month report
July 2014
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
July 2014 closed with 656 published CVEs. 79 criticals, oracle led volume, mostly via fusion middleware. Biggest breakout: php at ×10.0 their 12-month median. Top weakness class — CWE-79 (171 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
656
— MoM— YoY
Severity mix
79 / 71
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
14.8%
97 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
4265.1
n=97
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
2838
n=2
Detection gap
KEV pressure, no Nuclei coverage
July 2014 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 1ibm40 CVE
Weakness × Vendor
What's spreading where in July 2014
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS119Memory Buffer Bounds264CWE-264200Information Exposure20Improper Input Validation89SQL Injection22Path Traversal352CSRF94Code Injection287Improper Authenticationoracle11141apple151323ibm11593121oracle corp.1cisco524371311microsoft21311microsoft corp21311debian21151redhat11422canonical2hp21suse
Breakout vendors
CVE count ≥3× their own 12-period median.
- 10.0×php10 CVE
- 7.6×oracle99 CVE
- 7.0×php group7 CVE
- 5.4×oracle corp.38 CVE
- 5.4×microsoft corp27 CVE
- 5.0×citrix5 CVE
- 4.0×packagist12 CVE
- 4.0×phpmyadmin4 CVE
- 3.0×apache software foundation6 CVE
- 3.0×cybozu6 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #21netgate10 CVE
- #40netfortris4 CVE
- #41pfsense4 CVE
- #44shopizer4 CVE
- #46aas93 CVE
- #51email\3 CVE
- #52file project3 CVE
- #53foecms3 CVE
- #55gitlist3 CVE
- #57oleumtech3 CVE
Top vendors
Ranked by distinct CVE count this period.
- 99 CVE9 critCVSS 5.3×7.6Nuclei 1PoC 3fusion middleware (21) · jdk (20) · jre (20)
- 45 CVE10 critCVSS 6.5PoC 3iphone os (24) · mac os x (19) · tvos (16)
- 40 CVECVSS 4.4KEV 1PoC 13algo credit limits (9) · algorithmics (8) · websphere portal unified task list portlet (4)
- 38 CVE8 critCVSS 6.0×5.4Nuclei 1PoC 1java platform (20) · weblogic server (15) · database (3)
- 33 CVE3 critCVSS 6.2webex meetings server (6) · unified communications manager (5) · unified communications domain manager (4)
- 29 CVE23 critCVSS 8.3PoC 2internet explorer (23) · windows server 2012 (4) · windows 8 (4)
- 27 CVE22 critCVSS 8.2×5.4PoC 2internet explorer (22) · windows 7 service pack 1 (3) · windows 8 (3)
- 26 CVE3 critCVSS 5.6PoC 4debian linux (26)
- 23 CVE2 critCVSS 5.5PoC 3jboss enterprise application platform (8) · enterprise linux workstation (5) · enterprise linux desktop (5)
- 16 CVE1 critCVSS 4.9PoC 2ubuntu linux (16) · acpi-support (1)
- 16 CVE5 critCVSS 7.6PoC 1intelligent management center (5) · imc branch intelligent management system software module (5) · universal configuration management database (3)
- 15 CVECVSS 4.9PoC 1linux enterprise server (15) · linux enterprise desktop (9) · linux enterprise software development kit (5)
- 15 CVE1 critCVSS 4.9PoC 2debian gnu/linux (14) · linux (1)
- 14 CVE9 critCVSS 8.4firefox (14) · thunderbird (13) · firefox esr (6)
- 14 CVE9 critCVSS 8.0firefox (6) · firefox esr (4) · thunderbird (4)
- 13 CVECVSS 4.8PoC 1moodle (13)
- 12 CVE1 critCVSS 5.2PoC 2opensuse (12)
- 12 CVECVSS 4.9×4.0PoC 2moodle/moodle (10) · phpmyadmin/phpmyadmin (1) · yiisoft/yii (1)
