month report
September 2014
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
September 2014 closed with 1,156 published CVEs — +143.4% YoY . 78 criticals, apple led volume, mostly via iphone os. Biggest breakout: adobe systems inc. at ×20.0 their 12-month median. Top weakness class — CWE-310 (719 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
1,156
— MoM+143.4% YoY
Severity mix
78 / 62
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
1.0%
11 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
4183.3
n=11
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
2693
n=4
Weakness × Vendor
What's spreading where in September 2014
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
310CWE-310119Memory Buffer Bounds79XSS20Improper Input Validation264CWE-264200Information Exposure399CWE-39994Code Injection89SQL Injection352CSRFapple315113471microsoft13611211ibm117168214microsoft corp361111cisco132841pypi144434plone44434adobe13221adobe systems inc.13121linux9115opensuse32playscape13
Breakout vendors
CVE count ≥3× their own 12-period median.
- 20.0×adobe systems inc.20 CVE
- 4.0×freedesktop4 CVE
- 4.0×schneider-electric4 CVE
- 3.9×microsoft corp41 CVE
- 3.5×adobe21 CVE
- 3.4×plone22 CVE
- 3.0×aveva3 CVE
- 3.0×synology3 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #12playscape13 CVE
- #14wireshark team12 CVE
- #20runtastic7 CVE
- #22gcspublishing6 CVE
- #24ilearnwith6 CVE
- #26withhive6 CVE
- #32animoca4 CVE
- #35gameloft4 CVE
- #37nonghyup4 CVE
- #39nq4 CVE
Top vendors
Ranked by distinct CVE count this period.
- 65 CVE10 critCVSS 6.1KEV 3Nuclei 1PoC 2iphone os (45) · mac os x (41) · tvos (30)
- 44 CVE37 critCVSS 8.5PoC 1internet explorer (36) · lync server (3) · microsoft tech companion (1)
- 43 CVE4 critCVSS 7.9KEV 2Nuclei 1PoC 2initiate master data service (7) · rational clearcase (6) · qradar security information and event manager (5)
- 41 CVE36 critCVSS 8.1×3.9internet explorer (36) · microsoft lync server (3) · microsoft .net framework 1.1 service pack 1 (1)
- 23 CVECVSS 6.2PoC 1ios xr (7) · ios xe (7) · ios (6)
- 23 CVE1 critCVSS 5.5PoC 1plone (22) · zope2 (3) · portage (1)
- 22 CVECVSS 5.3×3.4plone (22)
- 21 CVE17 critCVSS 9.4×3.5PoC 1adobe air (12) · adobe air sdk (12) · flash player (12)
- 20 CVE17 critCVSS 9.5×20.0PoC 1adobe acrobat (6) · adobe integrated runtime (5) · adobe pepper flash для google chrome (5)
- 18 CVECVSS 6.3PoC 7linux kernel (18)
- 14 CVE5 critCVSS 6.1KEV 2Nuclei 1PoC 6opensuse (13) · evergreen (5)
- 13 CVECVSS 5.4NEWbouncy bill (1) · bouncy bill easter tales (1) · bouncy bill holloween (1)
- 12 CVECVSS 5.0wireshark (12)
- 12 CVECVSS 5.0NEWwireshark network protocol analyzer (12)
- 10 CVE2 critCVSS 7.3KEV 2Nuclei 1PoC 4ubuntu linux (9) · acpi-support (1)
- 9 CVE5 critCVSS 8.0PoC 1firefox (9) · thunderbird (7) · firefox esr (3)
- 9 CVE2 critCVSS 8.6KEV 2Nuclei 1PoC 3enterprise linux server aus (4) · enterprise linux server (3) · enterprise linux workstation (3)
- 8 CVECVSS 6.8advantech webaccess (8)
- 8 CVE5 critCVSS 8.3PoC 1firefox (5) · thunderbird (2) · firefox esr (1)
- 7 CVECVSS 5.4NEWruntastic heart rate (1) · runtastic me (1) · runtastic mountain bike (1)
- 6 CVE2 critCVSS 7.6KEV 2Nuclei 1PoC 2debian linux (5) · advanced package tool (1)
- 6 CVECVSS 5.4NEWbeekeeping forum (1) · bersa forum (1) · goat forum (1)
- 6 CVE5 critCVSS 9.7KEV 3Nuclei 1PoC 6bash (6)
- 6 CVECVSS 5.4NEWalphabet \& spelling kids games (1) · animals\! kids preschool games (1) · counting \& addition kids games (1)
- 6 CVE3 critCVSS 7.9KEV 2Nuclei 1PoC 3solaris (4) · linux (2)
