month report

October 2015

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

October 2015 closed with 739 published CVEs. 147 criticals, oracle led volume, mostly via solaris. Biggest breakout: oracle corp. at ×46.0 their 12-month median. Top weakness class — CWE-119 (142 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

739

— MoM— YoY

Severity mix

147 / 104

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.8%

6 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

3793.0

n=6

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

2328

n=2

Detection gap

KEV pressure, no Nuclei coverage

October 2015 · vendors with active exploitation listed by CISA but no public detection template.

KEV 2redhat35 CVE
KEV 2opensuse20 CVE
KEV 2suse4 CVE
KEV 1oracle130 CVE
KEV 1oracle corp.115 CVE
KEV 1adobe82 CVE
KEV 1adobe systems inc.82 CVE

Weakness × Vendor

What's spreading where in October 2015

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

119Memory Buffer Bounds 264CWE-264 200Information Exposure 79XSS 20Improper Input Validation 399CWE-399 89SQL Injection 189CWE-189 254CWE-254 284CWE-284 oracle 2 1 apple 61 8 15 1 6 2 5 2 oracle corp.1 adobe 15 5 adobe systems inc.15 5 google inc 25 14 1 5 17 1 4 google 25 13 1 5 17 1 4 apple inc.15 5 14 1 4 1 4 1 ibm 2 5 8 13 2 1 2 cisco 1 9 3 4 3 12 4 redhat 1 3 2 5 1 1 microsoft 7 5 6 3 1

Breakout vendors

CVE count ≥3× their own 12-period median.

46.0×oracle corp.115 CVE
18.5×google inc74 CVE
13.0×oracle130 CVE
11.0×apple inc.55 CVE
10.0×juniper10 CVE
6.1×google73 CVE
5.0×joomla5 CVE
5.0×juniper networks inc.5 CVE
5.0×rockwellautomation5 CVE
4.1×adobe systems inc.82 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

Top vendors

Ranked by distinct CVE count this period.

