month report

January 2013

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

January 2013 closed with 443 published CVEs — +40.2% YoY . 101 criticals, oracle led volume, mostly via mysql. Biggest breakout: canonical at ×46.0 their 12-month median. Top weakness class — CWE-119 (75 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

443

— MoM+40.2% YoY

Severity mix

101 / 67

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

2.0%

9 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

4789.8

n=9

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

3344

n=6

Detection gap

KEV pressure, no Nuclei coverage

January 2013 · vendors with active exploitation listed by CISA but no public detection template.

KEV 4adobe32 CVE
KEV 2oracle80 CVE
KEV 2red hat inc.4 CVE
KEV 1canonical46 CVE
KEV 1opensuse46 CVE
KEV 1novell inc.5 CVE
KEV 1canonical ltd.2 CVE

Weakness × Vendor

What's spreading where in January 2013

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

119Memory Buffer Bounds 264CWE-264 79XSS 20Improper Input Validation 200Information Exposure 89SQL Injection 399CWE-399 189CWE-189 22Path Traversal 416Use After Free oracle 1 1 canonical 2 3 1 9 opensuse 5 1 5 1 4 2 1 10 redhat 6 2 2 2 1 6 adobe 16 2 1 2 google 6 4 4 7 3 1 1 mozilla 1 1 2 1 9 suse 1 2 1 9 ibm 3 7 2 1 cisco 5 3 3 2 mariadb 1 apple 12 1 2

Breakout vendors

CVE count ≥3× their own 12-period median.

46.0×canonical46 CVE
13.1×opensuse46 CVE
13.0×opera13 CVE
10.3×redhat41 CVE
5.4×suse27 CVE
5.1×cisco18 CVE
4.0×сообщество свободного программного обеспечения14 CVE
3.0×mozilla27 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#11mariadb17 CVE
#16moodle10 CVE
#17rockwell automation8 CVE
#20portable sdk for upnp project6 CVE
#27miniupnp project4 CVE
#31tivoli storage productivity center4 CVE
#34diy-cms3 CVE
#38netartmedia3 CVE
#39shawn bradley3 CVE
#41xerox3 CVE

Top vendors

Ranked by distinct CVE count this period.

