month report

October 2010

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

October 2010 closed with 435 published CVEs — +23.2% YoY . 125 criticals, oracle led volume, mostly via peoplesoft and jdedwards product suite. Biggest breakout: oracle at ×19.8 their 12-month median. Top weakness class — CWE-20 (45 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

435

— MoM+23.2% YoY

Severity mix

125 / 38

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.2%

1 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

5618.2

n=1

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

5458

n=1

Detection gap

KEV pressure, no Nuclei coverage

October 2010 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1mozilla13 CVE

Weakness × Vendor

What's spreading where in October 2010

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

19.8×oracle79 CVE
7.5×pypi15 CVE
4.3×google13 CVE
4.0×opera8 CVE
4.0×dovecot4 CVE
3.4×adobe37 CVE
3.3×hp23 CVE
3.2×ibm29 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#8g.rodola14 CVE
#18cmsmadesimple4 CVE
#21infradead4 CVE
#25xelerance4 CVE
#26apereo3 CVE
#31dustincowell2 CVE
#32fenrir2 CVE
#33freeradius2 CVE
#37lhaplus2 CVE
#38mantisbt2 CVE

Top vendors

Ranked by distinct CVE count this period.

1oracle—
79 CVE5 critCVSS 4.9
×19.8
peoplesoft and jdedwards product suite (21) · opensolaris (12) · solaris (11)
2microsoft—
48 CVE30 critCVSS 8.3
PoC 3
office (15) · excel (13) · word (11)
3adobe—
37 CVE33 critCVSS 8.7
×3.4PoC 2
acrobat reader (22) · acrobat (22) · shockwave player (11)
4ibm—
29 CVE8 critCVSS 6.4
×3.2PoC 3
db2 (9) · tivoli storage manager fastback (8) · informix dynamic server (3)
5sun—
27 CVE18 critCVSS 8.6
jdk (27) · jre (27) · sdk (16)
6hp—
23 CVE2 critCVSS 6.8
×3.3
systems insight manager (4) · insight control virtual machine management (3) · insight control server migration (3)
7pypi—
15 CVECVSS 5.2
×7.5PoC 1
pyftpdlib (14) · zodb3 (1)
8g.rodola—
14 CVECVSS 5.2
NEWPoC 1
pyftpdlib (14)
9google—
13 CVE6 critCVSS 8.2
×4.3PoC 2
chrome (13)
10mozilla—
13 CVE7 critCVSS 7.8
KEV 1PoC 1
firefox (13) · seamonkey (12) · thunderbird (12)
11сообщество свободного программного обеспечения—
9 CVECVSS 5.7
PoC 2
debian gnu/linux (9)
12opera—
8 CVE1 critCVSS 4.9
×4.0
opera browser (8)
13apache—
7 CVE1 critCVSS 5.5
Nuclei 1PoC 1
qpid (3) · apr-util (1) · axis2 (1)
14realnetworks—
7 CVE7 critCVSS 9.4
PoC 1
realplayer (7) · realplayer sp (7)
15opensuse—
6 CVE1 critCVSS 7.5
PoC 3
opensuse (6)
16sap—
6 CVE2 critCVSS 6.2
Nuclei 1PoC 5
businessobjects (6)
17typo3—
5 CVECVSS 5.5
PoC 1
typo3 (5)
18cmsmadesimple—
4 CVECVSS 6.3
NEW
cms made simple (4)
19debian—
4 CVECVSS 6.5
PoC 3
debian linux (3) · mono-debugger (1)
20dovecot—
4 CVECVSS 4.6
×4.0
dovecot (4)
21infradead—
4 CVECVSS 5.3
NEW
openconnect (4)
22linux—
4 CVECVSS 5.8
PoC 1
linux kernel (4)
23redhat—
4 CVECVSS 4.3
enterprise mrg (4)
24red hat inc.—
4 CVECVSS 6.5
red hat enterprise linux (4)
25xelerance—
4 CVECVSS 6.5
NEW
openswan (4)
26apereo—
3 CVECVSS 4.7
NEW
phpcas (3)
27cisco—
3 CVE1 critCVSS 8.4
anyconnect ssl vpn (1) · ciscoworks common services (1) · ciscoworks lan management solution (1)
28rim—
3 CVECVSS 6.7
blackberry desktop software (1) · blackberry device software (1) · blackberry enterprise server (1)
29apple—
2 CVECVSS 6.5
mail (1) · safari (1)
30canonical—
2 CVECVSS 5.7
PoC 1
ubuntu linux (2)
31dustincowell—
2 CVECVSS 7.5
NEWPoC 1
free simple cms (2)
32fenrir—
2 CVECVSS 6.9
NEW
grani (2) · sleipnir (2)
33freeradius—
2 CVECVSS 4.3
NEW
freeradius (2)
34gentoo foundation inc.—
2 CVECVSS 5.8
gentoo linux (2)
35isc—
2 CVECVSS 4.7
bind (2)
36joomla—
2 CVECVSS 3.9
joomla\! (2)
37lhaplus—
2 CVECVSS 6.9
NEW
lhaplus (2)
38mantisbt—
2 CVECVSS 3.9
NEW
mantisbt (2)
39maven—
2 CVECVSS 5.0
org.acegisecurity:acegi-security (1) · org.apache.myfaces.core:myfaces-impl (1) · org.apache.myfaces.shared:myfaces-shared-core (1)
