month report

October 2014

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

October 2014 closed with 1,418 published CVEs. 58 criticals, oracle led volume, mostly via database server. Biggest breakout: jenkins at ×18.0 their 12-month median. Top weakness class — CWE-310 (717 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

1,418

— MoM— YoY

Severity mix

58 / 133

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

2.0%

28 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

4158.5

n=28

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

2742

n=6

Detection gap

KEV pressure, no Nuclei coverage

October 2014 · vendors with active exploitation listed by CISA but no public detection template.

KEV 5microsoft25 CVE
KEV 5microsoft corp24 CVE

Weakness × Vendor

What's spreading where in October 2014

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

18.0×jenkins18 CVE
8.1×oracle118 CVE
8.0×joomla8 CVE
6.7×mcafee20 CVE
5.0×drupal20 CVE
4.3×juniper13 CVE
4.0×adaptivecomputing4 CVE
4.0×openssl software foundation4 CVE
3.8×openstack17 CVE
3.7×maven26 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#2magzter45 CVE
#15pocketmags20 CVE
#27nobexrc11 CVE
#34core-apps7 CVE
#35onesolutionapps7 CVE
#36ireadercity6 CVE
#44automon4 CVE
#45bulbsecurity4 CVE
#46carefusion4 CVE
#47dokuwiki4 CVE

Top vendors

Ranked by distinct CVE count this period.

