month report

March 2009

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

March 2009 closed with 566 published CVEs. 91 criticals, sun led volume, mostly via opensolaris. Top weakness class — CWE-89 (97 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

566

— MoM— YoY

Severity mix

91 / 176

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

1.1%

6 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

6197.2

n=6

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

4751

n=2

Detection gap

KEV pressure, no Nuclei coverage

March 2009 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1adobe5 CVE

Weakness × Vendor

What's spreading where in March 2009

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#12osgeo7 CVE
#13umn7 CVE
#15bookelves5 CVE
#16ocean12tech5 CVE
#19brian wilson4 CVE
#20dnnsoftware4 CVE
#22igniterealtime4 CVE
#29adserversolutions3 CVE
#31apachefriends3 CVE
#33chaozz3 CVE

Top vendors

Ranked by distinct CVE count this period.

1sun—
43 CVE9 critCVSS 6.5
PoC 6
opensolaris (12) · java system identity manager (11) · solaris (10)
2ibm—
20 CVE7 critCVSS 6.8
PoC 3
websphere application server (8) · tivoli storage manager (4) · director (2)
3сообщество свободного программного обеспечения—
14 CVE5 critCVSS 6.7
KEV 1Nuclei 1PoC 9
debian gnu/linux (13) · linux (1) · nss-ldap (1)
4mozilla—
13 CVE9 critCVSS 8.6
PoC 4
firefox (13) · seamonkey (7) · thunderbird (7)
5cisco—
12 CVE2 critCVSS 7.3
ios (7) · cisco ios (3) · ios xr (2)
6drupal—
11 CVE1 critCVSS 5.5
PoC 1
drupal (3) · print (2) · plus1 (1)
7debian—
10 CVE1 critCVSS 5.7
KEV 1Nuclei 2PoC 3
debian linux (7) · horde (2) · horde groupware (2)
8microsoft—
10 CVE2 critCVSS 6.9
PoC 1
windows server 2003 (8) · windows 2000 (8) · windows server 2008 (8)
9linux—
8 CVECVSS 4.9
PoC 1
linux kernel (8)
10hp—
7 CVE1 critCVSS 6.4
laserjet 9500mfp (2) · color laserjet 5500 (2) · color laserjet 5550 (2)
11novell inc.—
7 CVECVSS 5.1
PoC 1
opensuse (4) · suse linux enterprise (3)
12osgeo—
7 CVE5 critCVSS 8.9
NEWPoC 1
mapserver (7)
13umn—
7 CVE5 critCVSS 8.9
NEWPoC 1
mapserver (7)
14adobe—
5 CVE4 critCVSS 9.4
KEV 1PoC 1
acrobat reader (5) · acrobat (2) · reader (1)
15bookelves—
5 CVECVSS 5.7
NEWPoC 3
kipper (5)
16ocean12tech—
5 CVECVSS 6.9
NEWPoC 5
membership manager pro (2) · contact manager pro (2) · faq manager pro (1)
17opensuse—
5 CVECVSS 5.7
PoC 1
opensuse (5)
18apple—
4 CVE2 critCVSS 7.0
itunes (2) · safari (2)
19brian wilson—
4 CVECVSS 7.5
NEWPoC 4
ol\'bookmarks (4)
20dnnsoftware—
4 CVECVSS 5.7
NEW
dotnetnuke (4)
21gentoo foundation inc.—
4 CVECVSS 6.7
PoC 1
gentoo linux (4)
22igniterealtime—
