month report

May 2014

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

May 2014 closed with 555 published CVEs — +55.0% YoY . 42 criticals, cisco led volume, mostly via telepresence tc software. Biggest breakout: adobe systems inc. at ×14.0 their 12-month median. Top weakness class — CWE-264 (86 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

555

— MoM+55.0% YoY

Severity mix

42 / 100

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

4.1%

23 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

4306.2

n=23

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

2879

n=3

Detection gap

KEV pressure, no Nuclei coverage

May 2014 · vendors with active exploitation listed by CISA but no public detection template.

KEV 2redhat17 CVE
KEV 1canonical19 CVE
KEV 1microsoft15 CVE
KEV 1debian14 CVE
KEV 1microsoft corp14 CVE
KEV 1сообщество свободного программного обеспечения11 CVE
KEV 1oracle8 CVE
KEV 1rubygems8 CVE

Weakness × Vendor

What's spreading where in May 2014

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

264CWE-264 79XSS 20Improper Input Validation 119Memory Buffer Bounds 352CSRF 200Information Exposure 287Improper Authentication 310CWE-310 89SQL Injection 94Code Injection cisco 6 4 29 9 2 1 2 1 1 2 ibm 9 16 4 3 9 2 1 1 apple 1 1 18 1 pypi 3 2 4 1 4 1 2 canonical 5 3 1 1 redhat 5 1 2 3 1 google 2 1 1 1 adobe 6 6 1 microsoft 2 1 3 2 1 3 adobe systems inc.6 5 1 debian 1 1 1 microsoft corp 2 1 2 2 1 3

Breakout vendors

CVE count ≥3× their own 12-period median.

14.0×adobe systems inc.14 CVE
12.0×google inc12 CVE
7.0×microsoft corp14 CVE
7.0×citrix7 CVE
6.0×gitlab6 CVE
4.5×mediawiki9 CVE
4.5×theforeman9 CVE
3.3×packagist10 CVE
3.0×apache software foundation6 CVE
3.0×coreftp3 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#28gitlab6 CVE
#36caldera4 CVE
#40mageia project4 CVE
#46ayatana project3 CVE
#48cogent3 CVE
#49coreftp3 CVE
#51imember3603 CVE
#55barracudadrive2 CVE
#56bizagi2 CVE
#60dotclear2 CVE

Top vendors

Ranked by distinct CVE count this period.