- 6 CVECVSS 5.4NEW9 innings\ (1) · actionpuzzlefamily for kakao (1) · homerun battle 2 (1)
- 6 CVE2 critCVSS 7.4PoC 2debian gnu/linux (4) · gnu bash (2) · libvncserver (1)
- 5 CVECVSS 4.8poi (2) · commons-httpclient (1) · tomcat (1)
- 5 CVECVSS 6.3chrome (3) · android browser (1) · android (1)
- 5 CVECVSS 4.9PoC 1org.apache.poi:poi (2) · org.hibernate:hibernate-validator (1) · org.apache.httpcomponents:httpclient (1)
- 5 CVE3 critCVSS 7.8KEV 2Nuclei 1PoC 3linux enterprise server (3) · linux enterprise desktop (2) · linux enterprise software development kit (2)
- 4 CVECVSS 5.4NEWbunny run (1) · fashion style (1) · star girl (1)
- 4 CVECVSS 7.2PoC 2n300 (2) · n300 firmware (2) · n900 firmware (1)
- 4 CVECVSS 2.7×4.0dbus (4)
- 4 CVECVSS 5.4NEWbrothers in arms 2 free\+ (1) · gameloft library (1) · ice age village (1)
- 4 CVECVSS 5.3junos pulse secure access service (3) · junos pulse access control service (1) · junos pulse client (1)
- 4 CVECVSS 5.4NEWsmart (1) · smart calculator (1) · smart card (1)
- 4 CVE3 critCVSS 9.0KEV 2Nuclei 1PoC 3open enterprise server (2) · zenworks configuration management (2) · groupwise (1)
- 4 CVECVSS 5.4NEWantivirus free (1) · easy finder \& anti-theft (1) · nq mobile security \& antivirus (1)
- 4 CVECVSS 5.6clearscada (3) · scada expert clearscada (3) · vampset (1)
- 4 CVECVSS 5.5×4.0scada expert clearscada (3) · vampset (1)
- 4 CVE3 critCVSS 9.6NEWKEV 3Nuclei 1PoC 4альт линукс спт (4)
- 3 CVECVSS 5.9NEW×3.0clearscada (3)
- 3 CVECVSS 5.4NEWaapld (1) · anaheim library 2go\! (1) · deschutes public mobilelibrary (1)
- 3 CVECVSS 2.9NEWd-bus (3)
- 3 CVECVSS 5.4NEWmaleficent free fall (1) · where\'s my perry\? free (1) · where\'s my water\? free (1)
- 3 CVECVSS 6.9integraxor (3) · integraxor scada server (3)
- 3 CVECVSS 2.9gentoo linux (3)
- 3 CVECVSS 4.3NEWPoC 1c-cda (3)
- 3 CVECVSS 5.8NEWPoC 1ea6500 (3) · ea6500 firmware (3)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | apple | 65 | 10 | 3 | 1 | KEV 3Nuclei 1PoC 2 | iphone os (45) · mac os x (41) · tvos (30) | — | |
| 2 | microsoft | 44 | 37 | · | · | PoC 1 | internet explorer (36) · lync server (3) · microsoft tech companion (1) | — | |
| 3 | ibm | 43 | 4 | 2 | 1 | KEV 2Nuclei 1PoC 2 | initiate master data service (7) · rational clearcase (6) · qradar security information and event manager (5) | — | |
| 4 | microsoft corp | 41 | 36 | · | · | ×3.9 | internet explorer (36) · microsoft lync server (3) · microsoft .net framework 1.1 service pack 1 (1) | — | |
| 5 | cisco | 23 | · | · | · | PoC 1 | ios xr (7) · ios xe (7) · ios (6) | — | |
| 6 | pypi | 23 | 1 | · | · | PoC 1 | plone (22) · zope2 (3) · portage (1) | — | |
| 7 | plone | 22 | · | · | · | ×3.4 | plone (22) | — | |
| 8 | adobe | 21 | 17 | · | · | ×3.5PoC 1 | adobe air (12) · adobe air sdk (12) · flash player (12) | — | |
| 9 | adobe systems inc. | 20 | 17 | · | · | ×20.0PoC 1 | adobe acrobat (6) · adobe integrated runtime (5) · adobe pepper flash для google chrome (5) | — | |
| 10 | linux | 18 | · | · | · | PoC 7 | linux kernel (18) | — | |
| 11 | opensuse | 14 | 5 | 2 | 1 | KEV 2Nuclei 1PoC 6 | opensuse (13) · evergreen (5) | — | |
| 12 | playscape | 13 | · | · | · | NEW | bouncy bill (1) · bouncy bill easter tales (1) · bouncy bill holloween (1) | — | |
| 13 | wireshark | 12 | · | · | · | wireshark (12) | — | ||
| 14 | wireshark team | 12 | · | · | · | NEW | wireshark network protocol analyzer (12) | — | |
| 15 | canonical | 10 | 2 | 2 | 1 | KEV 2Nuclei 1PoC 4 | ubuntu linux (9) · acpi-support (1) | — | |
| 16 | mozilla | 9 | 5 | · | · | PoC 1 | firefox (9) · thunderbird (7) · firefox esr (3) | — | |
