month report

March 2015

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

March 2015 closed with 457 published CVEs. 59 criticals, microsoft led volume, mostly via windows server 2012. Biggest breakout: php group at ×12.0 their 12-month median. Top weakness class — CWE-79 (63 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

457

— MoM— YoY

Severity mix

59 / 115

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

4.6%

21 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

4017.8

n=21

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

—

n=0

Weakness × Vendor

What's spreading where in March 2015

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

79XSS 399CWE-399 20Improper Input Validation 200Information Exposure 264CWE-264 119Memory Buffer Bounds 89SQL Injection 352CSRF 17CWE-17 19CWE-19 microsoft 6 11 6 4 2 2 cisco 2 5 20 2 3 1 debian 1 1 8 3 2 3 2 ibm 13 2 1 6 4 2 canonical 1 2 2 1 2 2 1 apple 16 1 1 1 1 1 1 google 2 3 4 2 2 opensuse 1 2 4 1 2 1 2 redhat 2 1 1 2 1 1 1 fedoraproject 1 2 3 6 2 1 websense 7 1 4 2 hp 1 1

Breakout vendors

CVE count ≥3× their own 12-period median.

12.0×php group12 CVE
8.7×openssl13 CVE
7.0×mybb7 CVE
7.0×openssl software foundation7 CVE
6.0×schneider-electric6 CVE
4.0×aveva4 CVE
4.0×adobe systems inc.8 CVE
3.3×php13 CVE
3.0×apple inc.3 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#11websense20 CVE
#26openssl software foundation7 CVE
#32aveva4 CVE
#36tcpdump4 CVE
#37webgateinc4 CVE
#38wpml4 CVE
#39ajsquare3 CVE
#43gaia-gis3 CVE
#44mageia3 CVE
#46scadaengine3 CVE

Top vendors

Ranked by distinct CVE count this period.

