month report

February 2013

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

February 2013 closed with 410 published CVEs — +17.5% YoY . 104 criticals, oracle led volume, mostly via jdk. Biggest breakout: redhat at ×34.0 their 12-month median. Top weakness class — CWE-119 (46 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

410

— MoM+17.5% YoY

Severity mix

104 / 57

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

1.2%

5 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

4770.0

n=5

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

3762

n=4

Detection gap

KEV pressure, no Nuclei coverage

February 2013 · vendors with active exploitation listed by CISA but no public detection template.

KEV 4opensuse38 CVE
KEV 4redhat34 CVE
KEV 4adobe26 CVE
KEV 4suse6 CVE
KEV 2novell inc.8 CVE
KEV 2adobe systems inc.2 CVE

Weakness × Vendor

What's spreading where in February 2013

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

119Memory Buffer Bounds 79XSS 20Improper Input Validation 362Race Condition 399CWE-399 264CWE-264 200Information Exposure 310CWE-310 416Use After Free 287Improper Authentication oracle 1 microsoft 1 32 15 2 1 1 opensuse 2 1 1 8 sun redhat 4 5 1 6 1 2 3 1 ibm 2 12 1 5 3 adobe 17 3 1 google 2 2 1 3 canonical 2 2 1 2 1 5 linux 5 5 1 2 3 3 2 cisco 3 2 4 2 2 1 1 1 wireshark 2 11 2 1

Breakout vendors

CVE count ≥3× their own 12-period median.

34.0×redhat34 CVE
25.0×canonical25 CVE
8.0×linux24 CVE
7.6×opensuse38 CVE
6.0×ibm30 CVE
5.5×hp11 CVE
4.5×oracle54 CVE
4.0×novell inc.8 CVE
4.0×opera4 CVE
3.8×cisco19 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#193s-software5 CVE
#24cloudbees4 CVE
#26jenkins4 CVE
#30xen4 CVE
#31bigantsoft3 CVE
#35openstack3 CVE
#37qt3 CVE
#38zend3 CVE
#45moxa inc.2 CVE
#49polarssl2 CVE

Top vendors

Ranked by distinct CVE count this period.