1oracle—
130 CVE16 critCVSS 5.2
×13.0KEV 1PoC 9
solaris (27) · mysql (27) · jdk (25)
2apple—
115 CVE8 critCVSS 6.5
×3.4PoC 2
mac os x (87) · iphone os (51) · watchos (17)
3oracle corp.—
115 CVE16 critCVSS 5.1
×46.0KEV 1PoC 9
mysql (27) · java platform (23) · fusion middleware (15)
4adobe—
82 CVE29 critCVSS 7.5
×3.6KEV 1PoC 4
acrobat reader (57) · acrobat reader dc (57) · acrobat dc (57)
5adobe systems inc.—
82 CVE29 critCVSS 7.1
×4.1KEV 1PoC 4
adobe acrobat (57) · adobe acrobat document cloud (57) · adobe reader (57)
6google inc—
74 CVE48 critCVSS 8.6
×18.5PoC 4
android (62) · google chrome (12)
7google—
73 CVE48 critCVSS 8.6
×6.1PoC 4
android (61) · chrome (12) · v8 (1)
8apple inc.—
55 CVE7 critCVSS 6.0
×11.0PoC 1
os x (35) · ios (15) · macos (6)
9ibm—
44 CVE4 critCVSS 4.5
websphere extreme scale (7) · openpages grc platform (6) · maximo for oil and gas (5)
10cisco—
36 CVE1 critCVSS 5.7
secure access control server (5) · adaptive security appliance software (4) · asr 5000 software (3)
11redhat—
35 CVECVSS 4.5
KEV 2PoC 3
enterprise linux server (20) · enterprise linux workstation (20) · enterprise linux desktop (20)
12microsoft—
31 CVE14 critCVSS 7.3
PoC 4
internet explorer (11) · windows vista (7) · windows 7 (7)
13canonical—
25 CVECVSS 4.7
PoC 3
ubuntu linux (25)
14microsoft corp—
25 CVE9 critCVSS 7.5
PoC 3
internet explorer (10) · windows 8.1 (6) · windows 10 (6)
15debian—
22 CVECVSS 4.5
PoC 1
debian linux (22)
16fedoraproject—
21 CVECVSS 4.4
PoC 1
fedora (19) · sssd (1) · 389 directory server (1)
17opensuse—
20 CVECVSS 4.3
KEV 2PoC 2
opensuse (19) · leap (13) · evergreen (1)
18mariadb—
17 CVECVSS 3.9
×3.8PoC 1
mariadb (17)
19owncloud—
12 CVE4 critCVSS 6.7
owncloud (10) · owncloud server (8) · owncloud desktop client (2)
20sap—
11 CVE1 critCVSS 7.1
PoC 5
sap hana (7) · hana (7) · 3d visual enterprise viewer (3)
21juniper—
10 CVECVSS 6.2
×10.0PoC 2
junos (7) · pulse connect secure (2) · screenos (1)
22revive-adserver—
10 CVECVSS 5.6
×3.3PoC 10
revive adserver (10)
23cisco systems inc.—
9 CVECVSS 5.5
cisco secure access control system (5) · telepresence video communication server (2) · anyconnect secure mobility client (1)
24linux—
9 CVECVSS 5.2
linux kernel (9)
25xen—
8 CVECVSS 4.0
xen (8)
26ао «лаборатория касперского»—
8 CVE7 critCVSS 9.3
NEWPoC 7
kaspersky anti-virus (8)
27infinite automation systems—
7 CVECVSS 5.6
NEWPoC 1
mango automation (7)
28janitza—
7 CVE1 critCVSS 6.6
NEW
umg 508 (7) · umg 509 (7) · umg 511 (7)
29janitza electronics gmbh—
7 CVE1 critCVSS 6.6
NEW
janitza umg 509 (7) · janitza umg 508 (7) · janitza umg 511 (7)
30jenkins—
7 CVECVSS 4.9
jenkins (7)
31maven—
7 CVECVSS 5.0
org.jenkins-ci.main:jenkins-core (6) · org.apache.httpcomponents:httpclient (1)
32pypi—
7 CVECVSS 5.4
PoC 1
glance (2) · nova (2) · neutron (1)
33openstack—
6 CVECVSS 5.4
nova (2) · image registry and delivery service \(glance\) (2) · swift (1)
34emc—
5 CVECVSS 6.5
PoC 5
sourceone email supervisor (4) · rsa certificate manager (1) · rsa onestep (1)
35joomla—
5 CVECVSS 6.5
NEW×5.0Nuclei 1PoC 3
joomla\! (5)
36juniper networks inc.—
5 CVECVSS 6.5
×5.0
junos (4) · screenos (1)
37medicomp—
5 CVECVSS 6.9
NEW
medcin engine (5)
38rockwellautomation—
5 CVE1 critCVSS 6.4
NEW×5.0
micrologix 1100 firmware (5) · micrologix 1400 firmware (5)
39rockwell automation inc.—
5 CVE1 critCVSS 6.4
NEW
micrologix 1400 (5) · micrologix 1100 (5)
40accelerite—
4 CVE2 critCVSS 7.5
NEW
radia client automation (4)
41ibm corp.—
4 CVECVSS 5.4
ibm spectrum scale (2) · general parallel file system (2) · ibm webshpere portal (1)
42icz—
4 CVECVSS 6.7
NEW
matchasns (4)
43ininet solutions—
4 CVE1 critCVSS 5.9
NEW
scada web server (4)
44persistent systems ltd.—
4 CVE2 critCVSS 7.5
NEW
radia client automation (4)
45polkit project—
4 CVECVSS 4.0
NEW
polkit (4)
46red hat inc.—
4 CVECVSS 5.3
PoC 1
jboss enterprise application platform (3) · wildfly (3) · red hat enterprise linux (1)
47suse—
4 CVECVSS 5.3
KEV 2PoC 1
linux enterprise software development kit (2) · linux enterprise desktop (2) · linux enterprise server (2)
