month report
March 2016
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
March 2016 closed with 333 published CVEs. 33 criticals, apple led volume, mostly via mac os x. Biggest breakout: apple inc. at ×56.0 their 12-month median. Top weakness class — CWE-119 (97 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
333
— MoM— YoY
Severity mix
33 / 192
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
0.3%
1 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
3632.8
n=1
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
2262
n=3
Detection gap
KEV pressure, no Nuclei coverage
March 2016 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 1google44 CVE
- KEV 1google inc43 CVE
- KEV 1microsoft corp41 CVE
- KEV 1microsoft40 CVE
- KEV 1opensuse39 CVE
- KEV 1adobe37 CVE
- KEV 1adobe systems inc.36 CVE
- KEV 1samsung29 CVE
Weakness × Vendor
What's spreading where in March 2016
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
119Memory Buffer Bounds200Information Exposure264CWE-26420Improper Input Validation416Use After Free79XSS399CWE-399284CWE-284254CWE-254787Out-of-bounds Writeapple289361151apple inc.249361151google589216google inc589216mozilla222212mozilla corp.222212microsoft corp211810microsoft201810opensuse191112adobe101157adobe systems inc.91157oracle1612
Breakout vendors
CVE count ≥3× their own 12-period median.
- 56.0×apple inc.56 CVE
- 4.0×cisco systems inc.12 CVE
- 3.0×fedora project3 CVE
- 3.0×symantec3 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #17sil15 CVE
- #18sil international15 CVE
- #29zzinc6 CVE
- #31hp inc.4 CVE
- #33netgear4 CVE
- #37internet systems consortium3 CVE
- #42fuseiso project2 CVE
- #46moxa2 CVE
- #47nodejs2 CVE
- #49pcre2 CVE
Top vendors
Ranked by distinct CVE count this period.
- 61 CVE3 critCVSS 7.0PoC 9mac os x (39) · iphone os (29) · watchos (13)
- 56 CVE2 critCVSS 6.8×56.0PoC 9os x (36) · ios (28) · safari (12)
- 44 CVE10 critCVSS 8.0KEV 1PoC 1chrome (25) · android (19) · v8 (2)
- 43 CVE9 critCVSS 8.0KEV 1PoC 1google chrome (25) · android (18) · google v8 (2)
- 42 CVE1 critCVSS 8.1PoC 1firefox (42) · thunderbird (9) · network security services (3)
- 42 CVE1 critCVSS 8.2PoC 1firefox (42) · firefox esr (28) · thunderbird (10)
- 41 CVE1 critCVSS 7.9KEV 1PoC 7internet explorer (14) · windows server 2008 r2 service pack 1 (13) · windows rt 8.1 (13)
- 40 CVE1 critCVSS 7.8KEV 1PoC 7internet explorer (14) · windows server 2008 (14) · windows 10 (13)
- 39 CVE1 critCVSS 8.2KEV 1PoC 2opensuse (39) · leap (29) · suse linux enterprise server (1)
- 37 CVE3 critCVSS 8.8KEV 1PoC 7air sdk \& compiler (33) · flash player desktop runtime (33) · air sdk (33)
- 36 CVE2 critCVSS 8.9KEV 1PoC 6flash player (33) · adobe integrated runtime (32) · flash player esr (23)
- 30 CVE2 critCVSS 8.4PoC 2linux (27) · vm server (2) · iplanet web server (1)
- 29 CVE1 critCVSS 8.6KEV 1PoC 6x14j firmware (29)
