month report
December 2014
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
December 2014 closed with 618 published CVEs — +24.8% YoY . 61 criticals, ibm led volume, mostly via websphere service registry and repository. Biggest breakout: x.org at ×13.0 their 12-month median. Top weakness class — CWE-79 (90 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
618
— MoM+24.8% YoY
Severity mix
61 / 129
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
7.0%
43 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
4095.2
n=43
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
2681
n=1
Detection gap
KEV pressure, no Nuclei coverage
December 2014 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 1adobe26 CVE
- KEV 1red hat inc.21 CVE
Weakness × Vendor
What's spreading where in December 2014
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS119Memory Buffer Bounds200Information Exposure20Improper Input Validation352CSRF264CWE-26489SQL Injection399CWE-39994Code Injection22Path Traversalibm1783471122microsoft264101110apple331197debian9213adobe2429canonical621411cisco473311red hat inc.10redhat1412211zenoss142321fedoraproject17111opensuse12111
Breakout vendors
CVE count ≥3× their own 12-period median.
- 13.0×x.org13 CVE
- 8.0×mantisbt8 CVE
- 7.0×huawei7 CVE
- 7.0×red hat inc.21 CVE
- 4.7×adobe26 CVE
- 4.0×f54 CVE
- 4.0×modx4 CVE
- 4.0×ntp4 CVE
- 4.0×phpmyadmin4 CVE
- 3.3×gnu10 CVE
Top vendors
Ranked by distinct CVE count this period.
- 61 CVE2 critCVSS 4.6PoC 1websphere service registry and repository (12) · security access manager for mobile (11) · security access manager for web (11)
- 44 CVE31 critCVSS 7.9PoC 1windows (19) · internet explorer (15) · office compatibility pack (4)
- 34 CVE15 critCVSS 7.3mac os x (22) · tvos (10) · iphone os (10)
- 28 CVECVSS 5.9PoC 6debian linux (27) · hivex (1)
- 26 CVE20 critCVSS 9.0×4.7KEV 1acrobat reader (19) · acrobat (19) · flash player (6)
- 23 CVECVSS 5.6PoC 4ubuntu linux (23)
- 21 CVECVSS 5.6meraki mx firmware (4) · meraki ms firmware (4) · meraki mr firmware (4)
- 21 CVECVSS 6.6×7.0KEV 1PoC 1red hat enterprise linux (21)
- 20 CVECVSS 5.0PoC 5enterprise linux desktop (9) · enterprise linux server (8) · enterprise linux workstation (8)
- 18 CVE1 critCVSS 5.7NEWzenoss core (18)
- 16 CVECVSS 6.0PoC 3fedora (16)
- 16 CVECVSS 4.8PoC 1opensuse (14) · evergreen (3)
- 13 CVECVSS 6.3×13.0x server (13) · x11 (11) · xfree86 (5)
- 12 CVECVSS 5.6PoC 1firefox (11) · seamonkey (10) · thunderbird (6)
- 10 CVECVSS 6.1×3.3PoC 2binutils (7) · glibc (2) · cpio (1)
- 10 CVECVSS 7.0PoC 4android (5) · chrome (5)
- 10 CVE1 critCVSS 6.7NEWPoC 5manageengine it360 (8) · manageengine opmanager (6) · manageengine social it plus (5)
- 9 CVECVSS 5.6PoC 2solaris (6) · linux (2) · enterprise manager ops center (1)
- 8 CVECVSS 6.9ettercap (8)
- 8 CVECVSS 5.2NEW×8.0PoC 1mantisbt (8)
- 7 CVECVSS 5.2PoC 1http server (2) · subversion (2) · cloudstack (1)
- 7 CVE2 critCVSS 5.8PoC 1documentum content server (2) · rsa adaptive authentication on-premise (1) · appsync (1)