1oracle—
80 CVE6 critCVSS 5.2
KEV 2PoC 1
mysql (17) · enterprise manager grid control (13) · peoplesoft products (12)
2canonical—
46 CVE24 critCVSS 7.4
×46.0KEV 1PoC 3
ubuntu linux (46)
3opensuse—
46 CVE24 critCVSS 7.9
×13.1KEV 1PoC 4
opensuse (46)
4redhat—
41 CVE13 critCVSS 7.1
×10.3PoC 2
enterprise linux desktop (23) · enterprise linux workstation (23) · enterprise linux eus (22)
5adobe—
32 CVE29 critCVSS 9.8
KEV 4PoC 1
acrobat (27) · acrobat reader (27) · coldfusion (4)
6google—
29 CVE2 critCVSS 6.9
chrome (29) · v8 (1)
7mozilla—
27 CVE23 critCVSS 8.8
×3.0PoC 3
firefox (27) · seamonkey (27) · thunderbird (26)
8suse—
27 CVE23 critCVSS 8.8
×5.4PoC 3
linux enterprise desktop (26) · linux enterprise server (26) · linux enterprise software development kit (26)
9ibm—
24 CVE6 critCVSS 7.8
infosphere information server (10) · websphere application server (5) · websphere real time (4)
10cisco—
18 CVE3 critCVSS 7.2
×5.1
7500 wireless lan controller (4) · 2000 wireless lan controller (4) · 2100 wireless lan controller (4)
11mariadb—
17 CVECVSS 5.1
NEW
mariadb (17)
12apple—
16 CVECVSS 5.8
iphone os (16) · tvos (1)
13microsoft—
16 CVE5 critCVSS 7.9
PoC 2
.net framework (5) · windows 7 (5) · windows server 2008 (5)
14сообщество свободного программного обеспечения—
14 CVE8 critCVSS 8.0
×4.0PoC 7
debian gnu/linux (13) · grep (1) · perl (1)
15opera—
13 CVE3 critCVSS 5.8
×13.0
opera browser (13)
16moodle—
10 CVECVSS 5.2
NEW
moodle (10)
17rockwell automation—
8 CVE1 critCVSS 7.3
NEW
compactlogix l32e and l35e controllers (8) · 1756-enbt, 1756-eweb, 1768-enbt, 1768-eweb communication modules (8) · controllogix, compactlogix, guardlogix, and softlogix (8)
18rockwellautomation—
8 CVE1 critCVSS 7.3
compactlogix l32e controller (7) · compactlogix l35e controller (7) · controllogix (7)
19sun—
7 CVECVSS 4.6
sunos (7)
20portable sdk for upnp project—
6 CVE6 critCVSS 10.0
NEWPoC 3
portable sdk for upnp (6)
21emc—
5 CVE2 critCVSS 8.0
PoC 1
alphastor (3) · avamar (1) · avamar plugin (1)
22ge—
5 CVE1 critCVSS 5.8
intelligent platforms proficy hmi\/scada cimplicity (3) · intelligent platforms proficy process systems (3) · intelligent platforms proficy process systems with cimplicity (3)
23linux—
5 CVECVSS 4.7
linux kernel (5)
24novell inc.—
5 CVE1 critCVSS 6.3
KEV 1
opensuse (3) · suse linux enterprise (1) · suse linux enterprise desktop (1)
25rubygems—
5 CVECVSS 6.8
PoC 3
activerecord (2) · authlogic (1) · activesupport (1)
26rubyonrails—
5 CVECVSS 7.0
PoC 3
rails (5) · ruby on rails (4)
27miniupnp project—
4 CVE1 critCVSS 8.3
NEWPoC 1
miniupnpd (4)
28moinmo—
4 CVECVSS 5.7
PoC 1
moinmoin (4)
29pypi—
4 CVECVSS 5.7
PoC 1
moin (4)
30red hat inc.—
4 CVE1 critCVSS 6.9
KEV 2
red hat enterprise linux (3) · red hat enterprise linux workstation (2) · red hat enterprise linux server (2)
31tivoli storage productivity center—
4 CVE4 critCVSS 9.3
NEW
5.0 (4) · 5.1 (4) · 5.1.1 (4)
32apache—
3 CVE1 critCVSS 5.3
cxf (2) · cloudstack (1)
33debian—
3 CVECVSS 6.6
PoC 1
debian linux (3)
34diy-cms—
3 CVECVSS 6.2
NEWPoC 3
diy-cms (3)
35drupal—
3 CVECVSS 5.3
drupal (3)
36freetype—
3 CVECVSS 4.3
freetype (3)
37gentoo foundation inc.—
3 CVECVSS 4.3
gentoo linux (3)
38netartmedia—
3 CVECVSS 6.2
NEWPoC 2
car portal (3)
39shawn bradley—
3 CVECVSS 6.4
NEWPoC 3
php volunteer management (2) · php ticket system (1)
40the centos project—
3 CVE1 critCVSS 7.8
centos (3)
41xerox—
3 CVECVSS 4.6
NEW
freeflow print server (3)
423s-smart software solutions—
2 CVE2 critCVSS 9.9
NEW
codesys control rte (2) · codesys control runtime embedded (2) · codesys control runtime full (2)
433s-software—
2 CVE2 critCVSS 9.9
NEW
codesys runtime system (2)
44canonical ltd.—
2 CVE1 critCVSS 8.7
KEV 1
ubuntu (2)
45digium—
2 CVECVSS 4.7
asterisk (2) · certified asterisk (2)
46e107—
2 CVECVSS 6.8
PoC 2
e107 (2)
47festo—
2 CVE2 critCVSS 9.9
NEW
cecx-x-c1 modular master controller with codesys (2) · cecx-x-m1 modular controller with codesys and softmotion (2)
48hp—
2 CVE1 critCVSS 7.2