1oracle—
54 CVE31 critCVSS 7.8
×4.5
jdk (41) · jre (41) · javafx (13)
2microsoft—
53 CVE15 critCVSS 5.8
PoC 1
windows server 2008 (38) · windows vista (36) · windows 7 (35)
3opensuse—
38 CVE12 critCVSS 7.4
×7.6KEV 4PoC 2
opensuse (38)
4sun—
35 CVE19 critCVSS 8.1
×3.2
jdk (35) · jre (35)
5redhat—
34 CVE5 critCVSS 6.5
×34.0KEV 4PoC 3
enterprise linux server (14) · enterprise linux desktop (14) · enterprise linux workstation (14)
6ibm—
30 CVECVSS 4.9
×6.0
maximo asset management essentials (8) · smartcloud control desk (8) · maximo asset management (8)
7adobe—
26 CVE21 critCVSS 9.6
KEV 4
flash player (22) · air sdk (17) · air (17)
8google—
26 CVECVSS 6.7
chrome (23) · android (2) · android debug bridge (1)
9canonical—
25 CVE12 critCVSS 7.0
×25.0PoC 2
ubuntu linux (25)
10linux—
24 CVECVSS 4.9
×8.0PoC 4
linux kernel (24)
11cisco—
19 CVE1 critCVSS 6.3
×3.8
unified meetingplace (2) · unified communications manager (2) · unity express software (2)
12wireshark—
19 CVECVSS 2.9
wireshark (19)
13mozilla—
17 CVE11 critCVSS 8.2
PoC 2
firefox (14) · seamonkey (14) · thunderbird esr (12)
14hp—
11 CVE4 critCVSS 3.6
×5.5
lefthand p4000 virtual san appliance (4) · san\/iq (4) · arcsight connector appliance (3)
15debian—
9 CVE7 critCVSS 8.4
×3.0
debian linux (9)
16novell inc.—
8 CVECVSS 6.2
×4.0KEV 2PoC 1
opensuse (8) · suse linux enterprise desktop (2)
17gentoo foundation inc.—
6 CVECVSS 4.3
gentoo linux (6)
18suse—
6 CVE1 critCVSS 7.9
KEV 4
linux enterprise desktop (5) · linux enterprise server (2) · linux enterprise software development kit (1)
193s-software—
5 CVE4 critCVSS 9.6
NEW
codesys gateway-server (5)
20fedoraproject—
5 CVE2 critCVSS 6.8
fedora (3) · sssd (2)
21maven—
5 CVECVSS 4.0
org.jenkins-ci.main:jenkins-core (4) · org.bouncycastle:bcprov-jdk15on (1)
22red hat inc.—
5 CVECVSS 3.9
red hat enterprise linux (5)
23rubygems—
5 CVE1 critCVSS 6.5
PoC 4
activerecord (2) · rack (2) · json (1)
24cloudbees—
4 CVECVSS 4.0
NEW
jenkins (4)
25emc—
4 CVECVSS 6.3
rsa archer egrc (4) · rsa archer smartsuite (4)
26jenkins—
4 CVECVSS 4.0
NEW
jenkins (4)
27opera—
4 CVE2 critCVSS 7.3
×4.0
opera browser (4)
28pidgin—
4 CVECVSS 4.9
pidgin (4)
29vmware—
4 CVE1 critCVSS 8.4
esxi (3) · vcenter server (3) · esx (2)
30xen—
4 CVECVSS 5.1
NEW
xen (4)
31bigantsoft—
3 CVE1 critCVSS 7.5
NEW
bigant im message server (3)
32ffmpeg—
3 CVECVSS 7.5
ffmpeg (3)
33joomla—
3 CVECVSS 5.8
joomla\! (3)
34openssl—
3 CVECVSS 4.2
×3.0
openssl (3)
35openstack—
3 CVECVSS 5.5
NEW
keystone (1) · essex (1) · folsom (1)
36packagist—
3 CVE1 critCVSS 6.8
zendframework/zendframework1 (3)
37qt—
3 CVECVSS 4.1
NEW
qt (3)
38zend—
3 CVE1 critCVSS 6.8
NEW
zend framework (3)
39сообщество свободного программного обеспечения—
3 CVECVSS 4.0
Nuclei 1PoC 1
linux (2) · debian gnu/linux (1)
40adobe systems inc.—
2 CVECVSS 7.8
KEV 2
adobe reader (2) · adobe acrobat (2)
41apache—
2 CVECVSS 4.3
http server (2)
42cybozu—
2 CVECVSS 5.2
garoon (2)
43gnu—
2 CVECVSS 4.5
gnutls (1) · glibc (1)
44moxa—
2 CVECVSS 6.7
edr-g903 (1) · edr g903 firmware (1) · edr-g903 firmware (1)
45moxa inc.—
2 CVECVSS 3.5
NEW
moxa edr-810 (2)
46novell—
2 CVE2 critCVSS 9.7
groupwise (2)
47openssl software foundation—
2 CVECVSS 5.0
openssl (2)
