month report

April 2011

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

April 2011 closed with 312 published CVEs — -40.0% YoY . 47 criticals, microsoft led volume, mostly via windows xp. Biggest breakout: oracle at ×12.3 their 12-month median. Top weakness class — CWE-399 (38 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

312

— MoM-40.0% YoY

Severity mix

47 / 55

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.6%

2 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

5446.0

n=2

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

3977

n=1

Detection gap

KEV pressure, no Nuclei coverage

April 2011 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1google6 CVE
KEV 1opensuse3 CVE
KEV 1suse3 CVE
KEV 1adobe1 CVE

Weakness × Vendor

What's spreading where in April 2011

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

12.3×oracle49 CVE
4.7×mediawiki7 CVE
4.7×red hat inc.7 CVE
4.0×mono4 CVE
3.0×horde3 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#167t4 CVE
#17mark pilgrim4 CVE
#18mono4 CVE
#21aphpkb3 CVE
#23icanlocalize3 CVE
#29baconmap2 CVE
#35enanocms2 CVE
#36joomlaseller2 CVE
#40ncpfs2 CVE
#42phpwebscripts2 CVE

Top vendors

Ranked by distinct CVE count this period.

1microsoft—
54 CVE18 critCVSS 7.9
PoC 1
windows xp (38) · windows server 2003 (36) · windows server 2008 (35)
2oracle—
49 CVE1 critCVSS 5.0
×12.3
peoplesoft and jdedwards product suite (10) · jd edwards enterpriseone ep (8) · database server (8)
3ibm—
23 CVE3 critCVSS 5.0
tivoli directory server (17) · webi (2) · soliddb (1)
4hp—
19 CVE3 critCVSS 5.6
network node manager i (4) · photosmart b110 (3) · photosmart d110 (3)
5sun—
12 CVE1 critCVSS 4.8
sunos (11) · java system application server (1)
6novell—
9 CVE2 critCVSS 6.6
moonlight (4) · opensuse build service (2) · zenworks configuration management (1)
7gentoo foundation inc.—
8 CVECVSS 4.9
PoC 3
gentoo linux (8)
8linux—
7 CVECVSS 3.6
linux kernel (4) · util-linux (3)
9mediawiki—
7 CVECVSS 4.5
×4.7PoC 1
mediawiki (7)
10redhat—
7 CVECVSS 4.0
spice-xpi (2) · enterprise linux desktop (2) · enterprise linux workstation (2)
11red hat inc.—
7 CVE1 critCVSS 5.5
×4.7
red hat enterprise linux (7)
12bestpractical—
6 CVECVSS 4.7
rt (6)
13gnu—
6 CVECVSS 5.0
PoC 2
glibc (6) · eglibc (1)
14google—
6 CVE3 critCVSS 8.3
KEV 1PoC 3
chrome (5) · android (1)
15broadcom—
5 CVE2 critCVSS 7.7
total defense (3) · output management web viewer (1) · siteminder (1)
167t—
4 CVE4 critCVSS 10.0
NEWPoC 4
igss (4)
17mark pilgrim—
4 CVECVSS 4.5
NEWPoC 3
feedparser (4)
18mono—
4 CVECVSS 6.0
NEW×4.0
mono (4)
19pypi—
4 CVECVSS 4.5
PoC 3
feedparser (4)
20realnetworks—
4 CVE4 critCVSS 9.5
PoC 1
helix mobile server (2) · helix server (2) · realplayer (2)
21aphpkb—
3 CVECVSS 7.0
NEWPoC 2
aphpkb (3)
22horde—
3 CVECVSS 4.3
×3.0
groupware (2) · dynamic imp (1) · gollem (1)
23icanlocalize—
3 CVECVSS 6.2
NEW
translation management (3)
24opensuse—
3 CVECVSS 7.3
KEV 1PoC 1
opensuse (3)
25suse—
3 CVECVSS 5.2
KEV 1PoC 1
linux enterprise desktop (2) · linux enterprise server (2)
26wireshark—
3 CVE1 critCVSS 6.0
PoC 1
wireshark (3)
27apache—
2 CVECVSS 5.4
tomcat (2)
28apple—
2 CVECVSS 4.7
iphone os (1) · webkit (1)
29baconmap—
2 CVECVSS 6.8
NEWPoC 2
baconmap (2)
30canonical—
2 CVECVSS 4.8
PoC 1
ubuntu linux (2)
31cisco—
2 CVE1 critCVSS 7.5
ios (1) · secure access control system (1)
32debian—
2 CVECVSS 5.0
PoC 1
debian linux (2)
33digium—
2 CVE1 critCVSS 7.0
asterisk (2)
34emc—
2 CVECVSS 5.6
networker (1) · rsa adaptive authentication on-premise (1)
35enanocms—
2 CVECVSS 6.3
NEWPoC 2
enano cms (2)
36joomlaseller—
2 CVECVSS 5.9
NEWPoC 2
com jscalendar (2)
37kde—
2 CVECVSS 5.0
kde sc (2)
38maven—
2 CVECVSS 5.4
org.apache.tomcat:tomcat (2)
