26420Improper Input Validation94Code Injection200Information Exposure22Path Traversal399CWE-399debian71131сообщество свободного программного обеспечения42313adobe234121xine92mozilla112114sun32211apple1232microsoft11131canonical1131novell621linux4111trend micro7
Breakout vendors
CVE count ≥3× their own 12-period median.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #4xine16 CVE
- #13yourfreeworld8 CVE
- #15easysitenetwork5 CVE
- #18mw6 technologies4 CVE
- #19ocean12 technologies4 CVE
- #20planetluc4 CVE
- #22clientsoftware3 CVE
- #27otmanager3 CVE
- #28php-fusion3 CVE
- #31typosphere3 CVE
Top vendors
Ranked by distinct CVE count this period.
- 20 CVE8 critCVSS 7.8PoC 2debian gnu/linux (20)
- 19 CVE5 critCVSS 7.5×9.5PoC 4debian linux (12) · dpkg-cross (1) · initramfs-tools (1)
- 17 CVE5 critCVSS 7.3×4.9KEV 1PoC 1acrobat (7) · acrobat reader (7) · flash player (7)
- 16 CVE7 critCVSS 6.9NEWxine-lib (12) · xine (4)
- 14 CVE7 critCVSS 8.1×5.6PoC 1firefox (14) · seamonkey (12) · thunderbird (9)
- 14 CVE2 critCVSS 5.4java system identity manager (5) · solaris (3) · opensolaris (3)
- 13 CVE3 critCVSS 5.9PoC 2iphone os (8) · safari (6) · cups (2)
- 13 CVE3 critCVSS 6.3PoC 3office communicator (3) · windows vista (3) · windows 2000 (3)
- 11 CVE5 critCVSS 8.1×5.5PoC 1ubuntu linux (11)
- 11 CVE8 critCVSS 8.0×4.4edirectory (5) · iprint (3) · identity manager roles based provisioning module (1)
- 9 CVE1 critCVSS 7.3PoC 1linux kernel (9)
- 8 CVE8 critCVSS 10.0×4.0serverprotect (8)
- 8 CVECVSS 7.5NEWPoC 8blog blaster script (1) · autoresponder hosting script (1) · classifieds blaster script (1)
- 6 CVE2 critCVSS 7.8gentoo linux (6)
- 5 CVECVSS 7.5NEWPoC 5cheats complete website (1) · drinks complete website (1) · jokes complete website (1)
- 5 CVECVSS 3.9hardware management console (1) · lotus (1) · metrica service assurance framework (1)
- 4 CVE2 critCVSS 8.1openvms (1) · service manager (1) · system management homepage (1)
- 4 CVE4 critCVSS 9.0NEWPoC 41d barcode decoder activex (1) · aztec activex (1) · datamatrix activex (1)
- 4 CVECVSS 5.0NEWPoC 1calendar manager (1) · contact manager (1) · membership manager pro (1)
- 4 CVECVSS 4.9NEWrateme (2) · mygallery (1) · signme (1)
- 3 CVECVSS 7.5PoC 3aj article (1) · aj auction (1) · zeuscart (1)
- 3 CVE2 critCVSS 8.9NEWPoC 1wincome mpd total (2) · wincom mpd total (1)
- 3 CVE1 critCVSS 8.3PoC 3com datsogallery (1) · com rssreader (1) · com xewebtv (1)
- 3 CVECVSS 5.6mybb (3)
- 3 CVECVSS 7.6KEV 1PoC 1opensuse (2) · suse linux enterprise (1)
- 3 CVE1 critCVSS 7.6PoC 1opensuse (3)
- 3 CVE1 critCVSS 7.3NEWPoC 3otmanager cms (2) · otmanager (1)
- 3 CVECVSS 7.5NEWPoC 3the kroax module (1) · freshlinks module (1) · php-fusion (1)
- 3 CVE1 critCVSS 7.6PoC 1red hat enterprise linux (3)
