month report
April 2013
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
April 2013 closed with 434 published CVEs. 66 criticals, oracle led volume, mostly via jre. Biggest breakout: schneider-electric at ×7.0 their 12-month median. Top weakness class — CWE-264 (38 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
434
— MoM— YoY
Severity mix
66 / 69
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
1.8%
8 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
4712.9
n=8
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
3384
n=2
Weakness × Vendor
What's spreading where in April 2013
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
264CWE-264119Memory Buffer Bounds200Information Exposure20Improper Input Validation79XSS352CSRF287Improper Authentication362Race Condition399CWE-39916CWE-16oracle1cisco58313332sunredhat41111111ibm34110111linux41811mariadbmicrosoft113142rubygems31411сообщество свободного программного обеспечения1111mozilla2211canonical131
Breakout vendors
CVE count ≥3× their own 12-period median.
- 7.0×schneider-electric7 CVE
- 5.0×phpmyadmin5 CVE
- 4.7×rubygems14 CVE
- 4.7×сообщество свободного программного обеспечения14 CVE
- 4.0×nvidia4 CVE
- 3.0×oracle corp.3 CVE
- 3.0×ruby-lang3 CVE
- 3.0×todd miller3 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #25ithemes4 CVE
- #38todd miller3 CVE
- #39xmlsoft3 CVE
- #40crunchify2 CVE
- #43fenrir-inc2 CVE
- #44motorola2 CVE
- #49siemens ag2 CVE
- #51airdroid1 CVE
- #52arecont1 CVE
- #53avast1 CVE
Top vendors
Ranked by distinct CVE count this period.
- 137 CVE23 critCVSS 6.0KEV 1PoC 1jre (38) · jdk (37) · mysql (24)
- 47 CVE7 critCVSS 7.6adaptive security appliance software (9) · unified computing system infrastructure and unified computing system software (7) · unified computing system 6248up fabric interconnect (7)
- 39 CVE12 critCVSS 7.0jdk (23) · jre (23) · sunos (16)
- 29 CVECVSS 4.8PoC 3enterprise linux server (15) · enterprise linux eus (15) · enterprise linux desktop (15)
- 28 CVE6 critCVSS 5.4websphere application server (6) · spss samplepower (4) · tririga application platform (3)
- 26 CVECVSS 4.9KEV 1PoC 14linux kernel (26)
- 19 CVECVSS 4.4mariadb (19)
- 14 CVE3 critCVSS 6.6windows vista (6) · windows server 2008 (6) · windows 8 (5)
- 14 CVE3 critCVSS 7.5×4.7PoC 12activerecord (1) · crack (1) · devise (1)
- 14 CVECVSS 5.2×4.7PoC 13debian gnu/linux (14)
- 13 CVE5 critCVSS 7.3firefox (13) · seamonkey (10) · thunderbird (8)
- 11 CVECVSS 5.8KEV 1PoC 2ubuntu linux (11)
- 10 CVE1 critCVSS 6.1KEV 1PoC 1opensuse (10)
- 9 CVE7 critCVSS 9.7shockwave player (4) · flash player (3) · adobe air (3)
- 9 CVECVSS 4.9gentoo linux (9)
- 7 CVE2 critCVSS 6.4×7.0PoC 2modicon m340 (3) · modicon quantum plc (2) · modicon premium (2)
- 6 CVE1 critCVSS 5.7PoC 1chrome os (5) · authenticator (1)
- 5 CVE2 critCVSS 7.4imanager (2) · kanaka (1) · groupwise (1)
- 5 CVECVSS 5.4×5.0PoC 2phpmyadmin (5)
- 5 CVE2 critCVSS 7.8postgresql (5)
- 4 CVECVSS 5.4activemq (3) · maven (1)
- 4 CVECVSS 6.7PoC 2php address book (4)
- 4 CVECVSS 6.8datahub quicktrend (4) · opc datahub (4) · cascade datahub (4)
- 4 CVECVSS 5.1laserjet m5025 mfp (1) · laserjet m5035 mfp (1) · laserjet m9040 mpf (1)
- 4 CVECVSS 6.9NEWNuclei 4PoC 4backupbuddy (4)