1oracle—
118 CVE13 critCVSS 5.2
×8.1PoC 1
database server (29) · jre (25) · jdk (23)
2magzter—
45 CVECVSS 5.4
NEW
autocar india (1) · bbc knowledge magazine (1) · bespoke (1)
3ibm—
43 CVE3 critCVSS 5.3
PoC 1
websphere portal (6) · qradar security information and event manager (6) · tririga application platform (5)
4redhat—
39 CVE1 critCVSS 5.9
PoC 2
enterprise linux desktop supplementary (13) · enterprise linux workstation supplementary (13) · enterprise linux server supplementary (13)
5cisco—
35 CVE1 critCVSS 6.5
asa (8) · adaptive security appliance software (7) · unified communications manager (5)
6apple—
34 CVE1 critCVSS 5.4
PoC 2
mac os x (26) · iphone os (5) · os x server (2)
7oracle corp.—
27 CVE6 critCVSS 6.2
java platform (25) · weblogic server (2)
8maven—
26 CVECVSS 5.2
×3.7PoC 2
org.jenkins-ci.main:jenkins-core (18) · org.jvnet.hudson.plugins:monitoring (2) · org.apache.cxf:cxf-rt-frontend-jaxrs (1)
9microsoft—
25 CVE14 critCVSS 8.2
KEV 5PoC 5
internet explorer (14) · windows vista (5) · windows server 2008 (5)
10microsoft corp—
24 CVE14 critCVSS 8.4
KEV 5PoC 4
internet explorer (14) · windows server 2008 service pack 2 (5) · windows vista service pack 2 (5)
11mariadb—
22 CVECVSS 4.7
mariadb (22)
12suse—
21 CVE2 critCVSS 4.5
linux enterprise desktop (20) · linux enterprise server (18) · linux enterprise software development kit (18)
13drupal—
20 CVECVSS 4.0
×5.0Nuclei 1PoC 1
custom search module (2) · zen (1) · bluemasters (1)
14mcafee—
20 CVECVSS 4.0
×6.7
network data loss prevention (19) · endpoint encryption for files and folders (1) · file and removable media protection (1)
15pocketmags—
20 CVECVSS 5.4
NEW
adt aesthetic dentistry today (1) · american waterfowler (1) · classic arms \& militaria (1)
16pypi—
19 CVECVSS 4.8
PoC 1
nova (3) · python-gnupg (3) · requests (2)
17jenkins—
18 CVECVSS 5.2
×18.0
jenkins (18)
18hp—
17 CVE1 critCVSS 6.2
PoC 1
system management homepage (4) · sprinter (4) · systems insight manager (3)
19openstack—
17 CVECVSS 3.8
×3.8
nova (6) · horizon (4) · cinder (3)
20google—
16 CVE1 critCVSS 7.0
chrome (16) · chrome os (1) · v8 (1)
21mozilla—
16 CVECVSS 6.1
PoC 3
firefox (13) · thunderbird (7) · bugzilla (3)
22opensuse—
16 CVE2 critCVSS 5.8
PoC 4
opensuse (16) · evergreen (2)
23canonical—
15 CVECVSS 5.0
PoC 2
ubuntu linux (15)
24debian—
15 CVECVSS 4.9
Nuclei 1PoC 4
debian linux (13) · apt (1) · advanced package tool (1)
25sun—
14 CVECVSS 5.6
sunos (14)
26juniper—
13 CVECVSS 6.5
×4.3PoC 1
junos space (7) · junos (5) · srx220 (1)
27nobexrc—
11 CVECVSS 5.4
NEW
abram radio groove\! (1) · amnesia groove (1) · asylum\! (1)
28packagist—
9 CVECVSS 5.8
×3.0PoC 1
in2code/powermail (2) · web-tp3/wec_map (2) · jbartels/wec-map (2)
29red hat inc.—
9 CVECVSS 6.3
×3.0PoC 1
red hat enterprise linux (9)
30sap—
9 CVECVSS 4.9
PoC 7
businessobjects (4) · hana (2) · businessobjects explorer (2)
31fedoraproject—
8 CVECVSS 5.1
PoC 6
fedora (8)
32joomla—
8 CVECVSS 5.6
×8.0PoC 1
joomla\! (8)
33adobe—
7 CVE3 critCVSS 8.5
flash player (3) · coldfusion (3) · air sdk (2)
34core-apps—
7 CVECVSS 5.4
NEW
aihce 2014 (1) · bowl expo 2014 (1) · digital content newfronts 2014 (1)
35onesolutionapps—
7 CVECVSS 5.4
NEW
ajd bail bonds (1) · aloha bail bonds (1) · bust out bail (1)
36ireadercity—
6 CVECVSS 5.4
NEW
100 books (1) · a very short history of japan (1) · demon (1)
37linux—
6 CVECVSS 5.8
PoC 1
linux kernel (5) · kernel (1)
38gentoo foundation inc.—
5 CVE1 critCVSS 4.6
PoC 1
gentoo linux (5)
39pidgin—
5 CVECVSS 5.6
pidgin (5)
40splunk—
5 CVECVSS 4.0
×3.3PoC 1
splunk (5)
41xen—
5 CVECVSS 5.6
xen (5)
42adaptivecomputing—
4 CVECVSS 5.0
×4.0PoC 3
moab (3) · torque resource manager (1)
43apache—
4 CVECVSS 5.5
PoC 1
cxf (2) · http server (1) · shiro (1)
44automon—
4 CVECVSS 5.4
NEW
alisha marie (1) · ledline.gr official (1) · marcus butler unofficial (1)
45bulbsecurity—
4 CVECVSS 5.8
NEWPoC 2
smartphone pentest framework (4)
46carefusion—
4 CVE1 critCVSS 5.5
NEW
pyxis supplystation (4)
47dokuwiki—
4 CVECVSS 5.0
NEW
dokuwiki (4)
48enyetech—
4 CVECVSS 5.4
NEW
coca-cola fm brasil (1) · coca-cola fm guatemala (1) · coca-cola fm honduras (1)
49espocrm—
4 CVE1 critCVSS 5.7