- 7 CVE1 critCVSS 5.3×7.0PoC 4espace desktop (4) · honor cube wireless router ws860s (1) · honor cube wireless router ws860s firewall (1)
- 7 CVECVSS 5.0PoC 1linux kernel (7)
- 7 CVECVSS 5.1NEWmageia (7)
- 7 CVECVSS 7.1PoC 1vlc media player (7)
- 5 CVECVSS 6.0NEWhiphop virtual machine (5)
- 5 CVECVSS 4.7PoC 5access manager (5)
- 5 CVECVSS 4.4PoC 1phpmyadmin/phpmyadmin (2) · intelliants/subrion (1) · james-heinrich/phpthumb (1)
- 5 CVECVSS 5.3NEWPoC 5smoothwall (5)
- 4 CVE1 critCVSS 7.2NEWdocker (4)
- 4 CVECVSS 4.4×4.0nginx (2) · big-ip edge gateway (1) · big-ip local traffic manager (1)
- 4 CVECVSS 6.9ffmpeg (4)
- 4 CVE1 critCVSS 7.2NEWgithub.com/docker/docker (4)
- 4 CVECVSS 5.1NEW×4.0PoC 2modx revolution (4)
- 4 CVECVSS 6.9NEW×4.0PoC 1ntp (4)
- 4 CVECVSS 4.1×4.0phpmyadmin (4)
- 4 CVE1 critCVSS 8.5proclima (4)
- 4 CVECVSS 5.1NEWi-httpd (4)
- 4 CVE1 critCVSS 5.4PoC 1vcenter server appliance (2) · airwatch (1) · vcloud automation center (1)
- 4 CVECVSS 4.7xen (4)
- 3 CVECVSS 6.1NEWPoC 1alfresco (2) · community edition (1)
- 3 CVE1 critCVSS 6.8NEWtouchstone tg862g\/ct firmware (3)
- 3 CVECVSS 5.9×3.0release automation (3)
- 3 CVECVSS 5.7×3.0PoC 1ubuntu (3)
- 3 CVECVSS 6.7PoC 1nexus 1000v (2) · микропрограммное обеспечение системы коммуникаций cisco unified communications manager (1)
- 3 CVECVSS 5.0×3.0freebsd (3)
- 3 CVECVSS 5.9×3.0arrows tab lte f-01d (2) · regza phone t-01d (2) · arrows x lte f-05d (1)
- 3 CVECVSS 7.3NEWPoC 3jasper (3)
- 3 CVECVSS 6.4NEWPoC 3k7av sentry device driver (2) · k7firewall packet driver (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | ibm | 61 | 2 | · | · | PoC 1 | websphere service registry and repository (12) · security access manager for mobile (11) · security access manager for web (11) | — | |
| 2 | microsoft | 44 | 31 | · | · | PoC 1 | windows (19) · internet explorer (15) · office compatibility pack (4) | — | |
| 3 | apple | 34 | 15 | · | · | mac os x (22) · tvos (10) · iphone os (10) | — | ||
| 4 | debian | 28 | · | · | · | PoC 6 | debian linux (27) · hivex (1) | — | |
| 5 | adobe | 26 | 20 | 1 | · | ×4.7KEV 1 | acrobat reader (19) · acrobat (19) · flash player (6) | — | |
| 6 | canonical | 23 | · | · | · | PoC 4 | ubuntu linux (23) | — | |
| 7 | cisco | 21 | · | · | · | meraki mx firmware (4) · meraki ms firmware (4) · meraki mr firmware (4) | — | ||
| 8 | red hat inc. | 21 | · | 1 | · | ×7.0KEV 1PoC 1 | red hat enterprise linux (21) | — | |
| 9 | redhat | 20 | · | · | · | PoC 5 | enterprise linux desktop (9) · enterprise linux server (8) · enterprise linux workstation (8) | — | |
| 10 | zenoss | 18 | 1 | · | · | NEW | zenoss core (18) | — | |
| 11 | fedoraproject | 16 | · | · | · | PoC 3 | fedora (16) | — | |
| 12 | opensuse | 16 | · | · | · | PoC 1 | opensuse (14) · evergreen (3) | — | |
| 13 | x.org | 13 | · | · | · | ×13.0 | x server (13) · x11 (11) · xfree86 (5) | — | |
| 14 | mozilla | 12 | · | · | · | PoC 1 | firefox (11) · seamonkey (10) · thunderbird (6) | — | |
| 15 | gnu | 10 | · | · | · | ×3.3PoC 2 | binutils (7) · glibc (2) · cpio (1) | — | |
