month report

July 2013

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

July 2013 closed with 500 published CVEs. 73 criticals, oracle led volume, mostly via mysql. Biggest breakout: suse at ×12.0 their 12-month median. Top weakness class — CWE-79 (64 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

500

— MoM— YoY

Severity mix

73 / 87

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

3.8%

19 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

4624.0

n=19

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

3361

n=2

Detection gap

KEV pressure, no Nuclei coverage

July 2013 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1microsoft34 CVE

Weakness × Vendor

What's spreading where in July 2013

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

79XSS 264CWE-264 119Memory Buffer Bounds 94Code Injection 20Improper Input Validation 200Information Exposure 89SQL Injection 399CWE-399 287Improper Authentication 352CSRF oracle 2 cisco 10 7 5 1 2 1 3 2 2 3 ibm 6 2 2 1 1 9 3 1 microsoft 1 6 3 23 hp 3 2 1 google 4 4 1 1 5 debian 2 2 1 5 opensuse 1 3 apache 1 1 1 6 2 redhat 6 1 1 1 1 1 wireshark 3 4 3 canonical 1 1

Breakout vendors

CVE count ≥3× their own 12-period median.

12.0×suse12 CVE
7.3×phpmyadmin11 CVE
6.0×hp30 CVE
5.7×wireshark17 CVE
5.4×apache19 CVE
5.0×cisco45 CVE
4.0×apache software foundation8 CVE
4.0×ibm corp.8 CVE
4.0×canonical14 CVE
4.0×maven14 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#27juniper7 CVE
#34npm4 CVE
#36verizon4 CVE
#41machform3 CVE
#50fujitsu limited2 CVE
#52kurt gusbeth2 CVE
#56remotesensing2 CVE
#57theforeman2 CVE
#58tinymce2 CVE
#59wave2 CVE

Top vendors

Ranked by distinct CVE count this period.