40novell inc.—
2 CVECVSS 5.7
PoC 1
suse linux enterprise (2)
41packagist—
2 CVECVSS 5.7
PoC 1
typo3/cms (1) · typo3/cms-backend (1)
42ponsoftware—
2 CVECVSS 6.9
NEW
archive decoder (1) · explzh (1)
43python—
2 CVECVSS 4.7
NEW
python (2)
44realpage—
2 CVE1 critCVSS 7.5
NEW
module activex control (1) · module activex controls (1)
45suse—
2 CVECVSS 5.7
PoC 1
linux enterprise desktop (2) · linux enterprise real time extension (2) · linux enterprise server (2)
46acegisecurity—
1 CVECVSS 5.0
NEW
acegi-security (1)
47alex launi—
1 CVECVSS 6.9
NEW
tangerine (1)
48alvaro herrera—
1 CVECVSS 6.0
NEW
pl\/php (1)
49ardour—
1 CVECVSS 6.9
NEW
ardour (1)
50artifex—
1 CVECVSS 4.3
NEW
afpl ghostscript (1) · ghostscript fonts (1) · gpl ghostscript (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	79	5	·	·	×19.8	peoplesoft and jdedwards product suite (21) · opensolaris (12) · solaris (11)	—
2	microsoft	48	30	·	·	PoC 3	office (15) · excel (13) · word (11)	—
3	adobe	37	33	·	·	×3.4PoC 2	acrobat reader (22) · acrobat (22) · shockwave player (11)	—
4	ibm	29	8	·	·	×3.2PoC 3	db2 (9) · tivoli storage manager fastback (8) · informix dynamic server (3)	—
5	sun	27	18	·	·		jdk (27) · jre (27) · sdk (16)	—
6	hp	23	2	·	·	×3.3	systems insight manager (4) · insight control virtual machine management (3) · insight control server migration (3)	—
7	pypi	15	·	·	·	×7.5PoC 1	pyftpdlib (14) · zodb3 (1)	—
8	g.rodola	14	·	·	·	NEWPoC 1	pyftpdlib (14)	—
9	google	13	6	·	·	×4.3PoC 2	chrome (13)	—
10	mozilla	13	7	1	·	KEV 1PoC 1	firefox (13) · seamonkey (12) · thunderbird (12)	—
11	сообщество свободного программного обеспечения	9	·	·	·	PoC 2	debian gnu/linux (9)	—
12	opera	8	1	·	·	×4.0	opera browser (8)	—
13	apache	7	1	·	1	Nuclei 1PoC 1	qpid (3) · apr-util (1) · axis2 (1)	—
14	realnetworks	7	7	·	·	PoC 1	realplayer (7) · realplayer sp (7)	—
15	opensuse	6	1	·	·	PoC 3	opensuse (6)	—
16	sap	6	2	·	1	Nuclei 1PoC 5	businessobjects (6)	—
17	typo3	5	·	·	·	PoC 1	typo3 (5)	—
18	cmsmadesimple	4	·	·	·	NEW	cms made simple (4)	—
19	debian	4	·	·	·	PoC 3	debian linux (3) · mono-debugger (1)	—
20	dovecot	4	·	·	·	×4.0	dovecot (4)	—
21	infradead	4	·	·	·	NEW	openconnect (4)	—
22	linux	4	·	·	·	PoC 1	linux kernel (4)	—
23	redhat	4	·	·	·		enterprise mrg (4)	—
24	red hat inc.	4	·	·	·		red hat enterprise linux (4)	—
25	xelerance	4	·	·	·	NEW	openswan (4)	—
26	apereo	3	·	·	·	NEW	phpcas (3)	—
27	cisco	3	1	·	·		anyconnect ssl vpn (1) · ciscoworks common services (1) · ciscoworks lan management solution (1)	—
28	rim	3	·	·	·		blackberry desktop software (1) · blackberry device software (1) · blackberry enterprise server (1)	—
29	apple	2	·	·	·		mail (1) · safari (1)	—
30	canonical	2	·	·	·	PoC 1	ubuntu linux (2)	—
31	dustincowell	2	·	·	·	NEWPoC 1	free simple cms (2)	—
32	fenrir	2	·	·	·	NEW	grani (2) · sleipnir (2)	—
33	freeradius	2	·	·	·	NEW	freeradius (2)	—
34	gentoo foundation inc.	2	·	·	·		gentoo linux (2)	—
35	isc	2	·	·	·		bind (2)	—
36	joomla	2	·	·	·		joomla\! (2)	—
37	lhaplus	2	·	·	·	NEW	lhaplus (2)	—
38	mantisbt	2	·	·	·	NEW	mantisbt (2)	—
39	maven	2	·	·	·		org.acegisecurity:acegi-security (1) · org.apache.myfaces.core:myfaces-impl (1) · org.apache.myfaces.shared:myfaces-shared-core (1)	—
40	novell inc.	2	·	·	·	PoC 1	suse linux enterprise (2)	—
41	packagist	2	·	·	·	PoC 1	typo3/cms (1) · typo3/cms-backend (1)	—
42	ponsoftware	2	·	·	·	NEW	archive decoder (1) · explzh (1)	—
43	python	2	·	·	·	NEW	python (2)	—
44	realpage	2	1	·	·	NEW	module activex control (1) · module activex controls (1)	—
45	suse	2	·	·	·	PoC 1	linux enterprise desktop (2) · linux enterprise real time extension (2) · linux enterprise server (2)	—
46	acegisecurity	1	·	·	·	NEW	acegi-security (1)	—
47	alex launi	1	·	·	·	NEW	tangerine (1)	—
48	alvaro herrera	1	·	·	·	NEW	pl\/php (1)	—
49	ardour	1	·	·	·	NEW	ardour (1)	—
50	artifex	1	·	·	·	NEW	afpl ghostscript (1) · ghostscript fonts (1) · gpl ghostscript (1)	—