month report

January 2016

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

January 2016 closed with 670 published CVEs. 64 criticals, oracle led volume, mostly via solaris. Biggest breakout: oracle corp. at ×21.0 their 12-month median. Top weakness class — CWE-119 (68 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

670

— MoM— YoY

Severity mix

64 / 163

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

0.9%

6 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

3710.0

n=6

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

2262

n=2

Detection gap

KEV pressure, no Nuclei coverage

January 2016 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1microsoft25 CVE
KEV 1microsoft corp24 CVE

Weakness × Vendor

What's spreading where in January 2016

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

119Memory Buffer Bounds 20Improper Input Validation 79XSS 200Information Exposure 264CWE-264 399CWE-399 254CWE-254 22Path Traversal 17CWE-17 352CSRF oracle 5 1 1 ibm 2 3 16 18 9 2 2 2 4 4 oracle corp.2 1 opensuse 6 2 1 5 1 2 wireshark 4 33 canonical 2 2 1 google 2 1 6 8 1 2 2 debian 2 1 1 1 microsoft 6 1 6 2 3 1 google inc 2 1 6 8 1 2 microsoft corp 6 1 6 2 3 1 redhat 1 1 1

Breakout vendors

CVE count ≥3× their own 12-period median.

21.0×oracle corp.63 CVE
20.7×oracle228 CVE
14.0×huawei14 CVE
11.0×advantech co., ltd11 CVE
10.7×advantech16 CVE
8.3×wireshark33 CVE
6.0×openstack6 CVE
6.0×typo36 CVE
5.0×f55 CVE
4.0×hp inc.8 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#30kddi6 CVE
#44matroska4 CVE
#47cgit project3 CVE
#48f5 networks, inc.3 CVE
#53roundcube3 CVE
#57avm2 CVE
#65harman2 CVE
#66harman international2 CVE
#68internet systems consortium2 CVE
#69libtiff2 CVE

Top vendors

Ranked by distinct CVE count this period.