- 3 CVE1 critCVSS 8.0linux enterprise server (2) · linux enterprise (1) · linux enterprise debuginfo (1)
- 3 CVECVSS 5.9NEWtypo (3)
- 2 CVECVSS 5.9NEWtriolive (2)
- 2 CVECVSS 6.8NEWPoC 2ccleague (2)
- 2 CVECVSS 6.8NEWinteract (2)
- 2 CVECVSS 7.0PoC 1ios (2) · catos (1)
- 2 CVECVSS 3.7PoC 1desktop server (1) · deterministic network enhancer (1) · presentation server (1)
- 2 CVECVSS 5.9NEWPoC 2clanlite (2)
- 2 CVECVSS 6.9NEWPoC 1flamethrower (1) · systemimager-server (1)
- 2 CVECVSS 7.2NEWPoC 1vmbuilder (2)
- 2 CVECVSS 7.5NEWPoC 2membership system (1) · news and article system (1)
- 2 CVE1 critCVSS 7.6fedora (2)
- 2 CVECVSS 7.0freebsd (1) · freebsd-sendpr (1)
- 2 CVECVSS 6.3NEWgeshi (2)
- 2 CVECVSS 7.2NEWPoC 1anti-keylogger elite (1) · anti-trojan elite (1)
- 2 CVE1 critCVSS 7.5NEWsami ftp server (2)
- 2 CVECVSS 4.3NEWPoC 1kmita catalogue (1) · kmita gallery (1)
- 2 CVECVSS 5.5NEWPoC 1logz (2)
- 2 CVECVSS 7.5NEWPoC 2php shop (2)
- 2 CVE1 critCVSS 7.2NEWPoC 2modernbill (2)
- 2 CVECVSS 7.5NEWPoC 2pizza script (1) · rental script (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | сообщество свободного программного обеспечения | 20 | 8 | · | · | PoC 2 | debian gnu/linux (20) | — | |
| 2 | debian | 19 | 5 | · | · | ×9.5PoC 4 | debian linux (12) · dpkg-cross (1) · initramfs-tools (1) | — | |
| 3 | adobe | 17 | 5 | 1 | · | ×4.9KEV 1PoC 1 | acrobat (7) · acrobat reader (7) · flash player (7) | — | |
| 4 | xine | 16 | 7 | · | · | NEW | xine-lib (12) · xine (4) | — | |
| 5 | mozilla | 14 | 7 | · | · | ×5.6PoC 1 | firefox (14) · seamonkey (12) · thunderbird (9) | — | |
| 6 | sun | 14 | 2 | · | · | java system identity manager (5) · solaris (3) · opensolaris (3) | — | ||
| 7 | apple | 13 | 3 | · | · | PoC 2 | iphone os (8) · safari (6) · cups (2) | — | |
| 8 | microsoft | 13 | 3 | · | · | PoC 3 | office communicator (3) · windows vista (3) · windows 2000 (3) | — | |
| 9 | canonical | 11 | 5 | · | · | ×5.5PoC 1 | ubuntu linux (11) | — | |
| 10 | novell | 11 | 8 | · | · | ×4.4 | edirectory (5) · iprint (3) · identity manager roles based provisioning module (1) | — | |
| 11 | linux | 9 | 1 | · | · | PoC 1 | linux kernel (9) | — | |
| 12 | trend micro | 8 | 8 | · | · | ×4.0 | serverprotect (8) | — | |
| 13 | yourfreeworld | 8 | · | · | · | NEWPoC 8 | blog blaster script (1) · autoresponder hosting script (1) · classifieds blaster script (1) | — | |
| 14 | gentoo foundation inc. | 6 | 2 | · | · | gentoo linux (6) | — | ||
| 15 | easysitenetwork | 5 | · | · | · | NEWPoC 5 | cheats complete website (1) · drinks complete website (1) · jokes complete website (1) | — | |
| 16 | ibm | 5 | · | · | · | hardware management console (1) · lotus (1) · metrica service assurance framework (1) | — | ||
| 17 | hp | 4 | 2 | · | · | openvms (1) · service manager (1) · system management homepage (1) | — | ||