- 23 CVE1 critCVSS 6.9ios xe (4) · prime infrastructure (2) · nx-os (2)
- 21 CVECVSS 8.3KEV 1PoC 2linux enterprise (18) · linux enterprise debuginfo (2) · linux enterprise desktop (2)
- 17 CVE1 critCVSS 7.9KEV 1PoC 2debian linux (17)
- 15 CVECVSS 8.8NEWgraphite2 (15)
- 15 CVECVSS 8.8NEWgraphite 2 (15)
- 13 CVE1 critCVSS 7.8KEV 1PoC 1ubuntu linux (13)
- 12 CVE1 critCVSS 7.2×4.0cisco ios (8) · nx-os (4) · telepresence video communication server (1)
- 12 CVE6 critCVSS 8.3system management homepage (4) · network automation (2) · z238 firmware (1)
- 12 CVE1 critCVSS 5.4maximo asset management (3) · maximo for nuclear power (2) · business process manager (2)
- 9 CVE3 critCVSS 7.5openssl (9)
- 9 CVE3 critCVSS 7.5openssl (9)
- 7 CVECVSS 4.9ibm maximo asset management (3) · ibm smartcloud control desk (2) · business process manager (2)
- 7 CVECVSS 6.8suse package hub for suse linux enterprise (6) · filr (1)
- 7 CVE1 critCVSS 7.4opensolaris (7)
- 7 CVE1 critCVSS 7.6gs1900-10hp firmware (7)
- 6 CVE1 critCVSS 7.6NEWkeymouse firmware (6)
- 4 CVECVSS 7.5PoC 1fedora (4)
- 4 CVE1 critCVSS 8.0NEWhp system management homepage (4)
- 4 CVECVSS 7.0bind (3) · dhcp (1)
- 4 CVECVSS 7.1NEWjr6150 firmware (4)
- 4 CVECVSS 5.9phpmyadmin (4)
- 4 CVECVSS 6.1PoC 1debian gnu/linux (2) · linux (2)
- 3 CVECVSS 7.0×3.0PoC 2fedora (3)
- 3 CVECVSS 7.4NEWbind (3)
- 3 CVECVSS 7.3arcsight enterprise security manager (2) · self service password reset (1)
- 3 CVECVSS 8.3KEV 1PoC 1enterprise linux server (3) · enterprise linux workstation (3) · enterprise linux desktop (3)
- 3 CVECVSS 8.5×3.0endpoint protection manager (3)
- 2 CVE2 critCVSS 9.1single sign-on (2)
- 2 CVECVSS 7.3NEWPoC 1fuseiso (2)
- 2 CVECVSS 7.7junos (2)
- 2 CVECVSS 6.7thinkcentre e75s firmware (2)
- 2 CVECVSS 4.8linux kernel (2)
- 2 CVECVSS 5.3NEWioadmin firmware (2) · iologik firmware (2)
- 2 CVECVSS 6.3NEWnode.js (2)
- 2 CVECVSS 6.1phpmyadmin/phpmyadmin (2)
- 2 CVE1 critCVSS 9.0NEWPoC 1pcre (2) · pcre2 (1)
- 2 CVE1 critCVSS 9.0php (2)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | apple | 61 | 3 | · | · | PoC 9 | mac os x (39) · iphone os (29) · watchos (13) | — | |
| 2 | apple inc. | 56 | 2 | · | · | ×56.0PoC 9 | os x (36) · ios (28) · safari (12) | — | |
| 3 | 44 | 10 | 1 | · | KEV 1PoC 1 | chrome (25) · android (19) · v8 (2) | — | ||
| 4 | google inc | 43 | 9 | 1 | · | KEV 1PoC 1 | google chrome (25) · android (18) · google v8 (2) | — | |
| 5 | mozilla | 42 | 1 | · | · | PoC 1 | firefox (42) · thunderbird (9) · network security services (3) | — | |
| 6 | mozilla corp. | 42 | 1 | · | · | PoC 1 | firefox (42) · firefox esr (28) · thunderbird (10) | — | |
| 7 | microsoft corp | 41 | 1 | 1 | · | KEV 1PoC 7 | internet explorer (14) · windows server 2008 r2 service pack 1 (13) · windows rt 8.1 (13) | — | |
| 8 | microsoft | 40 | 1 | 1 | · | KEV 1PoC 7 | internet explorer (14) · windows server 2008 (14) · windows 10 (13) | — | |
