month report

October 2009

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

October 2009 closed with 353 published CVEs. 93 criticals, oracle led volume, mostly via database server. Biggest breakout: fedoraproject at ×6.0 their 12-month median. Top weakness class — CWE-79 (50 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

353

— MoM— YoY

Severity mix

93 / 80

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.3%

1 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

5978.1

n=1

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

6063

n=1

Detection gap

KEV pressure, no Nuclei coverage

October 2009 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1adobe25 CVE

Weakness × Vendor

What's spreading where in October 2009

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

6.0×fedoraproject6 CVE
4.7×mozilla14 CVE
3.1×adobe25 CVE
3.0×canonical6 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#10poppler6 CVE
#11foolabs5 CVE
#12glyphandcog5 CVE
#25freewebscriptz3 CVE
#27kreotek3 CVE
#28maniacomputer3 CVE
#29nullam3 CVE
#31opial3 CVE
#33sjoerd arendsen3 CVE
#35xerver3 CVE

Top vendors

Ranked by distinct CVE count this period.

1oracle—
37 CVE4 critCVSS 4.9
database server (16) · e-business suite (8) · peoplesoft enterprise (4)
2microsoft—
28 CVE17 critCVSS 8.9
windows server 2008 (23) · windows vista (23) · windows xp (22)
3adobe—
25 CVE18 critCVSS 8.1
×3.1KEV 1
acrobat (25) · acrobat reader (20)
4mozilla—
14 CVE11 critCVSS 9.0
×4.7
firefox (14) · seamonkey (3)
5linux—
13 CVECVSS 5.3
PoC 3
linux kernel (13)
6сообщество свободного программного обеспечения—
12 CVE7 critCVSS 7.0
PoC 5
debian gnu/linux (12) · perl (1)
7ibm—
9 CVE4 critCVSS 7.5
PoC 3
aix (3) · informix client sdk (1) · informix connect runtime (1)
8canonical—
6 CVECVSS 3.9
×3.0PoC 1
ubuntu linux (6)
9fedoraproject—
6 CVECVSS 4.8
×6.0PoC 1
fedora (6)
10poppler—
6 CVE5 critCVSS 8.5
NEWPoC 5
poppler (6)
11foolabs—
5 CVE4 critCVSS 8.3
NEWPoC 5
xpdf (5)
12glyphandcog—
5 CVE4 critCVSS 8.3
NEWPoC 5
xpdfreader (5)
13opensuse—
5 CVECVSS 4.4
PoC 1
opensuse (5)
14citrix—
4 CVECVSS 7.0
PoC 4
xencenterweb (4)
15emc—
4 CVE3 critCVSS 8.6
captiva pixtools distributed imaging (1) · documentum applicationxtender (1) · documentum applicationxtender workflow manager (1)
16redhat—
4 CVE1 critCVSS 3.9
enterprise linux server (3) · enterprise linux workstation (3) · enterprise linux desktop (2)
17red hat inc.—
4 CVE1 critCVSS 6.6
red hat enterprise linux (4)
18runcms—
4 CVECVSS 6.1
PoC 2
runcms (4)
19suse—
4 CVECVSS 4.1
PoC 1
linux enterprise server (3) · linux enterprise desktop (3) · linux enterprise debuginfo (2)
20vmware—
4 CVECVSS 5.8
PoC 1
fusion (2) · vma (1) · ace (1)
21wireshark—
4 CVE1 critCVSS 5.9
wireshark (4)
22achievo—
3 CVECVSS 6.4
PoC 1
achievo (3)
23apache—
3 CVE1 critCVSS 7.2
http server (1) · openoffice.org (1) · portable runtime (1)
24avast—
3 CVECVSS 7.1
PoC 2
avast antivirus professional (3) · avast antivirus home (3)
25freewebscriptz—
3 CVECVSS 4.5
NEWPoC 1
hubscript (2) · freelancers (1)
26hp—
3 CVE1 critCVSS 4.5
PoC 1
cm8050 mfp (1) · cm8060 mfp (1) · color laserjet 3000n (1)
27kreotek—
3 CVECVSS 5.6
NEWPoC 3
phpbms (3)
28maniacomputer—
3 CVECVSS 5.9
NEWPoC 3
mcshoutbox (3)
29nullam—
3 CVECVSS 6.4
NEWPoC 3
nullam blog (3)
30opendocman—
3 CVECVSS 6.4
opendocman (3)
31opial—
3 CVECVSS 6.4
NEWPoC 3
opial (3)
32packagist—
3 CVE1 critCVSS 6.2
apache-solr-for-typo3/solr (1) · phpmyadmin/phpmyadmin (1) · sjbr/sr-freecap (1)
33sjoerd arendsen—
3 CVECVSS 6.0
NEW
simplenews statistics (3)
34sun—
3 CVECVSS 4.5
solaris (2) · opensolaris (1) · virtualbox (1)
35xerver—
3 CVECVSS 4.2
NEWPoC 3
xerver (3)
36acoustica—
2 CVE1 critCVSS 6.8
NEWPoC 2
mp3 audio mixer (2)
37allisclear—
2 CVECVSS 5.9
NEWPoC 1
clear content (2)
38amirocms—
2 CVECVSS 4.7
NEWPoC 1
amiro.cms (2)
39broadcom—
2 CVE1 critCVSS 6.7
etrust intrusion detection (2) · etrust secure content manager (2) · internet security suite (2)