NEWPoC 4
espocrm (4)
50gcspublishing—
4 CVECVSS 5.4
NEW
steyr forum (1) · biplane forum (1) · georgia packing (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	118	13	·	·	×8.1PoC 1	database server (29) · jre (25) · jdk (23)	—
2	magzter	45	·	·	·	NEW	autocar india (1) · bbc knowledge magazine (1) · bespoke (1)	—
3	ibm	43	3	·	·	PoC 1	websphere portal (6) · qradar security information and event manager (6) · tririga application platform (5)	—
4	redhat	39	1	·	·	PoC 2	enterprise linux desktop supplementary (13) · enterprise linux workstation supplementary (13) · enterprise linux server supplementary (13)	—
5	cisco	35	1	·	·		asa (8) · adaptive security appliance software (7) · unified communications manager (5)	—
6	apple	34	1	·	·	PoC 2	mac os x (26) · iphone os (5) · os x server (2)	—
7	oracle corp.	27	6	·	·		java platform (25) · weblogic server (2)	—
8	maven	26	·	·	·	×3.7PoC 2	org.jenkins-ci.main:jenkins-core (18) · org.jvnet.hudson.plugins:monitoring (2) · org.apache.cxf:cxf-rt-frontend-jaxrs (1)	—
9	microsoft	25	14	5	·	KEV 5PoC 5	internet explorer (14) · windows vista (5) · windows server 2008 (5)	—
10	microsoft corp	24	14	5	·	KEV 5PoC 4	internet explorer (14) · windows server 2008 service pack 2 (5) · windows vista service pack 2 (5)	—
11	mariadb	22	·	·	·		mariadb (22)	—
12	suse	21	2	·	·		linux enterprise desktop (20) · linux enterprise server (18) · linux enterprise software development kit (18)	—
13	drupal	20	·	·	1	×5.0Nuclei 1PoC 1	custom search module (2) · zen (1) · bluemasters (1)	—
14	mcafee	20	·	·	·	×6.7	network data loss prevention (19) · endpoint encryption for files and folders (1) · file and removable media protection (1)	—
15	pocketmags	20	·	·	·	NEW	adt aesthetic dentistry today (1) · american waterfowler (1) · classic arms \& militaria (1)	—
16	pypi	19	·	·	·	PoC 1	nova (3) · python-gnupg (3) · requests (2)	—
17	jenkins	18	·	·	·	×18.0	jenkins (18)	—
18	hp	17	1	·	·	PoC 1	system management homepage (4) · sprinter (4) · systems insight manager (3)	—
19	openstack	17	·	·	·	×3.8	nova (6) · horizon (4) · cinder (3)	—
20	google	16	1	·	·		chrome (16) · chrome os (1) · v8 (1)	—
21	mozilla	16	·	·	·	PoC 3	firefox (13) · thunderbird (7) · bugzilla (3)	—
22	opensuse	16	2	·	·	PoC 4	opensuse (16) · evergreen (2)	—
23	canonical	15	·	·	·	PoC 2	ubuntu linux (15)	—
24	debian	15	·	·	1	Nuclei 1PoC 4	debian linux (13) · apt (1) · advanced package tool (1)	—
25	sun	14	·	·	·		sunos (14)	—
26	juniper	13	·	·	·	×4.3PoC 1	junos space (7) · junos (5) · srx220 (1)	—
27	nobexrc	11	·	·	·	NEW	abram radio groove\! (1) · amnesia groove (1) · asylum\! (1)	—
28	packagist	9	·	·	·	×3.0PoC 1	in2code/powermail (2) · web-tp3/wec_map (2) · jbartels/wec-map (2)	—
29	red hat inc.	9	·	·	·	×3.0PoC 1	red hat enterprise linux (9)	—
30	sap	9	·	·	·	PoC 7	businessobjects (4) · hana (2) · businessobjects explorer (2)	—
31	fedoraproject	8	·	·	·	PoC 6	fedora (8)	—
32	joomla	8	·	·	·	×8.0PoC 1	joomla\! (8)	—
33	adobe	7	3	·	·		flash player (3) · coldfusion (3) · air sdk (2)	—
34	core-apps	7	·	·	·	NEW	aihce 2014 (1) · bowl expo 2014 (1) · digital content newfronts 2014 (1)	—
35	onesolutionapps	7	·	·	·	NEW	ajd bail bonds (1) · aloha bail bonds (1) · bust out bail (1)	—
36	ireadercity	6	·	·	·	NEW	100 books (1) · a very short history of japan (1) · demon (1)	—
37	linux	6	·	·	·	PoC 1	linux kernel (5) · kernel (1)	—
38	gentoo foundation inc.	5	1	·	·	PoC 1	gentoo linux (5)	—
39	pidgin	5	·	·	·		pidgin (5)	—
40	splunk	5	·	·	·	×3.3PoC 1	splunk (5)	—
41	xen	5	·	·	·		xen (5)	—
42	adaptivecomputing	4	·	·	·	×4.0PoC 3	moab (3) · torque resource manager (1)	—
43	apache	4	·	·	·	PoC 1	cxf (2) · http server (1) · shiro (1)	—
44	automon	4	·	·	·	NEW	alisha marie (1) · ledline.gr official (1) · marcus butler unofficial (1)	—
45	bulbsecurity	4	·	·	·	NEWPoC 2	smartphone pentest framework (4)	—
46	carefusion	4	1	·	·	NEW	pyxis supplystation (4)	—
47	dokuwiki	4	·	·	·	NEW	dokuwiki (4)	—
48	enyetech	4	·	·	·	NEW	coca-cola fm brasil (1) · coca-cola fm guatemala (1) · coca-cola fm honduras (1)	—
49	espocrm	4	1	·	·	NEWPoC 4	espocrm (4)	—
50	gcspublishing	4	·	·	·	NEW	steyr forum (1) · biplane forum (1) · georgia packing (1)	—