- 11 CVECVSS 4.4PoC 3http server (6) · cxf (2) · subversion (2)
- 10 CVECVSS 5.2PoC 2linux kernel (10)
- 10 CVECVSS 5.2NEWPoC 1pfsense (10)
- 10 CVECVSS 5.2×10.0PoC 1php (10)
- 8 CVE1 critCVSS 5.5PoC 2fedora (8)
- 8 CVE3 critCVSS 7.3PoC 2chrome (4) · sketchup (3) · android (1)
- 7 CVECVSS 5.5KEV 1Nuclei 1PoC 3org.glassfish:javax.faces (1) · io.netty:netty-handler (1) · org.apache.cxf:cxf-core (1)
- 7 CVE1 critCVSS 5.4opensuse (7)
- 7 CVECVSS 5.0×7.0php (7)
- 6 CVECVSS 5.0×3.0PoC 2http server (6)
- 6 CVE1 critCVSS 5.3×3.0garoon (6)
- 6 CVECVSS 6.5PoC 2documentum content server (2) · documentum eroom (1) · documentum foundation services (1)
- 6 CVE1 critCVSS 7.0junos (6) · srx100 (3) · srx110 (3)
- 6 CVECVSS 4.9PoC 5hana extended application services (2) · hana (1) · fi manager self-service (1)
- 5 CVE1 critCVSS 7.6PoC 1advantech webaccess (5) · webaccess (5)
- 5 CVE1 critCVSS 5.3×5.0xenserver (2) · netscaler access gateway firmware (2) · netscaler application delivery controller (2)
- 5 CVECVSS 4.6mariadb (5)
- 5 CVECVSS 5.5simatic pcs7 (5) · wincc (5)
- 5 CVECVSS 5.5simatic wincc (5)
- 4 CVECVSS 4.1drupal (4)
- 4 CVECVSS 3.1PoC 1gentoo linux (4)
- 4 CVECVSS 6.1NEWNuclei 1PoC 4trixbox (4)
- 4 CVECVSS 5.0NEWsuricata package (2) · snort package (2)
- 4 CVECVSS 3.6×4.0phpmyadmin (4)
- 4 CVE1 critCVSS 6.1red hat enterprise linux (4)
- 4 CVECVSS 6.1NEWPoC 1shopizer (4)
- 4 CVECVSS 5.2sunos (4)
- 3 CVECVSS 5.4NEWPoC 3zerocms (3)
- 3 CVECVSS 6.4PoC 1adobe air sdk (3) · adobe air (3) · flash player (3)
- 3 CVECVSS 6.4×3.0PoC 1flash player (2) · adobe pepper flash для google chrome (1)
- 3 CVE3 critCVSS 9.5×3.0sketchbook pro (2) · vred (1)
- 3 CVECVSS 6.0PoC 1file (3)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | oracle | 99 | 9 | · | 1 | ×7.6Nuclei 1PoC 3 | fusion middleware (21) · jdk (20) · jre (20) | — | |
| 2 | apple | 45 | 10 | · | · | PoC 3 | iphone os (24) · mac os x (19) · tvos (16) | — | |
| 3 | ibm | 40 | · | 1 | · | KEV 1PoC 13 | algo credit limits (9) · algorithmics (8) · websphere portal unified task list portlet (4) | — | |
| 4 | oracle corp. | 38 | 8 | · | 1 | ×5.4Nuclei 1PoC 1 | java platform (20) · weblogic server (15) · database (3) | — | |
| 5 | cisco | 33 | 3 | · | · | webex meetings server (6) · unified communications manager (5) · unified communications domain manager (4) | — | ||
| 6 | microsoft | 29 | 23 | · | · | PoC 2 | internet explorer (23) · windows server 2012 (4) · windows 8 (4) | — | |
| 7 | microsoft corp | 27 | 22 | · | · | ×5.4PoC 2 | internet explorer (22) · windows 7 service pack 1 (3) · windows 8 (3) | — | |
| 8 | debian | 26 | 3 | · | · | PoC 4 | debian linux (26) | — | |
| 9 | redhat | 23 | 2 | · | · | PoC 3 | jboss enterprise application platform (8) · enterprise linux workstation (5) · enterprise linux desktop (5) | — | |
| 10 | canonical | 16 | 1 | · | · | PoC 2 | ubuntu linux (16) · acpi-support (1) | — | |
| 11 | hp | 16 | 5 | · | · | PoC 1 | intelligent management center (5) · imc branch intelligent management system software module (5) · universal configuration management database (3) | — | |
| 12 | suse | 15 | · | · | · | PoC 1 | linux enterprise server (15) · linux enterprise desktop (9) · linux enterprise software development kit (5) | — | |