40ca—
2 CVE1 critCVSS 6.8
anti-virus (2) · anti-virus for the enterprise (2) · anti-virus gateway (2)
41davethewebguy—
2 CVECVSS 5.9
NEWPoC 2
battle blog (2)
42epicdjsoftware—
2 CVE2 critCVSS 9.3
NEWPoC 2
epicdj (1) · epicvj (1)
43google—
2 CVECVSS 4.3
android (2)
44jasper—
2 CVE2 critCVSS 10.0
NEWPoC 2
httpdx (2)
45jean-michel wyttenbach—
2 CVECVSS 5.9
NEWPoC 2
cmsphp (2)
46konae—
2 CVE2 critCVSS 9.3
NEWPoC 1
alleycode html editor (2)
47marcin manek—
2 CVECVSS 6.5
NEWPoC 2
d.net cms (2)
48microsoft corp—
2 CVE1 critCVSS 8.9
NEW
windows server 2008 (2) · windows server 2008 service pack 2 (2) · windows vista (2)
49moshe weitzman—
2 CVECVSS 3.9
NEW
og vocab (1) · organic groups (1)
50mutt—
2 CVECVSS 6.8
NEW
mutt (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	37	4	·	·		database server (16) · e-business suite (8) · peoplesoft enterprise (4)	—
2	microsoft	28	17	·	·		windows server 2008 (23) · windows vista (23) · windows xp (22)	—
3	adobe	25	18	1	·	×3.1KEV 1	acrobat (25) · acrobat reader (20)	—
4	mozilla	14	11	·	·	×4.7	firefox (14) · seamonkey (3)	—
5	linux	13	·	·	·	PoC 3	linux kernel (13)	—
6	сообщество свободного программного обеспечения	12	7	·	·	PoC 5	debian gnu/linux (12) · perl (1)	—
7	ibm	9	4	·	·	PoC 3	aix (3) · informix client sdk (1) · informix connect runtime (1)	—
8	canonical	6	·	·	·	×3.0PoC 1	ubuntu linux (6)	—
9	fedoraproject	6	·	·	·	×6.0PoC 1	fedora (6)	—
10	poppler	6	5	·	·	NEWPoC 5	poppler (6)	—
11	foolabs	5	4	·	·	NEWPoC 5	xpdf (5)	—
12	glyphandcog	5	4	·	·	NEWPoC 5	xpdfreader (5)	—
13	opensuse	5	·	·	·	PoC 1	opensuse (5)	—
14	citrix	4	·	·	·	PoC 4	xencenterweb (4)	—
15	emc	4	3	·	·		captiva pixtools distributed imaging (1) · documentum applicationxtender (1) · documentum applicationxtender workflow manager (1)	—
16	redhat	4	1	·	·		enterprise linux server (3) · enterprise linux workstation (3) · enterprise linux desktop (2)	—
17	red hat inc.	4	1	·	·		red hat enterprise linux (4)	—
18	runcms	4	·	·	·	PoC 2	runcms (4)	—
19	suse	4	·	·	·	PoC 1	linux enterprise server (3) · linux enterprise desktop (3) · linux enterprise debuginfo (2)	—
20	vmware	4	·	·	·	PoC 1	fusion (2) · vma (1) · ace (1)	—
21	wireshark	4	1	·	·		wireshark (4)	—
22	achievo	3	·	·	·	PoC 1	achievo (3)	—
23	apache	3	1	·	·		http server (1) · openoffice.org (1) · portable runtime (1)	—
24	avast	3	·	·	·	PoC 2	avast antivirus professional (3) · avast antivirus home (3)	—
25	freewebscriptz	3	·	·	·	NEWPoC 1	hubscript (2) · freelancers (1)	—
26	hp	3	1	·	·	PoC 1	cm8050 mfp (1) · cm8060 mfp (1) · color laserjet 3000n (1)	—
27	kreotek	3	·	·	·	NEWPoC 3	phpbms (3)	—
28	maniacomputer	3	·	·	·	NEWPoC 3	mcshoutbox (3)	—
29	nullam	3	·	·	·	NEWPoC 3	nullam blog (3)	—
30	opendocman	3	·	·	·		opendocman (3)	—
31	opial	3	·	·	·	NEWPoC 3	opial (3)	—
32	packagist	3	1	·	·		apache-solr-for-typo3/solr (1) · phpmyadmin/phpmyadmin (1) · sjbr/sr-freecap (1)	—
33	sjoerd arendsen	3	·	·	·	NEW	simplenews statistics (3)	—
34	sun	3	·	·	·		solaris (2) · opensolaris (1) · virtualbox (1)	—
35	xerver	3	·	·	·	NEWPoC 3	xerver (3)	—
36	acoustica	2	1	·	·	NEWPoC 2	mp3 audio mixer (2)	—
37	allisclear	2	·	·	·	NEWPoC 1	clear content (2)	—
38	amirocms	2	·	·	·	NEWPoC 1	amiro.cms (2)	—
39	broadcom	2	1	·	·		etrust intrusion detection (2) · etrust secure content manager (2) · internet security suite (2)	—
40	ca	2	1	·	·		anti-virus (2) · anti-virus for the enterprise (2) · anti-virus gateway (2)	—
41	davethewebguy	2	·	·	·	NEWPoC 2	battle blog (2)	—
42	epicdjsoftware	2	2	·	·	NEWPoC 2	epicdj (1) · epicvj (1)	—
43	google	2	·	·	·		android (2)	—
44	jasper	2	2	·	·	NEWPoC 2	httpdx (2)	—
45	jean-michel wyttenbach	2	·	·	·	NEWPoC 2	cmsphp (2)	—
46	konae	2	2	·	·	NEWPoC 1	alleycode html editor (2)	—
47	marcin manek	2	·	·	·	NEWPoC 2	d.net cms (2)	—
48	microsoft corp	2	1	·	·	NEW	windows server 2008 (2) · windows server 2008 service pack 2 (2) · windows vista (2)	—
49	moshe weitzman	2	·	·	·	NEW	og vocab (1) · organic groups (1)	—
50	mutt	2	·	·	·	NEW	mutt (2)	—