1microsoft—
43 CVE20 critCVSS 6.6
PoC 2
windows server 2012 (21) · windows 8 (20) · windows 7 (20)
2cisco—
41 CVE2 critCVSS 6.9
ios (15) · ios xe (13) · anyconnect secure mobility client (4)
3debian—
33 CVE2 critCVSS 5.7
PoC 5
debian linux (32) · cifs-utils (1)
4ibm—
33 CVE2 critCVSS 4.6
rational quality manager (6) · business process manager (4) · rational team concert (4)
5canonical—
32 CVE1 critCVSS 6.3
PoC 7
ubuntu linux (32)
6apple—
30 CVE2 critCVSS 6.6
PoC 1
iphone os (22) · tvos (18) · safari (17)
7google—
24 CVECVSS 6.7
chrome (24) · v8 (1)
8opensuse—
24 CVECVSS 5.6
PoC 3
opensuse (24)
9redhat—
22 CVECVSS 6.6
PoC 3
enterprise linux server supplementary eus (11) · enterprise linux desktop supplementary (11) · enterprise linux workstation supplementary (11)
10fedoraproject—
21 CVE1 critCVSS 5.4
PoC 3
fedora (21) · 389 directory server (2)
11websense—
20 CVE2 critCVSS 5.2
NEWPoC 6
v-series appliances (11) · triton ap email (9) · triton ap web (6)
12hp—
17 CVE12 critCVSS 8.1
ole point of sale driver (10) · integrated lights-out 2 firmware (2) · integrated lights-out 4 firmware (2)
13linux—
14 CVE1 critCVSS 5.2
PoC 3
linux kernel (14)
14cisco systems inc.—
13 CVE2 critCVSS 8.0
cisco ios (11) · cisco intrusion prevention system (1) · telepresence conductor (1)
15openssl—
13 CVECVSS 5.0
×8.7
openssl (13)
16php—
13 CVECVSS 6.5
×3.3PoC 2
php (13)
17php group—
12 CVECVSS 6.4
×12.0PoC 1
php (12)
18adobe—
11 CVE9 critCVSS 9.0
PoC 1
flash player (11)
19oracle—
11 CVECVSS 5.2
PoC 3
solaris (7) · linux (6) · secure backup (1)
20red hat inc.—
9 CVE1 critCVSS 6.2
red hat enterprise linux (9)
21adobe systems inc.—
8 CVE8 critCVSS 10.0
×4.0
flash player (8)
22siemens—
8 CVECVSS 6.3
PoC 1
spcanywhere (5) · spc4000 firmware (1) · simatic cfc (1)
23canonical ltd.—
7 CVECVSS 5.0
PoC 1
ubuntu (7)
24emc—
7 CVECVSS 5.5
PoC 7
rsa certificate manager (3) · rsa registration manager (3) · secure remote services (2)
25mybb—
7 CVE1 critCVSS 5.9
×7.0
mybb (7)
26openssl software foundation—
7 CVECVSS 4.8
NEW×7.0
openssl (7)
27pypi—
7 CVECVSS 6.1
PoC 2
django (3) · dulwich (2) · mercurial (1)
28schneider-electric—
6 CVECVSS 4.5
×6.0
wonderware intouch 2014 (4) · pelco ds-nv (1) · device type manager (1)
29wireshark—
6 CVECVSS 5.0
wireshark (6)
30apache—
5 CVECVSS 5.8
PoC 3
batik (1) · http server (1) · mod-gnutls (1)
31xen—
5 CVECVSS 3.6
xen (5)
32aveva—
4 CVECVSS 3.1
NEW×4.0
aveva edge (4)
33maven—
4 CVECVSS 6.1
PoC 3
org.opencms:opencms-core (1) · org.apache.taglibs:taglibs-standard (1) · org.apache.taglibs:taglibs-standard-impl (1)
34mcafee—
4 CVECVSS 5.2
data loss prevention endpoint (4)
35suse—
4 CVECVSS 5.2
PoC 1
linux enterprise server (2) · linux enterprise software development kit (1) · linux enterprise workstation extension (1)
36tcpdump—
4 CVECVSS 6.3
NEWPoC 4
tcpdump (4)
37webgateinc—
4 CVECVSS 7.0
NEWPoC 1
edvr manager (2) · webeyeaudio (1) · winrds (1)
38wpml—
4 CVECVSS 6.4
NEWNuclei 4PoC 4
wpml (4)
39ajsquare—
3 CVECVSS 4.5
NEWPoC 3
zeuscart (3)
40apple inc.—
3 CVE1 critCVSS 7.4
×3.0
os x (2) · ios (1)
41bestpractical—
3 CVECVSS 6.2
request tracker (3)
42djangoproject—
3 CVECVSS 4.5
PoC 1
django (3)
43gaia-gis—
3 CVECVSS 6.0
NEW
freexl (3)
44mageia—
3 CVECVSS 5.0
NEW
mageia (3)
45novell inc.—
3 CVECVSS 6.7
opensuse leap (3)
46scadaengine—
3 CVE2 critCVSS 8.5
NEW
bacnet opc server (3)
47webshophun—
3 CVECVSS 6.4
NEWPoC 3
webshop hun (3)
48x—
3 CVECVSS 8.5
libxfont (3)
49сообщество свободного программного обеспечения—