1oracle—
65 CVE2 critCVSS 5.0
KEV 1Nuclei 1PoC 2
mysql (17) · peoplesoft products (9) · fusion middleware (8)
2cisco—
45 CVE3 critCVSS 6.6
×5.0
unified communications manager (7) · secure access control system (5) · unified operations manager (4)
3ibm—
42 CVE10 critCVSS 5.8
PoC 1
sterling b2b integrator (22) · sterling file gateway (22) · java (8)
4microsoft—
34 CVE23 critCVSS 7.9
×3.4KEV 1PoC 2
internet explorer (18) · windows server 2008 (9) · windows 7 (9)
5hp—
30 CVE7 critCVSS 7.6
×6.0PoC 1
system management homepage (11) · loadrunner (8) · vpn firewall appliance (2)
6google—
23 CVE2 critCVSS 6.5
chrome (21) · android (1) · glass (1)
7debian—
20 CVE1 critCVSS 5.9
debian linux (20)
8opensuse—
20 CVECVSS 5.1
PoC 5
opensuse (20)
9apache—
19 CVE6 critCVSS 7.6
×5.4KEV 1Nuclei 3PoC 5
struts (7) · subversion (4) · openoffice (2)
10redhat—
18 CVECVSS 5.7
PoC 3
enterprise linux (9) · openstack (3) · jboss enterprise application platform (3)
11wireshark—
17 CVECVSS 5.4
×5.7
wireshark (17)
12canonical—
14 CVECVSS 5.4
×4.0PoC 2
ubuntu linux (14)
13maven—
14 CVE6 critCVSS 6.8
×4.0KEV 1Nuclei 3PoC 4
org.apache.struts:struts2-core (7) · org.apache.struts.xwork:xwork-core (4) · net.liftweb:lift-webkit_2.8.0 (1)
14sun—
13 CVECVSS 5.5
sunos (13)
15linux—
12 CVECVSS 4.7
PoC 6
linux kernel (12)
16packagist—
12 CVECVSS 4.6
PoC 1
typo3/cms (4) · phpmyadmin/phpmyadmin (3) · moodle/moodle (3)
17suse—
12 CVECVSS 4.5
×12.0PoC 1
linux enterprise server (11) · linux enterprise desktop (11) · linux enterprise software development kit (10)
18phpmyadmin—
11 CVECVSS 4.5
×7.3PoC 1
phpmyadmin (11)
19wordpress—
11 CVECVSS 4.5
×3.1Nuclei 11PoC 2
wordpress (11)
20mariadb—
10 CVECVSS 4.0
mariadb (10)
21moodle—
10 CVECVSS 4.2
moodle (10)
22symantec—
10 CVECVSS 5.7
PoC 5
web gateway appliance 8490 (6) · web gateway (6) · web gateway appliance 8450 (6)
23apache software foundation—
8 CVE5 critCVSS 8.5
×4.0KEV 1Nuclei 3PoC 3
struts (7) · xerces2 java (1)
24ibm corp.—
8 CVE5 critCVSS 8.6
×4.0KEV 1Nuclei 3PoC 3
ibm call center for commerce (7) · ibm java (1) · ibm platform symphony (1)
25siemens—
8 CVE2 critCVSS 8.1
enterprise openscape branch (4) · openscape session border controller (4) · scalance w700 series firmware (2)
26adobe—
7 CVE6 critCVSS 9.3
flash player (3) · coldfusion (2) · shockwave player (1)
27juniper—
7 CVE1 critCVSS 7.2
NEW
junos (6) · srx3600 (5) · srx3400 (5)
28oracle corp.—
7 CVE4 critCVSS 8.3
KEV 1Nuclei 2PoC 2
mysql enterprise monitor (4) · oracle flexcube private banking (4) · webcenter sites (4)
29emc—
5 CVE1 critCVSS 5.1
avamar server virtual edition (2) · avamar server (2) · rsa authentication manager (1)
30yahoo—
5 CVECVSS 4.4
yui (4) · tumblr (1)
31bestpractical—
4 CVECVSS 4.8
request tracker (4)
32fedoraproject—
4 CVECVSS 5.9
Nuclei 1PoC 1
fedora (3) · 389 directory server (1)
33novell—
4 CVECVSS 6.6
PoC 1
client (2) · suse linux (1) · groupwise (1)
34npm—
4 CVECVSS 4.3
NEW
yui (4)
35typo3—
4 CVECVSS 4.3
typo3 (4)
36verizon—
4 CVECVSS 5.3
NEW
wireless network extender (4)
37videolan—
4 CVE1 critCVSS 6.7
PoC 2
vlc media player (4)
38blackberry—
3 CVECVSS 6.7
PoC 1
qnx software development platform (2) · qnx neutrino rtos (2) · blackberry os (1)
39collabnet—
3 CVECVSS 6.8
PoC 1
subversion (3)
40freebsd—
3 CVECVSS 7.0
freebsd (3)
41machform—
3 CVECVSS 6.2
NEWPoC 3
machform (3)
42red hat inc.—
3 CVE1 critCVSS 6.2
red hat enterprise linux (3)
43сообщество свободного программного обеспечения—
3 CVECVSS 3.9
debian gnu/linux (2) · linux (1)
44acquia—
2 CVECVSS 5.0
PoC 2
commons (2) · commons group (1)
45atlassian—
2 CVECVSS 6.7
crowd (2)
46bmc—
2 CVECVSS 5.9
PoC 2
service desk express (2)
47dell—
2 CVE2 critCVSS 10.0
idrac6 bmc (1) · idrac6 firmware (1)
48drupal—
2 CVECVSS 3.2
PoC 2
drupal (2)
49f5—
2 CVECVSS 6.7