4 CVECVSS 6.3
NEWPoC 4
openfire (4)
23maven—
4 CVE1 critCVSS 7.4
bouncycastle:bcprov-jdk14 (1) · bouncycastle:bcprov-jdk15 (1) · bouncycastle:bcprov-jdk16 (1)
24packagist—
4 CVECVSS 5.5
typo3/cms (2) · phpbb/phpbb (1) · phpmyadmin/phpmyadmin (1)
25phpmyadmin—
4 CVE1 critCVSS 6.7
KEV 1Nuclei 1PoC 1
phpmyadmin (4)
26redhat—
4 CVECVSS 5.3
cman (2) · enterprise linux server (1) · enterprise linux workstation (1)
27suse—
4 CVECVSS 5.5
PoC 1
linux enterprise desktop (3) · linux enterprise server (3) · linux enterprise software development kit (1)
28tor—
4 CVE1 critCVSS 6.3
tor (4)
29adserversolutions—
3 CVECVSS 7.5
NEWPoC 3
ad management software (1) · affiliate software java (1) · banner exchange software (1)
30apache—
3 CVECVSS 4.8
struts (2) · tomcat (1)
31apachefriends—
3 CVECVSS 6.6
NEWPoC 2
xampp (3)
32canonical—
3 CVECVSS 5.3
ubuntu linux (3)
33chaozz—
3 CVECVSS 5.0
NEW
fubarforum (1) · chaozzdb (1) · fireant (1)
34freedville—
3 CVECVSS 5.0
NEWPoC 3
bloghelper (1) · pollhelper (1) · quotebook (1)
35getpixie—
3 CVECVSS 6.4
NEWPoC 2
pixie cms (3)
36gimp—
3 CVE2 critCVSS 7.6
PoC 3
gimp (3)
37jax scripts—
3 CVECVSS 4.5
NEWPoC 2
jax guestbook (2) · jax linklists (1)
38littlecms—
3 CVE2 critCVSS 7.6
NEWPoC 3
little cms (3)
39nexusjnr—
3 CVECVSS 6.7
NEW
jbook (3)
40openssl—
3 CVECVSS 4.2
NEW
openssl (3)
41opera—
3 CVE2 critCVSS 8.7
opera browser (3)
42parallels—
3 CVECVSS 6.0
Nuclei 1PoC 2
h-sphere (1) · parallels virtuozzo (1) · virtuozzo containers (1)
43pypi—
3 CVECVSS 5.8
moin (2) · formencode (1)
44rapidleech—
3 CVECVSS 5.4
NEW
rapidleech (3)
45socialsitegenerator—
3 CVECVSS 6.7
NEWPoC 3
social site generator (3)
46stewart howe—
3 CVECVSS 6.2
NEWPoC 3
celerbb (3)
47turnkeyforms—
3 CVECVSS 6.4
NEWPoC 3
local classifieds (2) · business survey pro (1)
48typo3—
3 CVECVSS 5.6
NEW
typo3 (2) · autobeuser (1)
49wesnoth—
3 CVE1 critCVSS 6.2
wesnoth (3)
501scripts—
2 CVECVSS 5.9
NEWPoC 2
z1exchange (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	sun	43	9	·	·	PoC 6	opensolaris (12) · java system identity manager (11) · solaris (10)	—
2	ibm	20	7	·	·	PoC 3	websphere application server (8) · tivoli storage manager (4) · director (2)	—
3	сообщество свободного программного обеспечения	14	5	1	1	KEV 1Nuclei 1PoC 9	debian gnu/linux (13) · linux (1) · nss-ldap (1)	—
4	mozilla	13	9	·	·	PoC 4	firefox (13) · seamonkey (7) · thunderbird (7)	—
5	cisco	12	2	·	·		ios (7) · cisco ios (3) · ios xr (2)	—
6	drupal	11	1	·	·	PoC 1	drupal (3) · print (2) · plus1 (1)	—
7	debian	10	1	1	2	KEV 1Nuclei 2PoC 3	debian linux (7) · horde (2) · horde groupware (2)	—