39mozilla—
2 CVE1 critCVSS 6.2
firefox (2) · seamonkey (1)
40ncpfs—
2 CVECVSS 3.9
NEW
ncpfs (2)
41netgear—
2 CVECVSS 5.9
prosafe wnap210 firmware (2) · prosafe wnap210 (2)
42phpwebscripts—
2 CVECVSS 4.7
NEWPoC 1
easy banner free (2)
43qooxdoo—
2 CVECVSS 4.7
NEWPoC 2
qooxdoo (2)
44realflex—
2 CVE2 critCVSS 10.0
NEWPoC 2
realwin (2)
45roundcube—
2 CVECVSS 4.5
webmail (2)
46the centos project—
2 CVE1 critCVSS 6.3
centos (2)
47tincan—
2 CVECVSS 5.5
NEWPoC 1
phplist (2)
48vmware—
2 CVECVSS 5.7
open-vm-tools (1) · vix api (1) · workstation (1)
49сообщество свободного программного обеспечения—
2 CVECVSS 4.8
PoC 1
debian gnu/linux (1) · perl (1)
50adobe—
1 CVECVSS 8.8
KEV 1PoC 1
acrobat (1) · acrobat reader (1) · adobe air (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	microsoft	54	18	·	·	PoC 1	windows xp (38) · windows server 2003 (36) · windows server 2008 (35)	—
2	oracle	49	1	·	·	×12.3	peoplesoft and jdedwards product suite (10) · jd edwards enterpriseone ep (8) · database server (8)	—
3	ibm	23	3	·	·		tivoli directory server (17) · webi (2) · soliddb (1)	—
4	hp	19	3	·	·		network node manager i (4) · photosmart b110 (3) · photosmart d110 (3)	—
5	sun	12	1	·	·		sunos (11) · java system application server (1)	—
6	novell	9	2	·	·		moonlight (4) · opensuse build service (2) · zenworks configuration management (1)	—
7	gentoo foundation inc.	8	·	·	·	PoC 3	gentoo linux (8)	—
8	linux	7	·	·	·		linux kernel (4) · util-linux (3)	—
9	mediawiki	7	·	·	·	×4.7PoC 1	mediawiki (7)	—
10	redhat	7	·	·	·		spice-xpi (2) · enterprise linux desktop (2) · enterprise linux workstation (2)	—
11	red hat inc.	7	1	·	·	×4.7	red hat enterprise linux (7)	—
12	bestpractical	6	·	·	·		rt (6)	—
13	gnu	6	·	·	·	PoC 2	glibc (6) · eglibc (1)	—
14	google	6	3	1	·	KEV 1PoC 3	chrome (5) · android (1)	—
15	broadcom	5	2	·	·		total defense (3) · output management web viewer (1) · siteminder (1)	—
16	7t	4	4	·	·	NEWPoC 4	igss (4)	—
17	mark pilgrim	4	·	·	·	NEWPoC 3	feedparser (4)	—
18	mono	4	·	·	·	NEW×4.0	mono (4)	—
19	pypi	4	·	·	·	PoC 3	feedparser (4)	—
20	realnetworks	4	4	·	·	PoC 1	helix mobile server (2) · helix server (2) · realplayer (2)	—
21	aphpkb	3	·	·	·	NEWPoC 2	aphpkb (3)	—
22	horde	3	·	·	·	×3.0	groupware (2) · dynamic imp (1) · gollem (1)	—
23	icanlocalize	3	·	·	·	NEW	translation management (3)	—
24	opensuse	3	·	1	·	KEV 1PoC 1	opensuse (3)	—
25	suse	3	·	1	·	KEV 1PoC 1	linux enterprise desktop (2) · linux enterprise server (2)	—
26	wireshark	3	1	·	·	PoC 1	wireshark (3)	—
27	apache	2	·	·	·		tomcat (2)	—
28	apple	2	·	·	·		iphone os (1) · webkit (1)	—
29	baconmap	2	·	·	·	NEWPoC 2	baconmap (2)	—
30	canonical	2	·	·	·	PoC 1	ubuntu linux (2)	—
31	cisco	2	1	·	·		ios (1) · secure access control system (1)	—
32	debian	2	·	·	·	PoC 1	debian linux (2)	—
33	digium	2	1	·	·		asterisk (2)	—
34	emc	2	·	·	·		networker (1) · rsa adaptive authentication on-premise (1)	—
35	enanocms	2	·	·	·	NEWPoC 2	enano cms (2)	—
36	joomlaseller	2	·	·	·	NEWPoC 2	com jscalendar (2)	—
37	kde	2	·	·	·		kde sc (2)	—
38	maven	2	·	·	·		org.apache.tomcat:tomcat (2)	—
39	mozilla	2	1	·	·		firefox (2) · seamonkey (1)	—
40	ncpfs	2	·	·	·	NEW	ncpfs (2)	—
41	netgear	2	·	·	·		prosafe wnap210 firmware (2) · prosafe wnap210 (2)	—
42	phpwebscripts	2	·	·	·	NEWPoC 1	easy banner free (2)	—
43	qooxdoo	2	·	·	·	NEWPoC 2	qooxdoo (2)	—
44	realflex	2	2	·	·	NEWPoC 2	realwin (2)	—
45	roundcube	2	·	·	·		webmail (2)	—
46	the centos project	2	1	·	·		centos (2)	—
47	tincan	2	·	·	·	NEWPoC 1	phplist (2)	—
48	vmware	2	·	·	·		open-vm-tools (1) · vix api (1) · workstation (1)	—
49	сообщество свободного программного обеспечения	2	·	·	·	PoC 1	debian gnu/linux (1) · perl (1)	—
50	adobe	1	·	1	·	KEV 1PoC 1	acrobat (1) · acrobat reader (1) · adobe air (1)	—