PoC 1
nginx (2)
50fujitsu limited—
2 CVE1 critCVSS 7.8
NEWKEV 1Nuclei 2PoC 1
interstage business process manager analytics (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	65	2	1	1	KEV 1Nuclei 1PoC 2	mysql (17) · peoplesoft products (9) · fusion middleware (8)	—
2	cisco	45	3	·	·	×5.0	unified communications manager (7) · secure access control system (5) · unified operations manager (4)	—
3	ibm	42	10	·	·	PoC 1	sterling b2b integrator (22) · sterling file gateway (22) · java (8)	—
4	microsoft	34	23	1	·	×3.4KEV 1PoC 2	internet explorer (18) · windows server 2008 (9) · windows 7 (9)	—
5	hp	30	7	·	·	×6.0PoC 1	system management homepage (11) · loadrunner (8) · vpn firewall appliance (2)	—
6	google	23	2	·	·		chrome (21) · android (1) · glass (1)	—
7	debian	20	1	·	·		debian linux (20)	—
8	opensuse	20	·	·	·	PoC 5	opensuse (20)	—
9	apache	19	6	1	3	×5.4KEV 1Nuclei 3PoC 5	struts (7) · subversion (4) · openoffice (2)	—
10	redhat	18	·	·	·	PoC 3	enterprise linux (9) · openstack (3) · jboss enterprise application platform (3)	—
11	wireshark	17	·	·	·	×5.7	wireshark (17)	—
12	canonical	14	·	·	·	×4.0PoC 2	ubuntu linux (14)	—
13	maven	14	6	1	3	×4.0KEV 1Nuclei 3PoC 4	org.apache.struts:struts2-core (7) · org.apache.struts.xwork:xwork-core (4) · net.liftweb:lift-webkit_2.8.0 (1)	—
14	sun	13	·	·	·		sunos (13)	—
15	linux	12	·	·	·	PoC 6	linux kernel (12)	—
16	packagist	12	·	·	·	PoC 1	typo3/cms (4) · phpmyadmin/phpmyadmin (3) · moodle/moodle (3)	—
17	suse	12	·	·	·	×12.0PoC 1	linux enterprise server (11) · linux enterprise desktop (11) · linux enterprise software development kit (10)	—
18	phpmyadmin	11	·	·	·	×7.3PoC 1	phpmyadmin (11)	—
19	wordpress	11	·	·	11	×3.1Nuclei 11PoC 2	wordpress (11)	—
20	mariadb	10	·	·	·		mariadb (10)	—
21	moodle	10	·	·	·		moodle (10)	—
22	symantec	10	·	·	·	PoC 5	web gateway appliance 8490 (6) · web gateway (6) · web gateway appliance 8450 (6)	—
23	apache software foundation	8	5	1	3	×4.0KEV 1Nuclei 3PoC 3	struts (7) · xerces2 java (1)	—
24	ibm corp.	8	5	1	3	×4.0KEV 1Nuclei 3PoC 3	ibm call center for commerce (7) · ibm java (1) · ibm platform symphony (1)	—
25	siemens	8	2	·	·		enterprise openscape branch (4) · openscape session border controller (4) · scalance w700 series firmware (2)	—
26	adobe	7	6	·	·		flash player (3) · coldfusion (2) · shockwave player (1)	—
27	juniper	7	1	·	·	NEW	junos (6) · srx3600 (5) · srx3400 (5)	—
28	oracle corp.	7	4	1	2	KEV 1Nuclei 2PoC 2	mysql enterprise monitor (4) · oracle flexcube private banking (4) · webcenter sites (4)	—
29	emc	5	1	·	·		avamar server virtual edition (2) · avamar server (2) · rsa authentication manager (1)	—
30	yahoo	5	·	·	·		yui (4) · tumblr (1)	—
31	bestpractical	4	·	·	·		request tracker (4)	—
32	fedoraproject	4	·	·	1	Nuclei 1PoC 1	fedora (3) · 389 directory server (1)	—
33	novell	4	·	·	·	PoC 1	client (2) · suse linux (1) · groupwise (1)	—
34	npm	4	·	·	·	NEW	yui (4)	—
35	typo3	4	·	·	·		typo3 (4)	—
36	verizon	4	·	·	·	NEW	wireless network extender (4)	—
37	videolan	4	1	·	·	PoC 2	vlc media player (4)	—
38	blackberry	3	·	·	·	PoC 1	qnx software development platform (2) · qnx neutrino rtos (2) · blackberry os (1)	—
39	collabnet	3	·	·	·	PoC 1	subversion (3)	—
40	freebsd	3	·	·	·		freebsd (3)	—
41	machform	3	·	·	·	NEWPoC 3	machform (3)	—
42	red hat inc.	3	1	·	·		red hat enterprise linux (3)	—
43	сообщество свободного программного обеспечения	3	·	·	·		debian gnu/linux (2) · linux (1)	—
44	acquia	2	·	·	·	PoC 2	commons (2) · commons group (1)	—
45	atlassian	2	·	·	·		crowd (2)	—
46	bmc	2	·	·	·	PoC 2	service desk express (2)	—
47	dell	2	2	·	·		idrac6 bmc (1) · idrac6 firmware (1)	—
48	drupal	2	·	·	·	PoC 2	drupal (2)	—
49	f5	2	·	·	·	PoC 1	nginx (2)	—
50	fujitsu limited	2	1	1	2	NEWKEV 1Nuclei 2PoC 1	interstage business process manager analytics (2)	—