| 17 | redhat | 9 | 2 | 2 | 1 | KEV 2Nuclei 1PoC 3 | enterprise linux server aus (4) · enterprise linux server (3) · enterprise linux workstation (3) | — | |
| 18 | advantech | 8 | · | · | · | advantech webaccess (8) | — | ||
| 19 | mozilla corp. | 8 | 5 | · | · | PoC 1 | firefox (5) · thunderbird (2) · firefox esr (1) | — | |
| 20 | runtastic | 7 | · | · | · | NEW | runtastic heart rate (1) · runtastic me (1) · runtastic mountain bike (1) | — | |
| 21 | debian | 6 | 2 | 2 | 1 | KEV 2Nuclei 1PoC 2 | debian linux (5) · advanced package tool (1) | — | |
| 22 | gcspublishing | 6 | · | · | · | NEW | beekeeping forum (1) · bersa forum (1) · goat forum (1) | — | |
| 23 | gnu | 6 | 5 | 3 | 1 | KEV 3Nuclei 1PoC 6 | bash (6) | — | |
| 24 | ilearnwith | 6 | · | · | · | NEW | alphabet \& spelling kids games (1) · animals\! kids preschool games (1) · counting \& addition kids games (1) | — | |
| 25 | oracle | 6 | 3 | 2 | 1 | KEV 2Nuclei 1PoC 3 | solaris (4) · linux (2) | — | |
| 26 | withhive | 6 | · | · | · | NEW | 9 innings\ (1) · actionpuzzlefamily for kakao (1) · homerun battle 2 (1) | — | |
| 27 | сообщество свободного программного обеспечения | 6 | 2 | · | · | PoC 2 | debian gnu/linux (4) · gnu bash (2) · libvncserver (1) | — | |
| 28 | apache | 5 | · | · | · | poi (2) · commons-httpclient (1) · tomcat (1) | — | ||
| 29 | 5 | · | · | · | chrome (3) · android browser (1) · android (1) | — | |||
| 30 | maven | 5 | · | · | · | PoC 1 | org.apache.poi:poi (2) · org.hibernate:hibernate-validator (1) · org.apache.httpcomponents:httpclient (1) | — | |
| 31 | suse | 5 | 3 | 2 | 1 | KEV 2Nuclei 1PoC 3 | linux enterprise server (3) · linux enterprise desktop (2) · linux enterprise software development kit (2) | — | |
| 32 | animoca | 4 | · | · | · | NEW | bunny run (1) · fashion style (1) · star girl (1) | — | |
| 33 | belkin | 4 | · | · | · | PoC 2 | n300 (2) · n300 firmware (2) · n900 firmware (1) | — | |
| 34 | freedesktop | 4 | · | · | · | ×4.0 | dbus (4) | — | |
| 35 | gameloft | 4 | · | · | · | NEW | brothers in arms 2 free\+ (1) · gameloft library (1) · ice age village (1) | — | |
| 36 | juniper | 4 | · | · | · | junos pulse secure access service (3) · junos pulse access control service (1) · junos pulse client (1) | — | ||
| 37 | nonghyup | 4 | · | · | · | NEW | smart (1) · smart calculator (1) · smart card (1) | — | |
| 38 | novell | 4 | 3 | 2 | 1 | KEV 2Nuclei 1PoC 3 | open enterprise server (2) · zenworks configuration management (2) · groupwise (1) | — | |
| 39 | nq | 4 | · | · | · | NEW | antivirus free (1) · easy finder \& anti-theft (1) · nq mobile security \& antivirus (1) | — | |
| 40 | schneider electric | 4 | · | · | · | clearscada (3) · scada expert clearscada (3) · vampset (1) | — | ||
| 41 | schneider-electric | 4 | · | · | · | ×4.0 | scada expert clearscada (3) · vampset (1) | — | |
| 42 | ао «ивк» | 4 | 3 | 3 | 1 | NEWKEV 3Nuclei 1PoC 4 | альт линукс спт (4) | — | |
| 43 | aveva | 3 | · | · | · | NEW×3.0 | clearscada (3) | — | |
| 44 | boopsie | 3 | · | · | · | NEW | aapld (1) · anaheim library 2go\! (1) · deschutes public mobilelibrary (1) | — | |
| 45 | d-bus project | 3 | · | · | · | NEW | d-bus (3) | — | |
| 46 | disney | 3 | · | · | · | NEW | maleficent free fall (1) · where\'s my perry\? free (1) · where\'s my water\? free (1) | — | |
| 47 | ecava | 3 | · | · | · | integraxor (3) · integraxor scada server (3) | — | ||
| 48 | gentoo foundation inc. | 3 | · | · | · | gentoo linux (3) | — | ||
| 49 | hl7 | 3 | · | · | · | NEWPoC 1 | c-cda (3) | — | |
| 50 | linksys | 3 | · | · | · | NEWPoC 1 | ea6500 (3) · ea6500 firmware (3) | — |