| 18 | mw6 technologies | 4 | 4 | · | · | NEWPoC 4 | 1d barcode decoder activex (1) · aztec activex (1) · datamatrix activex (1) | — | |
| 19 | ocean12 technologies | 4 | · | · | · | NEWPoC 1 | calendar manager (1) · contact manager (1) · membership manager pro (1) | — | |
| 20 | planetluc | 4 | · | · | · | NEW | rateme (2) · mygallery (1) · signme (1) | — | |
| 21 | aj square | 3 | · | · | · | PoC 3 | aj article (1) · aj auction (1) · zeuscart (1) | — | |
| 22 | clientsoftware | 3 | 2 | · | · | NEWPoC 1 | wincome mpd total (2) · wincom mpd total (1) | — | |
| 23 | joomla | 3 | 1 | · | · | PoC 3 | com datsogallery (1) · com rssreader (1) · com xewebtv (1) | — | |
| 24 | mybb | 3 | · | · | · | mybb (3) | — | ||
| 25 | novell inc. | 3 | · | 1 | · | KEV 1PoC 1 | opensuse (2) · suse linux enterprise (1) | — | |
| 26 | opensuse | 3 | 1 | · | · | PoC 1 | opensuse (3) | — | |
| 27 | otmanager | 3 | 1 | · | · | NEWPoC 3 | otmanager cms (2) · otmanager (1) | — | |
| 28 | php-fusion | 3 | · | · | · | NEWPoC 3 | the kroax module (1) · freshlinks module (1) · php-fusion (1) | — | |
| 29 | red hat inc. | 3 | 1 | · | · | PoC 1 | red hat enterprise linux (3) | — | |
| 30 | suse | 3 | 1 | · | · | linux enterprise server (2) · linux enterprise (1) · linux enterprise debuginfo (1) | — | ||
| 31 | typosphere | 3 | · | · | · | NEW | typo (3) | — | |
| 32 | activecampaign | 2 | · | · | · | NEW | triolive (2) | — | |
| 33 | castillocentral | 2 | · | · | · | NEWPoC 2 | ccleague (2) | — | |
| 34 | cce-interact | 2 | · | · | · | NEW | interact (2) | — | |
| 35 | cisco | 2 | · | · | · | PoC 1 | ios (2) · catos (1) | — | |
| 36 | citrix | 2 | · | · | · | PoC 1 | desktop server (1) · deterministic network enhancer (1) · presentation server (1) | — | |
| 37 | clanlite | 2 | · | · | · | NEWPoC 2 | clanlite (2) | — | |
| 38 | dann frazier | 2 | · | · | · | NEWPoC 1 | flamethrower (1) · systemimager-server (1) | — | |
| 39 | dcgrendel | 2 | · | · | · | NEWPoC 1 | vmbuilder (2) | — | |
| 40 | develop it easy | 2 | · | · | · | NEWPoC 2 | membership system (1) · news and article system (1) | — | |
| 41 | fedoraproject | 2 | 1 | · | · | fedora (2) | — | ||
| 42 | freebsd | 2 | · | · | · | freebsd (1) · freebsd-sendpr (1) | — | ||
| 43 | geshi | 2 | · | · | · | NEW | geshi (2) | — | |
| 44 | isecsoft | 2 | · | · | · | NEWPoC 1 | anti-keylogger elite (1) · anti-trojan elite (1) | — | |
| 45 | karjasoft | 2 | 1 | · | · | NEW | sami ftp server (2) | — | |
| 46 | kkeim | 2 | · | · | · | NEWPoC 1 | kmita catalogue (1) · kmita gallery (1) | — | |
| 47 | logz | 2 | · | · | · | NEWPoC 1 | logz (2) | — | |
| 48 | maran | 2 | · | · | · | NEWPoC 2 | php shop (2) | — | |
| 49 | modernbill | 2 | 1 | · | · | NEWPoC 2 | modernbill (2) | — | |
| 50 | mole group | 2 | · | · | · | NEWPoC 2 | pizza script (1) · rental script (1) | — |