1cisco↑3
61 CVE8 critCVSS 7.1
telepresence tc software (13) · telepresence te software (13) · telepresence system software (7)
2ibm↑7
57 CVECVSS 4.8
PoC 1
maximo asset management (11) · sametime (10) · smartcloud control desk (10)
3apple↑4
21 CVECVSS 6.5
safari (19) · itunes (1) · mac os x (1)
4pypi↑13
20 CVECVSS 4.7
PoC 4
django (2) · jinja2 (2) · soappy (2)
5canonical↓2
19 CVE1 critCVSS 5.1
KEV 1PoC 3
ubuntu linux (19) · ltsp display manager (1) · software-properties (1)
6redhat·
17 CVECVSS 4.3
KEV 2PoC 2
enterprise linux eus (3) · rhevm-reports (3) · icedtea-web (2)
7google↑5
16 CVECVSS 6.5
PoC 2
chrome (13) · android (1) · android debug bridge (1)
8adobe↑25
15 CVE9 critCVSS 8.7
acrobat (9) · acrobat reader (9) · adobe air (5)
9microsoft↑5
15 CVE6 critCVSS 7.5
KEV 1
windows server 2008 (4) · windows server 2012 (4) · internet explorer (3)
10adobe systems inc.↑101
14 CVE8 critCVSS 8.7
×14.0
adobe reader (7) · adobe pepper flash для google chrome (4) · adobe acrobat (2)
11debian↓6
14 CVECVSS 5.4
KEV 1PoC 3
debian linux (8) · dpkg (2) · dpkg-dev (2)
12microsoft corp↑3
14 CVE6 critCVSS 7.4
×7.0KEV 1
windows server 2012 r2 (4) · windows server 2012 (4) · microsoft office 2013 (3)
13apache↑16
12 CVECVSS 4.9
tomcat (5) · cxf (2) · cloudstack (2)
14google inc↓1
12 CVECVSS 6.8
×12.0
google chrome (12)
15maven↑9
11 CVECVSS 4.6
PoC 1
org.apache.tomcat:tomcat (4) · org.apache.cxf:cxf-core (2) · org.apache.tomcat:tomcat-catalina (2)
16сообщество свободного программного обеспечения↑15
11 CVECVSS 5.3
KEV 1PoC 4
linux (6) · debian gnu/linux (5)
17packagist↑42
10 CVECVSS 5.4
×3.3
moodle/moodle (6) · typo3/cms (3) · typo3/cms-core (1)
18gentoo foundation inc.↑2
9 CVE1 critCVSS 5.7
gentoo linux (9)
19mediawiki↑67
9 CVECVSS 5.7
×4.5
mediawiki (9)
20opensuse↓10
9 CVECVSS 4.5
PoC 1
opensuse (9)
21theforeman↑82
9 CVECVSS 5.4
×4.5PoC 1
foreman (8) · kafo (1)
22oracle↓21
8 CVE2 critCVSS 6.0
KEV 1PoC 3
linux (5) · openjdk (2) · solaris (1)
23rubygems↑20
8 CVE1 critCVSS 6.5
KEV 1PoC 7
actionpack (1) · omniauth-facebook (1) · arabic-prawn (1)
24citrix↑110
7 CVE2 critCVSS 8.1
×7.0
cloudplatform (3) · netscaler access gateway (3) · netscaler access gateway firmware (3)
25linux↓2
7 CVECVSS 4.9
KEV 1PoC 3
linux kernel (7)
26apache software foundation↑20
6 CVECVSS 4.8
×3.0
tomcat (5) · struts (1)
27fedoraproject↓19
6 CVECVSS 5.0
fedora (6)
28gitlab—
6 CVECVSS 6.4
NEW×6.0PoC 1
gitlab (6) · gitlab-shell (3)
29gnu↑50
6 CVECVSS 3.4
PoC 1
emacs (4) · grub (1) · rush (1)
30moodle—
6 CVECVSS 5.2
moodle (6)
31xen↓5
6 CVECVSS 4.1
xen (6)
32cogentdatahub—
5 CVECVSS 7.2
cogent datahub (5)
33hp↓6
5 CVECVSS 3.4
operations manager i (1) · sn6000 stackable 8gb 12-port single power fibre channel switch (1) · 8\/20q fibre channel switch 8 port (1)
34ibm corp.↑21
5 CVECVSS 4.7
websphere application server (4) · ibm platform symphony (1) · ibm call center for commerce (1)
35suse↓16
5 CVECVSS 4.7
KEV 1PoC 1
linux enterprise desktop (3) · linux enterprise server (3) · linux enterprise real time extension (2)
36caldera—
4 CVE1 critCVSS 7.5
NEWPoC 1
caldera (4)
37dlink—
4 CVE1 critCVSS 7.4
PoC 2
dap 1150 (2) · dap 1150 firmware (2) · dap-1350 (1)
38emc↓4
4 CVE1 critCVSS 7.1
PoC 1
documentum d2 (1) · rsa access manager (1) · rsa archer egrc (1)
39livezilla—
4 CVECVSS 5.7
PoC 3
livezilla (4)
40mageia project—
4 CVECVSS 3.3
NEW
mageia (4)
41mahara—
4 CVECVSS 4.5
mahara (4)
42openstack↓12
4 CVECVSS 3.6
compute (1) · heat (1) · horizon (1)
43opentext—
4 CVECVSS 6.3
exceed ondemand (4)
44red hat inc.↑55
4 CVECVSS 5.4
red hat enterprise linux (4)
45typo3—
4 CVECVSS 5.6
typo3 (4)
46ayatana project—
3 CVECVSS 4.4
NEWPoC 1
unity (3)
47cisco systems inc.↓7
3 CVECVSS 7.3
nexus 7000 (3)
48cogent—
3 CVECVSS 7.0
NEW
datahub (3)
49coreftp↑89
3 CVECVSS 4.1
NEW×3.0PoC 3
core ftp (3)
50f5↑102
3 CVE1 critCVSS 6.1
