month report

December 2009

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

December 2009 closed with 445 published CVEs. 91 criticals, ibm led volume, mostly via db2. Top weakness class — CWE-79 (93 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

445

— MoM— YoY

Severity mix

91 / 113

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

1.8%

8 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

5934.6

n=8

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

4558

n=1

Detection gap

KEV pressure, no Nuclei coverage

December 2009 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1adobe11 CVE

Weakness × Vendor

What's spreading where in December 2009

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#10fr.simon rundell8 CVE
#11cutephp6 CVE
#14korn195 CVE
#16zabbix5 CVE
#18activewebsoftwares4 CVE
#19alienvault4 CVE
#21nullsoft4 CVE
#29idevspot3 CVE
#30iij3 CVE
#31nanwich3 CVE

Top vendors

Ranked by distinct CVE count this period.

1ibm—
22 CVE2 critCVSS 5.9
PoC 1
db2 (14) · aix (2) · infosphere information server (2)
2microsoft—
19 CVE14 critCVSS 9.0
windows 2000 (12) · windows xp (12) · windows 2003 server (7)
3hp—
18 CVE17 critCVSS 9.8
openview network node manager (12) · openview storage data protector (2) · nonstop server (1)
4mozilla—
13 CVE6 critCVSS 8.1
firefox (13) · seamonkey (11) · thunderbird (5)
5adobe—
11 CVE8 critCVSS 8.9
KEV 1
flash player (7) · adobe air (7) · flash media server (2)
6sun—
11 CVE1 critCVSS 6.4
java system directory server (4) · ray server software (3) · opensolaris (3)
7linux—
10 CVECVSS 6.6
PoC 1
linux kernel (10)
8cisco—
9 CVE6 critCVSS 7.8
PoC 1
webex (6) · adaptive security appliance 5500 (1) · adaptive security appliance web ssl vpn (1)
9moodle—
9 CVECVSS 5.8
moodle (9)
10fr.simon rundell—
8 CVECVSS 5.9
NEW
ste parish admin (2) · hs religiousartgallery (2) · pd resources (2)
11cutephp—
6 CVECVSS 4.5
NEWPoC 3
cutenews (6)
12scriptsez—
6 CVECVSS 4.7
PoC 3
ez blog (3) · ez poll hoster (2) · ez cart (1)
13sql-ledger—
6 CVECVSS 5.7
sql-ledger (6)
14korn19—
5 CVECVSS 4.9
NEWPoC 2
utf-8 cutenews (5)
15novell inc.—
5 CVECVSS 6.3
PoC 1
opensuse (5)
16zabbix—
5 CVE1 critCVSS 6.7
NEWPoC 1
zabbix (5)
17сообщество свободного программного обеспечения—
5 CVECVSS 5.6
PoC 1
debian gnu/linux (4) · linux (1)
18activewebsoftwares—
4 CVECVSS 6.7
NEWPoC 3
ewebquiz (1) · active bids (1) · active business directory (1)
19alienvault—
4 CVECVSS 7.5
NEWPoC 3
open source security information management (4)
20deluxebb—
4 CVECVSS 5.2
PoC 4
deluxebb (4)
21nullsoft—
4 CVE4 critCVSS 9.3
NEW
winamp (4)
22php—
4 CVE1 critCVSS 6.4
PoC 1
php (4)
23redhat—
4 CVECVSS 4.3
jboss enterprise application platform (3) · enterprise mrg (1)
24apc—
3 CVECVSS 5.1
PoC 1
switched rack pdu (2) · network management card (2) · ap7932 b2 (1)
25drupal—
3 CVECVSS 3.5
drupal (3)
26freebsd—
3 CVECVSS 6.4
PoC 2
freebsd (3)
27gnome—
3 CVE1 critCVSS 6.1
networkmanager (2) · gpdf (1)
28gnu—
3 CVECVSS 5.3
PoC 1
coreutils (1) · grub 2 (1) · automake (1)
29idevspot—
3 CVECVSS 4.5
NEWPoC 3
isupport (2) · idevcart (1)
30iij—
3 CVE1 critCVSS 7.8
NEW
seil\/b1 (3) · seil\/x2 (2) · seil\/x1 firmware (2)
31nanwich—
3 CVECVSS 5.1
NEW
faq ask (3)
32nathan haug—
3 CVECVSS 4.3
NEW
webform (3)
33novell—
3 CVE3 critCVSS 9.5
edirectory (1) · iprint (1) · iprint client (1)
34phpgroupware—
3 CVECVSS 6.2
NEW
phpgroupware (3)
35roytanck—
3 CVECVSS 4.5
NEWNuclei 3
wp-cumulus (3)
36transware—
3 CVECVSS 5.3
NEW
active\! mail (2) · active mail 2003 (1)
37wireshark—
3 CVE1 critCVSS 6.0
PoC 2
wireshark (3)
38zen-cart—
3 CVECVSS 5.8
NEW
zen cart (3)
39apple—
2 CVE1 critCVSS 6.4
PoC 1
mac os x server (1) · safari (1) · mac os x (1)
40basic-cms—
2 CVECVSS 7.2
PoC 1
sweetrice (2)
41bestpractical—
2 CVECVSS 5.8
NEW
rt (2)
42ca—