| 13 | сообщество свободного программного обеспечения | 15 | 1 | · | · | PoC 2 | debian gnu/linux (14) · linux (1) | — | |
| 14 | mozilla | 14 | 9 | · | · | firefox (14) · thunderbird (13) · firefox esr (6) | — | ||
| 15 | mozilla corp. | 14 | 9 | · | · | firefox (6) · firefox esr (4) · thunderbird (4) | — | ||
| 16 | moodle | 13 | · | · | · | PoC 1 | moodle (13) | — | |
| 17 | opensuse | 12 | 1 | · | · | PoC 2 | opensuse (12) | — | |
| 18 | packagist | 12 | · | · | · | ×4.0PoC 2 | moodle/moodle (10) · phpmyadmin/phpmyadmin (1) · yiisoft/yii (1) | — | |
| 19 | apache | 11 | · | · | · | PoC 3 | http server (6) · cxf (2) · subversion (2) | — | |
| 20 | linux | 10 | · | · | · | PoC 2 | linux kernel (10) | — | |
| 21 | netgate | 10 | · | · | · | NEWPoC 1 | pfsense (10) | — | |
| 22 | php | 10 | · | · | · | ×10.0PoC 1 | php (10) | — | |
| 23 | fedoraproject | 8 | 1 | · | · | PoC 2 | fedora (8) | — | |
| 24 | 8 | 3 | · | · | PoC 2 | chrome (4) · sketchup (3) · android (1) | — | ||
| 25 | maven | 7 | · | 1 | 1 | KEV 1Nuclei 1PoC 3 | org.glassfish:javax.faces (1) · io.netty:netty-handler (1) · org.apache.cxf:cxf-core (1) | — | |
| 26 | novell inc. | 7 | 1 | · | · | opensuse (7) | — | ||
| 27 | php group | 7 | · | · | · | ×7.0 | php (7) | — | |
| 28 | apache software foundation | 6 | · | · | · | ×3.0PoC 2 | http server (6) | — | |
| 29 | cybozu | 6 | 1 | · | · | ×3.0 | garoon (6) | — | |
| 30 | emc | 6 | · | · | · | PoC 2 | documentum content server (2) · documentum eroom (1) · documentum foundation services (1) | — | |
| 31 | juniper | 6 | 1 | · | · | junos (6) · srx100 (3) · srx110 (3) | — | ||
| 32 | sap | 6 | · | · | · | PoC 5 | hana extended application services (2) · hana (1) · fi manager self-service (1) | — | |
| 33 | advantech | 5 | 1 | · | · | PoC 1 | advantech webaccess (5) · webaccess (5) | — | |
| 34 | citrix | 5 | 1 | · | · | ×5.0 | xenserver (2) · netscaler access gateway firmware (2) · netscaler application delivery controller (2) | — | |
| 35 | mariadb | 5 | · | · | · | mariadb (5) | — | ||
| 36 | siemens | 5 | · | · | · | simatic pcs7 (5) · wincc (5) | — | ||
| 37 | siemens ag | 5 | · | · | · | simatic wincc (5) | — | ||
| 38 | drupal | 4 | · | · | · | drupal (4) | — | ||
| 39 | gentoo foundation inc. | 4 | · | · | · | PoC 1 | gentoo linux (4) | — | |
| 40 | netfortris | 4 | · | · | 1 | NEWNuclei 1PoC 4 | trixbox (4) | — | |
| 41 | pfsense | 4 | · | · | · | NEW | suricata package (2) · snort package (2) | — | |
| 42 | phpmyadmin | 4 | · | · | · | ×4.0 | phpmyadmin (4) | — | |
| 43 | red hat inc. | 4 | 1 | · | · | red hat enterprise linux (4) | — | ||
| 44 | shopizer | 4 | · | · | · | NEWPoC 1 | shopizer (4) | — | |
| 45 | sun | 4 | · | · | · | sunos (4) | — | ||
| 46 | aas9 | 3 | · | · | · | NEWPoC 3 | zerocms (3) | — | |
| 47 | adobe | 3 | · | · | · | PoC 1 | adobe air sdk (3) · adobe air (3) · flash player (3) | — | |
| 48 | adobe systems inc. | 3 | · | · | · | ×3.0PoC 1 | flash player (2) · adobe pepper flash для google chrome (1) | — | |
| 49 | autodesk | 3 | 3 | · | · | ×3.0 | sketchbook pro (2) · vred (1) | — | |
| 50 | christos zoulas | 3 | · | · | · | PoC 1 | file (3) | — |