×3.0KEV 1PoC 3
big-ip access policy manager (2) · big-ip application security manager (2) · big-ip edge gateway (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	cisco	61	8	·	·		telepresence tc software (13) · telepresence te software (13) · telepresence system software (7)	↑3
2	ibm	57	·	·	·	PoC 1	maximo asset management (11) · sametime (10) · smartcloud control desk (10)	↑7
3	apple	21	·	·	·		safari (19) · itunes (1) · mac os x (1)	↑4
4	pypi	20	·	·	·	PoC 4	django (2) · jinja2 (2) · soappy (2)	↑13
5	canonical	19	1	1	·	KEV 1PoC 3	ubuntu linux (19) · ltsp display manager (1) · software-properties (1)	↓2
6	redhat	17	·	2	·	KEV 2PoC 2	enterprise linux eus (3) · rhevm-reports (3) · icedtea-web (2)	·
7	google	16	·	·	·	PoC 2	chrome (13) · android (1) · android debug bridge (1)	↑5
8	adobe	15	9	·	·		acrobat (9) · acrobat reader (9) · adobe air (5)	↑25
9	microsoft	15	6	1	·	KEV 1	windows server 2008 (4) · windows server 2012 (4) · internet explorer (3)	↑5
10	adobe systems inc.	14	8	·	·	×14.0	adobe reader (7) · adobe pepper flash для google chrome (4) · adobe acrobat (2)	↑101
11	debian	14	·	1	·	KEV 1PoC 3	debian linux (8) · dpkg (2) · dpkg-dev (2)	↓6
12	microsoft corp	14	6	1	·	×7.0KEV 1	windows server 2012 r2 (4) · windows server 2012 (4) · microsoft office 2013 (3)	↑3
13	apache	12	·	·	·		tomcat (5) · cxf (2) · cloudstack (2)	↑16
14	google inc	12	·	·	·	×12.0	google chrome (12)	↓1
15	maven	11	·	·	·	PoC 1	org.apache.tomcat:tomcat (4) · org.apache.cxf:cxf-core (2) · org.apache.tomcat:tomcat-catalina (2)	↑9
16	сообщество свободного программного обеспечения	11	·	1	·	KEV 1PoC 4	linux (6) · debian gnu/linux (5)	↑15
17	packagist	10	·	·	·	×3.3	moodle/moodle (6) · typo3/cms (3) · typo3/cms-core (1)	↑42
18	gentoo foundation inc.	9	1	·	·		gentoo linux (9)	↑2
19	mediawiki	9	·	·	·	×4.5	mediawiki (9)	↑67
20	opensuse	9	·	·	·	PoC 1	opensuse (9)	↓10
21	theforeman	9	·	·	·	×4.5PoC 1	foreman (8) · kafo (1)	↑82
22	oracle	8	2	1	·	KEV 1PoC 3	linux (5) · openjdk (2) · solaris (1)	↓21
23	rubygems	8	1	1	·	KEV 1PoC 7	actionpack (1) · omniauth-facebook (1) · arabic-prawn (1)	↑20
24	citrix	7	2	·	·	×7.0	cloudplatform (3) · netscaler access gateway (3) · netscaler access gateway firmware (3)	↑110
25	linux	7	·	1	·	KEV 1PoC 3	linux kernel (7)	↓2
26	apache software foundation	6	·	·	·	×3.0	tomcat (5) · struts (1)	↑20
27	fedoraproject	6	·	·	·		fedora (6)	↓19
28	gitlab	6	·	·	·	NEW×6.0PoC 1	gitlab (6) · gitlab-shell (3)	—
29	gnu	6	·	·	·	PoC 1	emacs (4) · grub (1) · rush (1)	↑50
30	moodle	6	·	·	·		moodle (6)	—
31	xen	6	·	·	·		xen (6)	↓5
32	cogentdatahub	5	·	·	·		cogent datahub (5)	—
33	hp	5	·	·	·		operations manager i (1) · sn6000 stackable 8gb 12-port single power fibre channel switch (1) · 8\/20q fibre channel switch 8 port (1)	↓6
34	ibm corp.	5	·	·	·		websphere application server (4) · ibm platform symphony (1) · ibm call center for commerce (1)	↑21
35	suse	5	·	1	·	KEV 1PoC 1	linux enterprise desktop (3) · linux enterprise server (3) · linux enterprise real time extension (2)	↓16
36	caldera	4	1	·	·	NEWPoC 1	caldera (4)	—
37	dlink	4	1	·	·	PoC 2	dap 1150 (2) · dap 1150 firmware (2) · dap-1350 (1)	—
38	emc	4	1	·	·	PoC 1	documentum d2 (1) · rsa access manager (1) · rsa archer egrc (1)	↓4
39	livezilla	4	·	·	·	PoC 3	livezilla (4)	—
40	mageia project	4	·	·	·	NEW	mageia (4)	—
41	mahara	4	·	·	·		mahara (4)	—
42	openstack	4	·	·	·		compute (1) · heat (1) · horizon (1)	↓12
43	opentext	4	·	·	·		exceed ondemand (4)	—
44	red hat inc.	4	·	·	·		red hat enterprise linux (4)	↑55
45	typo3	4	·	·	·		typo3 (4)	—
46	ayatana project	3	·	·	·	NEWPoC 1	unity (3)	—
47	cisco systems inc.	3	·	·	·		nexus 7000 (3)	↓7
48	cogent	3	·	·	·	NEW	datahub (3)	—
49	coreftp	3	·	·	·	NEW×3.0PoC 3	core ftp (3)	↑89
50	f5	3	1	1	·	×3.0KEV 1PoC 3	big-ip access policy manager (2) · big-ip application security manager (2) · big-ip edge gateway (2)	↑102