2 CVE1 critCVSS 6.8
PoC 1
etrust pestpatrole ppctl.dll activex (1) · service desk (1)
43canonical—
2 CVECVSS 6.0
ubuntu linux (2)
44haroldbakker—
2 CVECVSS 5.9
NEWPoC 1
hb-ns (2)
45horde—
2 CVECVSS 4.3
PoC 1
application framework (2) · groupware (2)
46huawei—
2 CVECVSS 4.6
NEWPoC 2
mt882 v100t002b020 arg-t (1) · mt882 modem (1) · mt882 modem firmware (1)
47intellicom—
2 CVE2 critCVSS 10.0
NEW
netbiterconfig (1) · netbiter webscada firmware (1) · netbiter webscada ws100 (1)
48joao ventura—
2 CVECVSS 4.7
NEW
print (2)
49mailsite—
2 CVECVSS 6.4
NEW
mailsite (2)
50matomo—
2 CVECVSS 7.5
NEWNuclei 1PoC 1
matomo (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	ibm	22	2	·	·	PoC 1	db2 (14) · aix (2) · infosphere information server (2)	—
2	microsoft	19	14	·	·		windows 2000 (12) · windows xp (12) · windows 2003 server (7)	—
3	hp	18	17	·	·		openview network node manager (12) · openview storage data protector (2) · nonstop server (1)	—
4	mozilla	13	6	·	·		firefox (13) · seamonkey (11) · thunderbird (5)	—
5	adobe	11	8	1	·	KEV 1	flash player (7) · adobe air (7) · flash media server (2)	—
6	sun	11	1	·	·		java system directory server (4) · ray server software (3) · opensolaris (3)	—
7	linux	10	·	·	·	PoC 1	linux kernel (10)	—
8	cisco	9	6	·	·	PoC 1	webex (6) · adaptive security appliance 5500 (1) · adaptive security appliance web ssl vpn (1)	—
9	moodle	9	·	·	·		moodle (9)	—
10	fr.simon rundell	8	·	·	·	NEW	ste parish admin (2) · hs religiousartgallery (2) · pd resources (2)	—
11	cutephp	6	·	·	·	NEWPoC 3	cutenews (6)	—
12	scriptsez	6	·	·	·	PoC 3	ez blog (3) · ez poll hoster (2) · ez cart (1)	—
13	sql-ledger	6	·	·	·		sql-ledger (6)	—
14	korn19	5	·	·	·	NEWPoC 2	utf-8 cutenews (5)	—
15	novell inc.	5	·	·	·	PoC 1	opensuse (5)	—
16	zabbix	5	1	·	·	NEWPoC 1	zabbix (5)	—
17	сообщество свободного программного обеспечения	5	·	·	·	PoC 1	debian gnu/linux (4) · linux (1)	—
18	activewebsoftwares	4	·	·	·	NEWPoC 3	ewebquiz (1) · active bids (1) · active business directory (1)	—
19	alienvault	4	·	·	·	NEWPoC 3	open source security information management (4)	—
20	deluxebb	4	·	·	·	PoC 4	deluxebb (4)	—
21	nullsoft	4	4	·	·	NEW	winamp (4)	—
22	php	4	1	·	·	PoC 1	php (4)	—
23	redhat	4	·	·	·		jboss enterprise application platform (3) · enterprise mrg (1)	—
24	apc	3	·	·	·	PoC 1	switched rack pdu (2) · network management card (2) · ap7932 b2 (1)	—
25	drupal	3	·	·	·		drupal (3)	—
26	freebsd	3	·	·	·	PoC 2	freebsd (3)	—
27	gnome	3	1	·	·		networkmanager (2) · gpdf (1)	—
28	gnu	3	·	·	·	PoC 1	coreutils (1) · grub 2 (1) · automake (1)	—
29	idevspot	3	·	·	·	NEWPoC 3	isupport (2) · idevcart (1)	—
30	iij	3	1	·	·	NEW	seil\/b1 (3) · seil\/x2 (2) · seil\/x1 firmware (2)	—
31	nanwich	3	·	·	·	NEW	faq ask (3)	—
32	nathan haug	3	·	·	·	NEW	webform (3)	—
33	novell	3	3	·	·		edirectory (1) · iprint (1) · iprint client (1)	—
34	phpgroupware	3	·	·	·	NEW	phpgroupware (3)	—
35	roytanck	3	·	·	3	NEWNuclei 3	wp-cumulus (3)	—
36	transware	3	·	·	·	NEW	active\! mail (2) · active mail 2003 (1)	—
37	wireshark	3	1	·	·	PoC 2	wireshark (3)	—
38	zen-cart	3	·	·	·	NEW	zen cart (3)	—
39	apple	2	1	·	·	PoC 1	mac os x server (1) · safari (1) · mac os x (1)	—
40	basic-cms	2	·	·	·	PoC 1	sweetrice (2)	—
41	bestpractical	2	·	·	·	NEW	rt (2)	—
42	ca	2	1	·	·	PoC 1	etrust pestpatrole ppctl.dll activex (1) · service desk (1)	—
43	canonical	2	·	·	·		ubuntu linux (2)	—
44	haroldbakker	2	·	·	·	NEWPoC 1	hb-ns (2)	—
45	horde	2	·	·	·	PoC 1	application framework (2) · groupware (2)	—
46	huawei	2	·	·	·	NEWPoC 2	mt882 v100t002b020 arg-t (1) · mt882 modem (1) · mt882 modem firmware (1)	—
47	intellicom	2	2	·	·	NEW	netbiterconfig (1) · netbiter webscada firmware (1) · netbiter webscada ws100 (1)	—
48	joao ventura	2	·	·	·	NEW	print (2)	—
49	mailsite	2	·	·	·	NEW	mailsite (2)	—
50	matomo	2	·	·	1	NEWNuclei 1PoC 1	matomo (2)	—