1oracle↑25
228 CVE12 critCVSS 5.2
×20.7PoC 12
solaris (30) · e-business suite (24) · mysql (22)
2ibm↑20
76 CVE2 critCVSS 5.4
×3.1KEV 1Nuclei 1PoC 2
jazz reporting service (7) · maximo for utilities (6) · maximo for oil and gas (6)
3oracle corp.↑36
63 CVE8 critCVSS 5.4
×21.0PoC 4
mysql (22) · solaris (18) · database (7)
4opensuse↑7
43 CVE4 critCVSS 5.7
PoC 2
leap (43) · opensuse (38)
5wireshark—
33 CVECVSS 5.5
×8.3
wireshark (33)
6canonical↑6
32 CVE3 critCVSS 5.5
PoC 2
ubuntu linux (32)
7google·
27 CVE3 critCVSS 6.6
PoC 2
android (16) · chrome (11)
8debian↑8
25 CVE1 critCVSS 5.6
PoC 1
debian linux (24) · fuse (1)
9microsoft↓3
25 CVE1 critCVSS 7.1
KEV 1PoC 4
windows 7 (9) · windows 10 (8) · windows server 2008 (8)
10google inc·
24 CVE3 critCVSS 6.8
PoC 2
android (13) · google chrome (11)
11microsoft corp↓6
24 CVE1 critCVSS 7.0
KEV 1PoC 4
windows 7 service pack 1 (9) · windows server 2008 r2 service pack 1 (8) · windows vista service pack 2 (8)
12redhat↑3
24 CVE4 critCVSS 5.1
PoC 1
enterprise linux (18) · enterprise linux workstation (13) · enterprise linux desktop (12)
13cisco↓5
23 CVE5 critCVSS 7.3
PoC 1
adaptive security appliance software (2) · aironet access point software (2) · firesight system software (2)
14mozilla↓1
22 CVE4 critCVSS 6.6
PoC 3
firefox (17) · firefox os (3) · bugzilla (2)
15apple↓12
18 CVE1 critCVSS 6.7
PoC 2
mac os x (9) · quicktime (9) · iphone os (3)
16adobe↓15
17 CVE6 critCVSS 9.1
acrobat dc (17) · acrobat (17) · acrobat reader (17)
17adobe systems inc.↓15
17 CVE6 critCVSS 9.1
adobe reader (17) · adobe acrobat (17) · adobe acrobat document cloud (17)
18advantech—
16 CVE5 critCVSS 8.2
×10.7PoC 1
webaccess (15) · eki-1321 series firmware (1) · eki-1322 series firmware (1)
19fedoraproject↓10
15 CVE3 critCVSS 7.1
PoC 1
fedora (15)
20huawei↑95
14 CVECVSS 6.5
×14.0
vcn500 (3) · p8 firmware (3) · gem-703l firmware (2)
21mariadb—
14 CVECVSS 4.5
PoC 1
mariadb (14)
22hp↓1
13 CVE1 critCVSS 7.2
PoC 2
storeonce backup system software (3) · network switch software (2) · arcsight logger (2)
23advantech co., ltd—
11 CVE5 critCVSS 8.5
×11.0PoC 1
advantech webaccess (10) · eki серии 1321 (1) · eki серии 1322 (1)
24php↓1
11 CVE3 critCVSS 8.1
PoC 3
php (11)
25php group↑63
10 CVE2 critCVSS 7.9
PoC 3
php (10)
26hp inc.—
8 CVECVSS 7.5
×4.0PoC 2
storeonce backup (3) · hpe insight control (2) · hpe matrix operating environment (2)
27cisco systems inc.↑50
7 CVE5 critCVSS 9.1
PoC 1
cisco d9036 modular encoding platform (1) · cisco firepower extensible operating system (1) · cisco identity services engine (1)
28packagist↑17
7 CVECVSS 6.1
×3.5PoC 2
typo3/cms (4) · cakephp/cakephp (1) · dolibarr/dolibarr (1)
29juniper↑52
6 CVECVSS 6.0
×4.0
junos (5) · screenos (1)
30kddi—
6 CVECVSS 6.0
NEW
home spot cube firmware (6)
31openstack—
6 CVECVSS 6.2
×6.0
swift (2) · nova (2) · orchestration api (1)
32typo3—
6 CVECVSS 5.6
×6.0
typo3 (6)
33apple inc.↓29
5 CVECVSS 7.3
PoC 2
os x (5)
34f5↑77
5 CVE2 critCVSS 7.3
×5.0
big-ip access policy manager (5) · big-ip advanced firewall manager (4) · big-ip analytics (4)
35mozilla corp.↓21
5 CVE4 critCVSS 9.5
firefox (4) · firefox esr (2) · thunderbird (1)
36pypi↑97
5 CVE1 critCVSS 7.0
PoC 1
swift (2) · pygments (1) · nova (1)
37sap↑101
5 CVE3 critCVSS 8.4
PoC 1
sap hana (2) · hana (2) · netweaver (2)
38сообщество свободного программного обеспечения↓20
5 CVE1 critCVSS 8.1
PoC 3
debian gnu/linux (4) · nghttp2 (1)
39apache↑2
4 CVE1 critCVSS 8.8
PoC 1
hadoop (1) · activemq (1) · hive (1)
40canonical ltd.↓23
4 CVECVSS 7.6
PoC 3
ubuntu (4)
41fedora project↑37
4 CVECVSS 7.9
PoC 2
fedora (4)
42ibm corp.↓18
4 CVE2 critCVSS 8.6
KEV 1Nuclei 1PoC 1
ibm spectrum protect snapshot (1) · ibm spectrum protect for virtual environments (1) · installation manager (1)
43lenovo—
4 CVECVSS 6.8
PoC 4
shareit (4)
44matroska—
4 CVE1 critCVSS 5.9
NEW
libebml (3) · libmatroska (1)
45mcafee↑39
4 CVE1 critCVSS 7.9
file lock (2) · application control (1) · epolicy orchestrator (1)
46owncloud—
4 CVECVSS 5.5
PoC 1
owncloud (4) · owncloud server (4)
47cgit project—
3 CVE1 critCVSS 5.7
NEW
cgit (3)
48f5 networks, inc.—
3 CVE2 critCVSS 7.1
NEW×3.0
