month report

September 2009

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

September 2009 closed with 576 published CVEs. 102 criticals, apple led volume, mostly via mac os x server. Top weakness class — CWE-89 (93 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

576

— MoM— YoY

Severity mix

102 / 181

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.7%

4 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

6021.8

n=4

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

—

n=0

Weakness × Vendor

What's spreading where in September 2009

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#13vtiger7 CVE
#14almondsoft5 CVE
#15anantasoft5 CVE
#16bpowerhouse5 CVE
#20jce-tech5 CVE
#23zenas5 CVE
#25brilaps4 CVE
#27horde4 CVE
#31pidgin4 CVE
#32radactive4 CVE

Top vendors

Ranked by distinct CVE count this period.

1apple—
29 CVE5 critCVSS 6.5
PoC 2
mac os x server (11) · mac os x (11) · iphone os (9)
2ibm—
23 CVE3 critCVSS 6.3
PoC 1
websphere application server (4) · websphere mq (3) · db2 (3)
3mozilla—
16 CVE10 critCVSS 8.3
firefox (13) · bugzilla (3)
4cisco—
14 CVECVSS 7.2
PoC 1
ios (11) · nexus 7000 (1) · ace web application firewall (1)
5microsoft—
13 CVE6 critCVSS 8.5
PoC 2
windows server 2008 (7) · windows vista (7) · windows server 2003 (6)
6opera—
10 CVECVSS 5.0
opera browser (10)
7linux—
9 CVECVSS 5.7
PoC 2
linux kernel (9)
8sun—
9 CVE1 critCVSS 5.8
opensolaris (6) · solaris (5) · openoffice.org (1)
9сообщество свободного программного обеспечения—
9 CVE2 critCVSS 6.7
PoC 1
debian gnu/linux (9)
10hp—
8 CVE3 critCVSS 8.4
performance insight (2) · operations manager (1) · storageworks msl8096 tape library (1)
11symantec—
8 CVE3 critCVSS 7.2
altiris deployment solution (6) · data loss prevention endpoint agents (1) · antivirus (1)
12oracle—
7 CVE1 critCVSS 5.9
PoC 2
application server (5) · e-business suite (2) · e-business suite 11i (2)
13vtiger—
7 CVE2 critCVSS 6.3
NEWPoC 5
vtiger crm (7)
14almondsoft—
5 CVECVSS 5.7
NEWPoC 3
almond classifieds (3) · com aclassf (2) · affiliate network classifieds (2)
15anantasoft—
5 CVECVSS 5.6
NEWPoC 5
gazelle cms (5)
16bpowerhouse—
5 CVECVSS 7.5
NEWPoC 2
bpgames (1) · bpholidaylettings (1) · bplawyercasedocuments (1)
17canonical—
5 CVE1 critCVSS 6.7
PoC 1
ubuntu linux (5)
18fedoraproject—
5 CVECVSS 5.6
fedora (5)
19google—
5 CVECVSS 5.2
PoC 1
chrome (5)
20jce-tech—
5 CVECVSS 4.3
NEWPoC 2
affiliate master datafeed parser (1) · auction rss content script (1) · php calendars script (1)
21red hat inc.—
5 CVE2 critCVSS 6.7
red hat enterprise linux (5)
22suse—
5 CVECVSS 6.4
PoC 2
linux enterprise server (4) · linux enterprise desktop (3) · linux enterprise debuginfo (1)
23zenas—
5 CVE1 critCVSS 6.4
NEWPoC 4
paolink (2) · pao-bacheca guestbook (1) · paobacheca guestbook (1)
24adobe—
4 CVE2 critCVSS 7.3
PoC 1
acrobat (1) · acrobat reader (1) · photoshop elements (1)
25brilaps—
4 CVECVSS 5.5
NEWPoC 1
mostlyce (4)
26debian—
4 CVECVSS 5.7
PoC 1
debian linux (4)
27horde—
4 CVE2 critCVSS 8.3
NEW
groupware (4) · groupware webmail edition (2) · kronolith h3 (2)
28mambo-foundation—
4 CVECVSS 5.5
PoC 1
mambo (4)
29opensuse—
4 CVECVSS 6.3
PoC 2
opensuse (4)
30php—
4 CVECVSS 6.9
PoC 1
php (4)
31pidgin—
4 CVECVSS 5.0
NEW
libpurple (4) · pidgin (4)
32radactive—
4 CVECVSS 5.3
NEW
i-load (4)
33silcnet—
4 CVECVSS 6.9
NEW
silc toolkit (4) · silc client (2)
34vastal—
4 CVECVSS 6.7
NEWPoC 2
dvd zone (2) · agent zone (1) · mmorpg zone (1)
35alienvault—
3 CVECVSS 5.3
NEWPoC 2
ossim (3)
36asus—
3 CVE3 critCVSS 10.0
NEW
asus wl-500w (2) · asus wl-330ge (1)
37databay—
3 CVECVSS 6.2
NEWPoC 3
maxcms (3)
38dimofinf—
3 CVECVSS 7.0
NEW
infinity script (2) · dawaween (1)
39drupal—
3 CVE1 critCVSS 5.5
drupal (3)
40eye.fi—
3 CVECVSS 5.6
NEWPoC 1
eye-fi manager (3)
41gnome—
3 CVECVSS 6.3
PoC 1
gdm (1) · glib (1) · rhythmbox (1)
42internet2—
3 CVE1 critCVSS 8.3
NEW