48techno project japan—
4 CVECVSS 5.8
NEW
enisys gw (4)
49canonical ltd.—
3 CVECVSS 6.2
PoC 1
ubuntu (3)
50cybozu—
3 CVECVSS 8.0
×3.0
garoon (3)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	130	16	1	·	×13.0KEV 1PoC 9	solaris (27) · mysql (27) · jdk (25)	—
2	apple	115	8	·	·	×3.4PoC 2	mac os x (87) · iphone os (51) · watchos (17)	—
3	oracle corp.	115	16	1	·	×46.0KEV 1PoC 9	mysql (27) · java platform (23) · fusion middleware (15)	—
4	adobe	82	29	1	·	×3.6KEV 1PoC 4	acrobat reader (57) · acrobat reader dc (57) · acrobat dc (57)	—
5	adobe systems inc.	82	29	1	·	×4.1KEV 1PoC 4	adobe acrobat (57) · adobe acrobat document cloud (57) · adobe reader (57)	—
6	google inc	74	48	·	·	×18.5PoC 4	android (62) · google chrome (12)	—
7	google	73	48	·	·	×6.1PoC 4	android (61) · chrome (12) · v8 (1)	—
8	apple inc.	55	7	·	·	×11.0PoC 1	os x (35) · ios (15) · macos (6)	—
9	ibm	44	4	·	·		websphere extreme scale (7) · openpages grc platform (6) · maximo for oil and gas (5)	—
10	cisco	36	1	·	·		secure access control server (5) · adaptive security appliance software (4) · asr 5000 software (3)	—
11	redhat	35	·	2	·	KEV 2PoC 3	enterprise linux server (20) · enterprise linux workstation (20) · enterprise linux desktop (20)	—
12	microsoft	31	14	·	·	PoC 4	internet explorer (11) · windows vista (7) · windows 7 (7)	—
13	canonical	25	·	·	·	PoC 3	ubuntu linux (25)	—
14	microsoft corp	25	9	·	·	PoC 3	internet explorer (10) · windows 8.1 (6) · windows 10 (6)	—
15	debian	22	·	·	·	PoC 1	debian linux (22)	—
16	fedoraproject	21	·	·	·	PoC 1	fedora (19) · sssd (1) · 389 directory server (1)	—
17	opensuse	20	·	2	·	KEV 2PoC 2	opensuse (19) · leap (13) · evergreen (1)	—
18	mariadb	17	·	·	·	×3.8PoC 1	mariadb (17)	—
19	owncloud	12	4	·	·		owncloud (10) · owncloud server (8) · owncloud desktop client (2)	—
20	sap	11	1	·	·	PoC 5	sap hana (7) · hana (7) · 3d visual enterprise viewer (3)	—
21	juniper	10	·	·	·	×10.0PoC 2	junos (7) · pulse connect secure (2) · screenos (1)	—
22	revive-adserver	10	·	·	·	×3.3PoC 10	revive adserver (10)	—
23	cisco systems inc.	9	·	·	·		cisco secure access control system (5) · telepresence video communication server (2) · anyconnect secure mobility client (1)	—
24	linux	9	·	·	·		linux kernel (9)	—
25	xen	8	·	·	·		xen (8)	—
26	ао «лаборатория касперского»	8	7	·	·	NEWPoC 7	kaspersky anti-virus (8)	—
27	infinite automation systems	7	·	·	·	NEWPoC 1	mango automation (7)	—
28	janitza	7	1	·	·	NEW	umg 508 (7) · umg 509 (7) · umg 511 (7)	—
29	janitza electronics gmbh	7	1	·	·	NEW	janitza umg 509 (7) · janitza umg 508 (7) · janitza umg 511 (7)	—
30	jenkins	7	·	·	·		jenkins (7)	—
31	maven	7	·	·	·		org.jenkins-ci.main:jenkins-core (6) · org.apache.httpcomponents:httpclient (1)	—
32	pypi	7	·	·	·	PoC 1	glance (2) · nova (2) · neutron (1)	—
33	openstack	6	·	·	·		nova (2) · image registry and delivery service \(glance\) (2) · swift (1)	—
34	emc	5	·	·	·	PoC 5	sourceone email supervisor (4) · rsa certificate manager (1) · rsa onestep (1)	—
35	joomla	5	·	·	1	NEW×5.0Nuclei 1PoC 3	joomla\! (5)	—
36	juniper networks inc.	5	·	·	·	×5.0	junos (4) · screenos (1)	—
37	medicomp	5	·	·	·	NEW	medcin engine (5)	—
38	rockwellautomation	5	1	·	·	NEW×5.0	micrologix 1100 firmware (5) · micrologix 1400 firmware (5)	—
39	rockwell automation inc.	5	1	·	·	NEW	micrologix 1400 (5) · micrologix 1100 (5)	—
40	accelerite	4	2	·	·	NEW	radia client automation (4)	—
41	ibm corp.	4	·	·	·		ibm spectrum scale (2) · general parallel file system (2) · ibm webshpere portal (1)	—
42	icz	4	·	·	·	NEW	matchasns (4)	—
43	ininet solutions	4	1	·	·	NEW	scada web server (4)	—
44	persistent systems ltd.	4	2	·	·	NEW	radia client automation (4)	—
45	polkit project	4	·	·	·	NEW	polkit (4)	—
46	red hat inc.	4	·	·	·	PoC 1	jboss enterprise application platform (3) · wildfly (3) · red hat enterprise linux (1)	—
47	suse	4	·	2	·	KEV 2PoC 1	linux enterprise software development kit (2) · linux enterprise desktop (2) · linux enterprise server (2)	—
48	techno project japan	4	·	·	·	NEW	enisys gw (4)	—
49	canonical ltd.	3	·	·	·	PoC 1	ubuntu (3)	—
50	cybozu	3	·	·	·	×3.0	garoon (3)	—