48orangehrm—
2 CVECVSS 5.5
PoC 2
orangehrm (2)
49polarssl—
2 CVECVSS 3.5
NEW
polarssl (2)
50rack project—
2 CVECVSS 4.7
NEWPoC 1
rack (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	54	31	·	·	×4.5	jdk (41) · jre (41) · javafx (13)	—
2	microsoft	53	15	·	·	PoC 1	windows server 2008 (38) · windows vista (36) · windows 7 (35)	—
3	opensuse	38	12	4	·	×7.6KEV 4PoC 2	opensuse (38)	—
4	sun	35	19	·	·	×3.2	jdk (35) · jre (35)	—
5	redhat	34	5	4	·	×34.0KEV 4PoC 3	enterprise linux server (14) · enterprise linux desktop (14) · enterprise linux workstation (14)	—
6	ibm	30	·	·	·	×6.0	maximo asset management essentials (8) · smartcloud control desk (8) · maximo asset management (8)	—
7	adobe	26	21	4	·	KEV 4	flash player (22) · air sdk (17) · air (17)	—
8	google	26	·	·	·		chrome (23) · android (2) · android debug bridge (1)	—
9	canonical	25	12	·	·	×25.0PoC 2	ubuntu linux (25)	—
10	linux	24	·	·	·	×8.0PoC 4	linux kernel (24)	—
11	cisco	19	1	·	·	×3.8	unified meetingplace (2) · unified communications manager (2) · unity express software (2)	—
12	wireshark	19	·	·	·		wireshark (19)	—
13	mozilla	17	11	·	·	PoC 2	firefox (14) · seamonkey (14) · thunderbird esr (12)	—
14	hp	11	4	·	·	×5.5	lefthand p4000 virtual san appliance (4) · san\/iq (4) · arcsight connector appliance (3)	—
15	debian	9	7	·	·	×3.0	debian linux (9)	—
16	novell inc.	8	·	2	·	×4.0KEV 2PoC 1	opensuse (8) · suse linux enterprise desktop (2)	—
17	gentoo foundation inc.	6	·	·	·		gentoo linux (6)	—
18	suse	6	1	4	·	KEV 4	linux enterprise desktop (5) · linux enterprise server (2) · linux enterprise software development kit (1)	—
19	3s-software	5	4	·	·	NEW	codesys gateway-server (5)	—
20	fedoraproject	5	2	·	·		fedora (3) · sssd (2)	—
21	maven	5	·	·	·		org.jenkins-ci.main:jenkins-core (4) · org.bouncycastle:bcprov-jdk15on (1)	—
22	red hat inc.	5	·	·	·		red hat enterprise linux (5)	—
23	rubygems	5	1	·	·	PoC 4	activerecord (2) · rack (2) · json (1)	—
24	cloudbees	4	·	·	·	NEW	jenkins (4)	—
25	emc	4	·	·	·		rsa archer egrc (4) · rsa archer smartsuite (4)	—
26	jenkins	4	·	·	·	NEW	jenkins (4)	—
27	opera	4	2	·	·	×4.0	opera browser (4)	—
28	pidgin	4	·	·	·		pidgin (4)	—
29	vmware	4	1	·	·		esxi (3) · vcenter server (3) · esx (2)	—
30	xen	4	·	·	·	NEW	xen (4)	—
31	bigantsoft	3	1	·	·	NEW	bigant im message server (3)	—
32	ffmpeg	3	·	·	·		ffmpeg (3)	—
33	joomla	3	·	·	·		joomla\! (3)	—
34	openssl	3	·	·	·	×3.0	openssl (3)	—
35	openstack	3	·	·	·	NEW	keystone (1) · essex (1) · folsom (1)	—
36	packagist	3	1	·	·		zendframework/zendframework1 (3)	—
37	qt	3	·	·	·	NEW	qt (3)	—
38	zend	3	1	·	·	NEW	zend framework (3)	—
39	сообщество свободного программного обеспечения	3	·	·	1	Nuclei 1PoC 1	linux (2) · debian gnu/linux (1)	—
40	adobe systems inc.	2	·	2	·	KEV 2	adobe reader (2) · adobe acrobat (2)	—
41	apache	2	·	·	·		http server (2)	—
42	cybozu	2	·	·	·		garoon (2)	—
43	gnu	2	·	·	·		gnutls (1) · glibc (1)	—
44	moxa	2	·	·	·		edr-g903 (1) · edr g903 firmware (1) · edr-g903 firmware (1)	—
45	moxa inc.	2	·	·	·	NEW	moxa edr-810 (2)	—
46	novell	2	2	·	·		groupwise (2)	—
47	openssl software foundation	2	·	·	·		openssl (2)	—
48	orangehrm	2	·	·	·	PoC 2	orangehrm (2)	—
49	polarssl	2	·	·	·	NEW	polarssl (2)	—
50	rack project	2	·	·	·	NEWPoC 1	rack (2)	—