| 16 | 10 | · | · | · | PoC 4 | android (5) · chrome (5) | — | ||
| 17 | zohocorp | 10 | 1 | · | · | NEWPoC 5 | manageengine it360 (8) · manageengine opmanager (6) · manageengine social it plus (5) | — | |
| 18 | oracle | 9 | · | · | · | PoC 2 | solaris (6) · linux (2) · enterprise manager ops center (1) | — | |
| 19 | ettercap-project | 8 | · | · | · | ettercap (8) | — | ||
| 20 | mantisbt | 8 | · | · | · | NEW×8.0PoC 1 | mantisbt (8) | — | |
| 21 | apache | 7 | · | · | · | PoC 1 | http server (2) · subversion (2) · cloudstack (1) | — | |
| 22 | emc | 7 | 2 | · | · | PoC 1 | documentum content server (2) · rsa adaptive authentication on-premise (1) · appsync (1) | — | |
| 23 | huawei | 7 | 1 | · | · | ×7.0PoC 4 | espace desktop (4) · honor cube wireless router ws860s (1) · honor cube wireless router ws860s firewall (1) | — | |
| 24 | linux | 7 | · | · | · | PoC 1 | linux kernel (7) | — | |
| 25 | mageia | 7 | · | · | · | NEW | mageia (7) | — | |
| 26 | videolan | 7 | · | · | · | PoC 1 | vlc media player (7) | — | |
| 27 | 5 | · | · | · | NEW | hiphop virtual machine (5) | — | ||
| 28 | microfocus | 5 | · | · | · | PoC 5 | access manager (5) | — | |
| 29 | packagist | 5 | · | · | · | PoC 1 | phpmyadmin/phpmyadmin (2) · intelliants/subrion (1) · james-heinrich/phpthumb (1) | — | |
| 30 | smoothwall | 5 | · | · | · | NEWPoC 5 | smoothwall (5) | — | |
| 31 | docker | 4 | 1 | · | · | NEW | docker (4) | — | |
| 32 | f5 | 4 | · | · | · | ×4.0 | nginx (2) · big-ip edge gateway (1) · big-ip local traffic manager (1) | — | |
| 33 | ffmpeg | 4 | · | · | · | ffmpeg (4) | — | ||
| 34 | go | 4 | 1 | · | · | NEW | github.com/docker/docker (4) | — | |
| 35 | modx | 4 | · | · | · | NEW×4.0PoC 2 | modx revolution (4) | — | |
| 36 | ntp | 4 | · | · | · | NEW×4.0PoC 1 | ntp (4) | — | |
| 37 | phpmyadmin | 4 | · | · | · | ×4.0 | phpmyadmin (4) | — | |
| 38 | schneider electric | 4 | 1 | · | · | proclima (4) | — | ||
| 39 | ultrapop | 4 | · | · | · | NEW | i-httpd (4) | — | |
| 40 | vmware | 4 | 1 | · | · | PoC 1 | vcenter server appliance (2) · airwatch (1) · vcloud automation center (1) | — | |
| 41 | xen | 4 | · | · | · | xen (4) | — | ||
| 42 | alfresco | 3 | · | · | · | NEWPoC 1 | alfresco (2) · community edition (1) | — | |
| 43 | arris | 3 | 1 | · | · | NEW | touchstone tg862g\/ct firmware (3) | — | |
| 44 | broadcom | 3 | · | · | · | ×3.0 | release automation (3) | — | |
| 45 | canonical ltd. | 3 | · | · | · | ×3.0PoC 1 | ubuntu (3) | — | |
| 46 | cisco systems inc. | 3 | · | · | · | PoC 1 | nexus 1000v (2) · микропрограммное обеспечение системы коммуникаций cisco unified communications manager (1) | — | |
| 47 | freebsd | 3 | · | · | · | ×3.0 | freebsd (3) | — | |
| 48 | fujitsu | 3 | · | · | · | ×3.0 | arrows tab lte f-01d (2) · regza phone t-01d (2) · arrows x lte f-05d (1) | — | |
| 49 | jasper project | 3 | · | · | · | NEWPoC 3 | jasper (3) | — | |
| 50 | k7computing | 3 | · | · | · | NEWPoC 3 | k7av sentry device driver (2) · k7firewall packet driver (1) | — |