- 4 CVECVSS 5.1org.apache.activemq:activemq-core (1) · org.apache.activemq:activemq-web-demo (1) · org.jruby:jruby (1)
- 4 CVECVSS 7.0×4.0driver (2) · gpu driver (1) · display driver (1)
- 4 CVECVSS 5.2folsom (2) · keystone (2) · keystone essex (2)
- 4 CVECVSS 5.4django (2) · keystone (2)
- 4 CVE1 critCVSS 8.2factorytalk services platform (2) · rslinx enterprise (2)
- 4 CVE1 critCVSS 7.9PoC 2modicon m340 (3) · citect scada (1) · citect facilities (1)
- 3 CVECVSS 4.4mac os x (3)
- 3 CVECVSS 6.3PoC 1fedora (3)
- 3 CVECVSS 6.0poppler (3)
- 3 CVECVSS 6.3suse linux enterprise (3)
- 3 CVECVSS 3.9×3.0KEV 1PoC 1mysql (2) · java runtime environment (1)
- 3 CVECVSS 5.0×3.0ruby (3)
- 3 CVECVSS 4.4NEW×3.0sudo (3)
- 3 CVECVSS 5.6NEWlibxml2 (2) · libxslt (1)
- 2 CVECVSS 6.8NEWNuclei 2foursquare-checkins (1) · all-in-on-webmaster (1)
- 2 CVECVSS 6.8cybozu office (2) · mailwise (1) · cybozu dezie (1)
- 2 CVECVSS 7.2debian linux (2)
- 2 CVECVSS 5.4NEWsleipnir mobile (1) · sleipnir (1)
- 2 CVECVSS 6.5NEWKEV 1android (2) · razr m (1) · atrix hd (1)
- 2 CVE1 critCVSS 7.5opera browser (2)
- 2 CVECVSS 7.0parallels plesk panel (2)
- 2 CVECVSS 6.4red hat openstack platform 4 (1) · red hat enterprise linux openstack platform 5 (icehouse) (1) · red hat openstack platform 13 (queens) (1)
- 2 CVECVSS 7.8simatic s7-1200 cpu 1211c firmware (2) · simatic s7-1200 cpu 1212c firmware (2) · simatic s7-1200 cpu 1212fc firmware (2)
- 2 CVECVSS 7.8NEWмикропрограммное обеспечение программируемого логического контроллера siemens simatic s7-1200 (2)
- 2 CVECVSS 7.0PoC 1linux enterprise desktop (2) · linux enterprise server (2) · linux enterprise high availability extension (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | oracle | 137 | 23 | 1 | · | KEV 1PoC 1 | jre (38) · jdk (37) · mysql (24) | — | |
| 2 | cisco | 47 | 7 | · | · | adaptive security appliance software (9) · unified computing system infrastructure and unified computing system software (7) · unified computing system 6248up fabric interconnect (7) | — | ||
| 3 | sun | 39 | 12 | · | · | jdk (23) · jre (23) · sunos (16) | — | ||
| 4 | redhat | 29 | · | · | · | PoC 3 | enterprise linux server (15) · enterprise linux eus (15) · enterprise linux desktop (15) | — | |
| 5 | ibm | 28 | 6 | · | · | websphere application server (6) · spss samplepower (4) · tririga application platform (3) | — | ||
| 6 | linux | 26 | · | 1 | · | KEV 1PoC 14 | linux kernel (26) | — | |
| 7 | mariadb | 19 | · | · | · | mariadb (19) | — | ||
| 8 | microsoft | 14 | 3 | · | · | windows vista (6) · windows server 2008 (6) · windows 8 (5) | — | ||
| 9 | rubygems | 14 | 3 | · | · | ×4.7PoC 12 | activerecord (1) · crack (1) · devise (1) | — | |
| 10 | сообщество свободного программного обеспечения | 14 | · | · | · | ×4.7PoC 13 | debian gnu/linux (14) | — | |
| 11 | mozilla | 13 | 5 | · | · | firefox (13) · seamonkey (10) · thunderbird (8) | — | ||
| 12 | canonical | 11 | · | 1 | · | KEV 1PoC 2 | ubuntu linux (11) | — | |
| 13 | opensuse | 10 | 1 | 1 | · | KEV 1PoC 1 | opensuse (10) | — | |
| 14 | adobe | 9 | 7 | · | · | shockwave player (4) · flash player (3) · adobe air (3) | — | ||
| 15 | gentoo foundation inc. | 9 | · | · | · | gentoo linux (9) | — | ||