3 CVECVSS 6.9
debian gnu/linux (3) · libzip (1)
50asus—
2 CVECVSS 5.5
PoC 2
rt-g32 firmware (2)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	microsoft	43	20	·	·	PoC 2	windows server 2012 (21) · windows 8 (20) · windows 7 (20)	—
2	cisco	41	2	·	·		ios (15) · ios xe (13) · anyconnect secure mobility client (4)	—
3	debian	33	2	·	·	PoC 5	debian linux (32) · cifs-utils (1)	—
4	ibm	33	2	·	·		rational quality manager (6) · business process manager (4) · rational team concert (4)	—
5	canonical	32	1	·	·	PoC 7	ubuntu linux (32)	—
6	apple	30	2	·	·	PoC 1	iphone os (22) · tvos (18) · safari (17)	—
7	google	24	·	·	·		chrome (24) · v8 (1)	—
8	opensuse	24	·	·	·	PoC 3	opensuse (24)	—
9	redhat	22	·	·	·	PoC 3	enterprise linux server supplementary eus (11) · enterprise linux desktop supplementary (11) · enterprise linux workstation supplementary (11)	—
10	fedoraproject	21	1	·	·	PoC 3	fedora (21) · 389 directory server (2)	—
11	websense	20	2	·	·	NEWPoC 6	v-series appliances (11) · triton ap email (9) · triton ap web (6)	—
12	hp	17	12	·	·		ole point of sale driver (10) · integrated lights-out 2 firmware (2) · integrated lights-out 4 firmware (2)	—
13	linux	14	1	·	·	PoC 3	linux kernel (14)	—
14	cisco systems inc.	13	2	·	·		cisco ios (11) · cisco intrusion prevention system (1) · telepresence conductor (1)	—
15	openssl	13	·	·	·	×8.7	openssl (13)	—
16	php	13	·	·	·	×3.3PoC 2	php (13)	—
17	php group	12	·	·	·	×12.0PoC 1	php (12)	—
18	adobe	11	9	·	·	PoC 1	flash player (11)	—
19	oracle	11	·	·	·	PoC 3	solaris (7) · linux (6) · secure backup (1)	—
20	red hat inc.	9	1	·	·		red hat enterprise linux (9)	—
21	adobe systems inc.	8	8	·	·	×4.0	flash player (8)	—
22	siemens	8	·	·	·	PoC 1	spcanywhere (5) · spc4000 firmware (1) · simatic cfc (1)	—
23	canonical ltd.	7	·	·	·	PoC 1	ubuntu (7)	—
24	emc	7	·	·	·	PoC 7	rsa certificate manager (3) · rsa registration manager (3) · secure remote services (2)	—
25	mybb	7	1	·	·	×7.0	mybb (7)	—
26	openssl software foundation	7	·	·	·	NEW×7.0	openssl (7)	—
27	pypi	7	·	·	·	PoC 2	django (3) · dulwich (2) · mercurial (1)	—
28	schneider-electric	6	·	·	·	×6.0	wonderware intouch 2014 (4) · pelco ds-nv (1) · device type manager (1)	—
29	wireshark	6	·	·	·		wireshark (6)	—
30	apache	5	·	·	·	PoC 3	batik (1) · http server (1) · mod-gnutls (1)	—
31	xen	5	·	·	·		xen (5)	—
32	aveva	4	·	·	·	NEW×4.0	aveva edge (4)	—
33	maven	4	·	·	·	PoC 3	org.opencms:opencms-core (1) · org.apache.taglibs:taglibs-standard (1) · org.apache.taglibs:taglibs-standard-impl (1)	—
34	mcafee	4	·	·	·		data loss prevention endpoint (4)	—
35	suse	4	·	·	·	PoC 1	linux enterprise server (2) · linux enterprise software development kit (1) · linux enterprise workstation extension (1)	—
36	tcpdump	4	·	·	·	NEWPoC 4	tcpdump (4)	—
37	webgateinc	4	·	·	·	NEWPoC 1	edvr manager (2) · webeyeaudio (1) · winrds (1)	—
38	wpml	4	·	·	4	NEWNuclei 4PoC 4	wpml (4)	—
39	ajsquare	3	·	·	·	NEWPoC 3	zeuscart (3)	—
40	apple inc.	3	1	·	·	×3.0	os x (2) · ios (1)	—
41	bestpractical	3	·	·	·		request tracker (3)	—
42	djangoproject	3	·	·	·	PoC 1	django (3)	—
43	gaia-gis	3	·	·	·	NEW	freexl (3)	—
44	mageia	3	·	·	·	NEW	mageia (3)	—
45	novell inc.	3	·	·	·		opensuse leap (3)	—
46	scadaengine	3	2	·	·	NEW	bacnet opc server (3)	—
47	webshophun	3	·	·	·	NEWPoC 3	webshop hun (3)	—
48	x	3	·	·	·		libxfont (3)	—
49	сообщество свободного программного обеспечения	3	·	·	·		debian gnu/linux (3) · libzip (1)	—
50	asus	2	·	·	·	PoC 2	rt-g32 firmware (2)	—