shibboleth-sp (3) · xmltooling (2) · opensaml (2)
43juniper—
3 CVECVSS 3.8
junos (3)
44livestreet—
3 CVECVSS 5.4
NEW
livestreet (3)
45plohni—
3 CVECVSS 5.6
NEWPoC 2
an image gallery (2) · image voting (1)
46postgresql—
3 CVECVSS 5.8
postgresql (3)
47qnap—
3 CVECVSS 5.4
NEWPoC 3
ts-239 pro turbo nas (2) · ts-639 pro turbo nas (2) · ts-639 pro firmware (1)
48rubygems—
3 CVECVSS 5.2
PoC 3
actionpack (2) · activesupport (2) · thin (1)
49sap—
3 CVE2 critCVSS 8.3
crystal reports server (3)
50vmware—
3 CVE2 critCVSS 8.8
player (2) · ace (2) · workstation (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	apple	29	5	·	·	PoC 2	mac os x server (11) · mac os x (11) · iphone os (9)	—
2	ibm	23	3	·	·	PoC 1	websphere application server (4) · websphere mq (3) · db2 (3)	—
3	mozilla	16	10	·	·		firefox (13) · bugzilla (3)	—
4	cisco	14	·	·	·	PoC 1	ios (11) · nexus 7000 (1) · ace web application firewall (1)	—
5	microsoft	13	6	·	·	PoC 2	windows server 2008 (7) · windows vista (7) · windows server 2003 (6)	—
6	opera	10	·	·	·		opera browser (10)	—
7	linux	9	·	·	·	PoC 2	linux kernel (9)	—
8	sun	9	1	·	·		opensolaris (6) · solaris (5) · openoffice.org (1)	—
9	сообщество свободного программного обеспечения	9	2	·	·	PoC 1	debian gnu/linux (9)	—
10	hp	8	3	·	·		performance insight (2) · operations manager (1) · storageworks msl8096 tape library (1)	—
11	symantec	8	3	·	·		altiris deployment solution (6) · data loss prevention endpoint agents (1) · antivirus (1)	—
12	oracle	7	1	·	·	PoC 2	application server (5) · e-business suite (2) · e-business suite 11i (2)	—
13	vtiger	7	2	·	·	NEWPoC 5	vtiger crm (7)	—
14	almondsoft	5	·	·	·	NEWPoC 3	almond classifieds (3) · com aclassf (2) · affiliate network classifieds (2)	—
15	anantasoft	5	·	·	·	NEWPoC 5	gazelle cms (5)	—
16	bpowerhouse	5	·	·	·	NEWPoC 2	bpgames (1) · bpholidaylettings (1) · bplawyercasedocuments (1)	—
17	canonical	5	1	·	·	PoC 1	ubuntu linux (5)	—
18	fedoraproject	5	·	·	·		fedora (5)	—
19	google	5	·	·	·	PoC 1	chrome (5)	—
20	jce-tech	5	·	·	·	NEWPoC 2	affiliate master datafeed parser (1) · auction rss content script (1) · php calendars script (1)	—
21	red hat inc.	5	2	·	·		red hat enterprise linux (5)	—
22	suse	5	·	·	·	PoC 2	linux enterprise server (4) · linux enterprise desktop (3) · linux enterprise debuginfo (1)	—
23	zenas	5	1	·	·	NEWPoC 4	paolink (2) · pao-bacheca guestbook (1) · paobacheca guestbook (1)	—
24	adobe	4	2	·	·	PoC 1	acrobat (1) · acrobat reader (1) · photoshop elements (1)	—
25	brilaps	4	·	·	·	NEWPoC 1	mostlyce (4)	—
26	debian	4	·	·	·	PoC 1	debian linux (4)	—
27	horde	4	2	·	·	NEW	groupware (4) · groupware webmail edition (2) · kronolith h3 (2)	—
28	mambo-foundation	4	·	·	·	PoC 1	mambo (4)	—
29	opensuse	4	·	·	·	PoC 2	opensuse (4)	—
30	php	4	·	·	·	PoC 1	php (4)	—
31	pidgin	4	·	·	·	NEW	libpurple (4) · pidgin (4)	—
32	radactive	4	·	·	·	NEW	i-load (4)	—
33	silcnet	4	·	·	·	NEW	silc toolkit (4) · silc client (2)	—
34	vastal	4	·	·	·	NEWPoC 2	dvd zone (2) · agent zone (1) · mmorpg zone (1)	—
35	alienvault	3	·	·	·	NEWPoC 2	ossim (3)	—
36	asus	3	3	·	·	NEW	asus wl-500w (2) · asus wl-330ge (1)	—
37	databay	3	·	·	·	NEWPoC 3	maxcms (3)	—
38	dimofinf	3	·	·	·	NEW	infinity script (2) · dawaween (1)	—
39	drupal	3	1	·	·		drupal (3)	—
40	eye.fi	3	·	·	·	NEWPoC 1	eye-fi manager (3)	—
41	gnome	3	·	·	·	PoC 1	gdm (1) · glib (1) · rhythmbox (1)	—
42	internet2	3	1	·	·	NEW	shibboleth-sp (3) · xmltooling (2) · opensaml (2)	—
43	juniper	3	·	·	·		junos (3)	—
44	livestreet	3	·	·	·	NEW	livestreet (3)	—
45	plohni	3	·	·	·	NEWPoC 2	an image gallery (2) · image voting (1)	—
46	postgresql	3	·	·	·		postgresql (3)	—
47	qnap	3	·	·	·	NEWPoC 3	ts-239 pro turbo nas (2) · ts-639 pro turbo nas (2) · ts-639 pro firmware (1)	—
48	rubygems	3	·	·	·	PoC 3	actionpack (2) · activesupport (2) · thin (1)	—
49	sap	3	2	·	·		crystal reports server (3)	—
50	vmware	3	2	·	·		player (2) · ace (2) · workstation (2)	—