| 16 | schneider-electric | 7 | 2 | · | · | ×7.0PoC 2 | modicon m340 (3) · modicon quantum plc (2) · modicon premium (2) | — | |
| 17 | 6 | 1 | · | · | PoC 1 | chrome os (5) · authenticator (1) | — | ||
| 18 | novell | 5 | 2 | · | · | imanager (2) · kanaka (1) · groupwise (1) | — | ||
| 19 | phpmyadmin | 5 | · | · | · | ×5.0PoC 2 | phpmyadmin (5) | — | |
| 20 | postgresql | 5 | 2 | · | · | postgresql (5) | — | ||
| 21 | apache | 4 | · | · | · | activemq (3) · maven (1) | — | ||
| 22 | chatelao | 4 | · | · | · | PoC 2 | php address book (4) | — | |
| 23 | cogentdatahub | 4 | · | · | · | datahub quicktrend (4) · opc datahub (4) · cascade datahub (4) | — | ||
| 24 | hp | 4 | · | · | · | laserjet m5025 mfp (1) · laserjet m5035 mfp (1) · laserjet m9040 mpf (1) | — | ||
| 25 | ithemes | 4 | · | · | 4 | NEWNuclei 4PoC 4 | backupbuddy (4) | — | |
| 26 | maven | 4 | · | · | · | org.apache.activemq:activemq-core (1) · org.apache.activemq:activemq-web-demo (1) · org.jruby:jruby (1) | — | ||
| 27 | nvidia | 4 | · | · | · | ×4.0 | driver (2) · gpu driver (1) · display driver (1) | — | |
| 28 | openstack | 4 | · | · | · | folsom (2) · keystone (2) · keystone essex (2) | — | ||
| 29 | pypi | 4 | · | · | · | django (2) · keystone (2) | — | ||
| 30 | rockwellautomation | 4 | 1 | · | · | factorytalk services platform (2) · rslinx enterprise (2) | — | ||
| 31 | schneider electric | 4 | 1 | · | · | PoC 2 | modicon m340 (3) · citect scada (1) · citect facilities (1) | — | |
| 32 | apple | 3 | · | · | · | mac os x (3) | — | ||
| 33 | fedoraproject | 3 | · | · | · | PoC 1 | fedora (3) | — | |
| 34 | freedesktop | 3 | · | · | · | poppler (3) | — | ||
| 35 | novell inc. | 3 | · | · | · | suse linux enterprise (3) | — | ||
| 36 | oracle corp. | 3 | · | 1 | · | ×3.0KEV 1PoC 1 | mysql (2) · java runtime environment (1) | — | |
| 37 | ruby-lang | 3 | · | · | · | ×3.0 | ruby (3) | — | |
| 38 | todd miller | 3 | · | · | · | NEW×3.0 | sudo (3) | — | |
| 39 | xmlsoft | 3 | · | · | · | NEW | libxml2 (2) · libxslt (1) | — | |
| 40 | crunchify | 2 | · | · | 2 | NEWNuclei 2 | foursquare-checkins (1) · all-in-on-webmaster (1) | — | |
| 41 | cybozu | 2 | · | · | · | cybozu office (2) · mailwise (1) · cybozu dezie (1) | — | ||
| 42 | debian | 2 | · | · | · | debian linux (2) | — | ||
| 43 | fenrir-inc | 2 | · | · | · | NEW | sleipnir mobile (1) · sleipnir (1) | — | |
| 44 | motorola | 2 | · | 1 | · | NEWKEV 1 | android (2) · razr m (1) · atrix hd (1) | — | |
| 45 | opera | 2 | 1 | · | · | opera browser (2) | — | ||
| 46 | parallels | 2 | · | · | · | parallels plesk panel (2) | — | ||
| 47 | red hat | 2 | · | · | · | red hat openstack platform 4 (1) · red hat enterprise linux openstack platform 5 (icehouse) (1) · red hat openstack platform 13 (queens) (1) | — | ||
| 48 | siemens | 2 | · | · | · | simatic s7-1200 cpu 1211c firmware (2) · simatic s7-1200 cpu 1212c firmware (2) · simatic s7-1200 cpu 1212fc firmware (2) | — | ||
| 49 | siemens ag | 2 | · | · | · | NEW | микропрограммное обеспечение программируемого логического контроллера siemens simatic s7-1200 (2) | — | |
| 50 | suse | 2 | · | · | · | PoC 1 | linux enterprise desktop (2) · linux enterprise server (2) · linux enterprise high availability extension (1) | — |