8	microsoft	10	2	·	·	PoC 1	windows server 2003 (8) · windows 2000 (8) · windows server 2008 (8)	—
9	linux	8	·	·	·	PoC 1	linux kernel (8)	—
10	hp	7	1	·	·		laserjet 9500mfp (2) · color laserjet 5500 (2) · color laserjet 5550 (2)	—
11	novell inc.	7	·	·	·	PoC 1	opensuse (4) · suse linux enterprise (3)	—
12	osgeo	7	5	·	·	NEWPoC 1	mapserver (7)	—
13	umn	7	5	·	·	NEWPoC 1	mapserver (7)	—
14	adobe	5	4	1	·	KEV 1PoC 1	acrobat reader (5) · acrobat (2) · reader (1)	—
15	bookelves	5	·	·	·	NEWPoC 3	kipper (5)	—
16	ocean12tech	5	·	·	·	NEWPoC 5	membership manager pro (2) · contact manager pro (2) · faq manager pro (1)	—
17	opensuse	5	·	·	·	PoC 1	opensuse (5)	—
18	apple	4	2	·	·		itunes (2) · safari (2)	—
19	brian wilson	4	·	·	·	NEWPoC 4	ol\'bookmarks (4)	—
20	dnnsoftware	4	·	·	·	NEW	dotnetnuke (4)	—
21	gentoo foundation inc.	4	·	·	·	PoC 1	gentoo linux (4)	—
22	igniterealtime	4	·	·	·	NEWPoC 4	openfire (4)	—
23	maven	4	1	·	·		bouncycastle:bcprov-jdk14 (1) · bouncycastle:bcprov-jdk15 (1) · bouncycastle:bcprov-jdk16 (1)	—
24	packagist	4	·	·	·		typo3/cms (2) · phpbb/phpbb (1) · phpmyadmin/phpmyadmin (1)	—
25	phpmyadmin	4	1	1	1	KEV 1Nuclei 1PoC 1	phpmyadmin (4)	—
26	redhat	4	·	·	·		cman (2) · enterprise linux server (1) · enterprise linux workstation (1)	—
27	suse	4	·	·	·	PoC 1	linux enterprise desktop (3) · linux enterprise server (3) · linux enterprise software development kit (1)	—
28	tor	4	1	·	·		tor (4)	—
29	adserversolutions	3	·	·	·	NEWPoC 3	ad management software (1) · affiliate software java (1) · banner exchange software (1)	—
30	apache	3	·	·	·		struts (2) · tomcat (1)	—
31	apachefriends	3	·	·	·	NEWPoC 2	xampp (3)	—
32	canonical	3	·	·	·		ubuntu linux (3)	—
33	chaozz	3	·	·	·	NEW	fubarforum (1) · chaozzdb (1) · fireant (1)	—
34	freedville	3	·	·	·	NEWPoC 3	bloghelper (1) · pollhelper (1) · quotebook (1)	—
35	getpixie	3	·	·	·	NEWPoC 2	pixie cms (3)	—
36	gimp	3	2	·	·	PoC 3	gimp (3)	—
37	jax scripts	3	·	·	·	NEWPoC 2	jax guestbook (2) · jax linklists (1)	—
38	littlecms	3	2	·	·	NEWPoC 3	little cms (3)	—
39	nexusjnr	3	·	·	·	NEW	jbook (3)	—
40	openssl	3	·	·	·	NEW	openssl (3)	—
41	opera	3	2	·	·		opera browser (3)	—
42	parallels	3	·	·	1	Nuclei 1PoC 2	h-sphere (1) · parallels virtuozzo (1) · virtuozzo containers (1)	—
43	pypi	3	·	·	·		moin (2) · formencode (1)	—
44	rapidleech	3	·	·	·	NEW	rapidleech (3)	—
45	socialsitegenerator	3	·	·	·	NEWPoC 3	social site generator (3)	—
46	stewart howe	3	·	·	·	NEWPoC 3	celerbb (3)	—
47	turnkeyforms	3	·	·	·	NEWPoC 3	local classifieds (2) · business survey pro (1)	—
48	typo3	3	·	·	·	NEW	typo3 (2) · autobeuser (1)	—
49	wesnoth	3	1	·	·		wesnoth (3)	—
50	1scripts	2	·	·	·	NEWPoC 2	z1exchange (2)	—