diagnostics server (1) · pki activex control (1)
49libupnp project—
2 CVE2 critCVSS 10.0
NEWPoC 2
libupnp (2)
50maven—
2 CVE1 critCVSS 7.2
org.apache.cxf:cxf (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	80	6	2	·	KEV 2PoC 1	mysql (17) · enterprise manager grid control (13) · peoplesoft products (12)	—
2	canonical	46	24	1	·	×46.0KEV 1PoC 3	ubuntu linux (46)	—
3	opensuse	46	24	1	·	×13.1KEV 1PoC 4	opensuse (46)	—
4	redhat	41	13	·	·	×10.3PoC 2	enterprise linux desktop (23) · enterprise linux workstation (23) · enterprise linux eus (22)	—
5	adobe	32	29	4	·	KEV 4PoC 1	acrobat (27) · acrobat reader (27) · coldfusion (4)	—
6	google	29	2	·	·		chrome (29) · v8 (1)	—
7	mozilla	27	23	·	·	×3.0PoC 3	firefox (27) · seamonkey (27) · thunderbird (26)	—
8	suse	27	23	·	·	×5.4PoC 3	linux enterprise desktop (26) · linux enterprise server (26) · linux enterprise software development kit (26)	—
9	ibm	24	6	·	·		infosphere information server (10) · websphere application server (5) · websphere real time (4)	—
10	cisco	18	3	·	·	×5.1	7500 wireless lan controller (4) · 2000 wireless lan controller (4) · 2100 wireless lan controller (4)	—
11	mariadb	17	·	·	·	NEW	mariadb (17)	—
12	apple	16	·	·	·		iphone os (16) · tvos (1)	—
13	microsoft	16	5	·	·	PoC 2	.net framework (5) · windows 7 (5) · windows server 2008 (5)	—
14	сообщество свободного программного обеспечения	14	8	·	·	×4.0PoC 7	debian gnu/linux (13) · grep (1) · perl (1)	—
15	opera	13	3	·	·	×13.0	opera browser (13)	—
16	moodle	10	·	·	·	NEW	moodle (10)	—
17	rockwell automation	8	1	·	·	NEW	compactlogix l32e and l35e controllers (8) · 1756-enbt, 1756-eweb, 1768-enbt, 1768-eweb communication modules (8) · controllogix, compactlogix, guardlogix, and softlogix (8)	—
18	rockwellautomation	8	1	·	·		compactlogix l32e controller (7) · compactlogix l35e controller (7) · controllogix (7)	—
19	sun	7	·	·	·		sunos (7)	—
20	portable sdk for upnp project	6	6	·	·	NEWPoC 3	portable sdk for upnp (6)	—
21	emc	5	2	·	·	PoC 1	alphastor (3) · avamar (1) · avamar plugin (1)	—
22	ge	5	1	·	·		intelligent platforms proficy hmi\/scada cimplicity (3) · intelligent platforms proficy process systems (3) · intelligent platforms proficy process systems with cimplicity (3)	—
23	linux	5	·	·	·		linux kernel (5)	—
24	novell inc.	5	1	1	·	KEV 1	opensuse (3) · suse linux enterprise (1) · suse linux enterprise desktop (1)	—
25	rubygems	5	·	·	·	PoC 3	activerecord (2) · authlogic (1) · activesupport (1)	—
26	rubyonrails	5	·	·	·	PoC 3	rails (5) · ruby on rails (4)	—
27	miniupnp project	4	1	·	·	NEWPoC 1	miniupnpd (4)	—
28	moinmo	4	·	·	·	PoC 1	moinmoin (4)	—
29	pypi	4	·	·	·	PoC 1	moin (4)	—
30	red hat inc.	4	1	2	·	KEV 2	red hat enterprise linux (3) · red hat enterprise linux workstation (2) · red hat enterprise linux server (2)	—
31	tivoli storage productivity center	4	4	·	·	NEW	5.0 (4) · 5.1 (4) · 5.1.1 (4)	—
32	apache	3	1	·	·		cxf (2) · cloudstack (1)	—
33	debian	3	·	·	·	PoC 1	debian linux (3)	—
34	diy-cms	3	·	·	·	NEWPoC 3	diy-cms (3)	—
35	drupal	3	·	·	·		drupal (3)	—
36	freetype	3	·	·	·		freetype (3)	—
37	gentoo foundation inc.	3	·	·	·		gentoo linux (3)	—
38	netartmedia	3	·	·	·	NEWPoC 2	car portal (3)	—
39	shawn bradley	3	·	·	·	NEWPoC 3	php volunteer management (2) · php ticket system (1)	—
40	the centos project	3	1	·	·		centos (3)	—
41	xerox	3	·	·	·	NEW	freeflow print server (3)	—
42	3s-smart software solutions	2	2	·	·	NEW	codesys control rte (2) · codesys control runtime embedded (2) · codesys control runtime full (2)	—
43	3s-software	2	2	·	·	NEW	codesys runtime system (2)	—
44	canonical ltd.	2	1	1	·	KEV 1	ubuntu (2)	—
45	digium	2	·	·	·		asterisk (2) · certified asterisk (2)	—
46	e107	2	·	·	·	PoC 2	e107 (2)	—
47	festo	2	2	·	·	NEW	cecx-x-c1 modular master controller with codesys (2) · cecx-x-m1 modular controller with codesys and softmotion (2)	—
48	hp	2	1	·	·		diagnostics server (1) · pki activex control (1)	—
49	libupnp project	2	2	·	·	NEWPoC 2	libupnp (2)	—
50	maven	2	1	·	·		org.apache.cxf:cxf (2)	—