big-ip access policy manager (3) · big-ip advanced firewall manager (2) · big-ip analytics (2)
49isc↑5
3 CVECVSS 6.7
bind (2) · dhcp (1)
50openbsd—
3 CVECVSS 6.6
PoC 2
openssh (3)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	228	12	·	·	×20.7PoC 12	solaris (30) · e-business suite (24) · mysql (22)	↑25
2	ibm	76	2	1	1	×3.1KEV 1Nuclei 1PoC 2	jazz reporting service (7) · maximo for utilities (6) · maximo for oil and gas (6)	↑20
3	oracle corp.	63	8	·	·	×21.0PoC 4	mysql (22) · solaris (18) · database (7)	↑36
4	opensuse	43	4	·	·	PoC 2	leap (43) · opensuse (38)	↑7
5	wireshark	33	·	·	·	×8.3	wireshark (33)	—
6	canonical	32	3	·	·	PoC 2	ubuntu linux (32)	↑6
7	google	27	3	·	·	PoC 2	android (16) · chrome (11)	·
8	debian	25	1	·	·	PoC 1	debian linux (24) · fuse (1)	↑8
9	microsoft	25	1	1	·	KEV 1PoC 4	windows 7 (9) · windows 10 (8) · windows server 2008 (8)	↓3
10	google inc	24	3	·	·	PoC 2	android (13) · google chrome (11)	·
11	microsoft corp	24	1	1	·	KEV 1PoC 4	windows 7 service pack 1 (9) · windows server 2008 r2 service pack 1 (8) · windows vista service pack 2 (8)	↓6
12	redhat	24	4	·	·	PoC 1	enterprise linux (18) · enterprise linux workstation (13) · enterprise linux desktop (12)	↑3
13	cisco	23	5	·	·	PoC 1	adaptive security appliance software (2) · aironet access point software (2) · firesight system software (2)	↓5
14	mozilla	22	4	·	·	PoC 3	firefox (17) · firefox os (3) · bugzilla (2)	↓1
15	apple	18	1	·	·	PoC 2	mac os x (9) · quicktime (9) · iphone os (3)	↓12
16	adobe	17	6	·	·		acrobat dc (17) · acrobat (17) · acrobat reader (17)	↓15
17	adobe systems inc.	17	6	·	·		adobe reader (17) · adobe acrobat (17) · adobe acrobat document cloud (17)	↓15
18	advantech	16	5	·	·	×10.7PoC 1	webaccess (15) · eki-1321 series firmware (1) · eki-1322 series firmware (1)	—
19	fedoraproject	15	3	·	·	PoC 1	fedora (15)	↓10
20	huawei	14	·	·	·	×14.0	vcn500 (3) · p8 firmware (3) · gem-703l firmware (2)	↑95
21	mariadb	14	·	·	·	PoC 1	mariadb (14)	—
22	hp	13	1	·	·	PoC 2	storeonce backup system software (3) · network switch software (2) · arcsight logger (2)	↓1
23	advantech co., ltd	11	5	·	·	×11.0PoC 1	advantech webaccess (10) · eki серии 1321 (1) · eki серии 1322 (1)	—
24	php	11	3	·	·	PoC 3	php (11)	↓1
25	php group	10	2	·	·	PoC 3	php (10)	↑63
26	hp inc.	8	·	·	·	×4.0PoC 2	storeonce backup (3) · hpe insight control (2) · hpe matrix operating environment (2)	—
27	cisco systems inc.	7	5	·	·	PoC 1	cisco d9036 modular encoding platform (1) · cisco firepower extensible operating system (1) · cisco identity services engine (1)	↑50
28	packagist	7	·	·	·	×3.5PoC 2	typo3/cms (4) · cakephp/cakephp (1) · dolibarr/dolibarr (1)	↑17
29	juniper	6	·	·	·	×4.0	junos (5) · screenos (1)	↑52
30	kddi	6	·	·	·	NEW	home spot cube firmware (6)	—
31	openstack	6	·	·	·	×6.0	swift (2) · nova (2) · orchestration api (1)	—
32	typo3	6	·	·	·	×6.0	typo3 (6)	—
33	apple inc.	5	·	·	·	PoC 2	os x (5)	↓29
34	f5	5	2	·	·	×5.0	big-ip access policy manager (5) · big-ip advanced firewall manager (4) · big-ip analytics (4)	↑77
35	mozilla corp.	5	4	·	·		firefox (4) · firefox esr (2) · thunderbird (1)	↓21
36	pypi	5	1	·	·	PoC 1	swift (2) · pygments (1) · nova (1)	↑97
37	sap	5	3	·	·	PoC 1	sap hana (2) · hana (2) · netweaver (2)	↑101
38	сообщество свободного программного обеспечения	5	1	·	·	PoC 3	debian gnu/linux (4) · nghttp2 (1)	↓20
39	apache	4	1	·	·	PoC 1	hadoop (1) · activemq (1) · hive (1)	↑2
40	canonical ltd.	4	·	·	·	PoC 3	ubuntu (4)	↓23
41	fedora project	4	·	·	·	PoC 2	fedora (4)	↑37
42	ibm corp.	4	2	1	1	KEV 1Nuclei 1PoC 1	ibm spectrum protect snapshot (1) · ibm spectrum protect for virtual environments (1) · installation manager (1)	↓18
43	lenovo	4	·	·	·	PoC 4	shareit (4)	—
44	matroska	4	1	·	·	NEW	libebml (3) · libmatroska (1)	—
45	mcafee	4	1	·	·		file lock (2) · application control (1) · epolicy orchestrator (1)	↑39
46	owncloud	4	·	·	·	PoC 1	owncloud (4) · owncloud server (4)	—
47	cgit project	3	1	·	·	NEW	cgit (3)	—
48	f5 networks, inc.	3	2	·	·	NEW×3.0	big-ip access policy manager (3) · big-ip advanced firewall manager (2) · big-ip analytics (2)	—
49	isc	3	·	·	·		bind (2) · dhcp (1)	↑5
50	openbsd	3	·	·	·	PoC 2	openssh (3)	—