| 9 | opensuse | 39 | 1 | 1 | · | KEV 1PoC 2 | opensuse (39) · leap (29) · suse linux enterprise server (1) | — | |
| 10 | adobe | 37 | 3 | 1 | · | KEV 1PoC 7 | air sdk \& compiler (33) · flash player desktop runtime (33) · air sdk (33) | — | |
| 11 | adobe systems inc. | 36 | 2 | 1 | · | KEV 1PoC 6 | flash player (33) · adobe integrated runtime (32) · flash player esr (23) | — | |
| 12 | oracle | 30 | 2 | · | · | PoC 2 | linux (27) · vm server (2) · iplanet web server (1) | — | |
| 13 | samsung | 29 | 1 | 1 | · | KEV 1PoC 6 | x14j firmware (29) | — | |
| 14 | cisco | 23 | 1 | · | · | ios xe (4) · prime infrastructure (2) · nx-os (2) | — | ||
| 15 | suse | 21 | · | 1 | · | KEV 1PoC 2 | linux enterprise (18) · linux enterprise debuginfo (2) · linux enterprise desktop (2) | — | |
| 16 | debian | 17 | 1 | 1 | · | KEV 1PoC 2 | debian linux (17) | — | |
| 17 | sil | 15 | · | · | · | NEW | graphite2 (15) | — | |
| 18 | sil international | 15 | · | · | · | NEW | graphite 2 (15) | — | |
| 19 | canonical | 13 | 1 | 1 | · | KEV 1PoC 1 | ubuntu linux (13) | — | |
| 20 | cisco systems inc. | 12 | 1 | · | · | ×4.0 | cisco ios (8) · nx-os (4) · telepresence video communication server (1) | — | |
| 21 | hp | 12 | 6 | · | · | system management homepage (4) · network automation (2) · z238 firmware (1) | — | ||
| 22 | ibm | 12 | 1 | · | · | maximo asset management (3) · maximo for nuclear power (2) · business process manager (2) | — | ||
| 23 | openssl | 9 | 3 | · | · | openssl (9) | — | ||
| 24 | openssl software foundation | 9 | 3 | · | · | openssl (9) | — | ||
| 25 | ibm corp. | 7 | · | · | · | ibm maximo asset management (3) · ibm smartcloud control desk (2) · business process manager (2) | — | ||
| 26 | novell | 7 | · | · | · | suse package hub for suse linux enterprise (6) · filr (1) | — | ||
| 27 | sun | 7 | 1 | · | · | opensolaris (7) | — | ||
| 28 | zyxel | 7 | 1 | · | · | gs1900-10hp firmware (7) | — | ||
| 29 | zzinc | 6 | 1 | · | · | NEW | keymouse firmware (6) | — | |
| 30 | fedoraproject | 4 | · | · | · | PoC 1 | fedora (4) | — | |
| 31 | hp inc. | 4 | 1 | · | · | NEW | hp system management homepage (4) | — | |
| 32 | isc | 4 | · | · | · | bind (3) · dhcp (1) | — | ||
| 33 | netgear | 4 | · | · | · | NEW | jr6150 firmware (4) | — | |
| 34 | phpmyadmin | 4 | · | · | · | phpmyadmin (4) | — | ||
| 35 | сообщество свободного программного обеспечения | 4 | · | · | · | PoC 1 | debian gnu/linux (2) · linux (2) | — | |
| 36 | fedora project | 3 | · | · | · | ×3.0PoC 2 | fedora (3) | — | |
| 37 | internet systems consortium | 3 | · | · | · | NEW | bind (3) | — | |
| 38 | microfocus | 3 | · | · | · | arcsight enterprise security manager (2) · self service password reset (1) | — | ||
| 39 | redhat | 3 | · | 1 | · | KEV 1PoC 1 | enterprise linux server (3) · enterprise linux workstation (3) · enterprise linux desktop (3) | — | |
| 40 | symantec | 3 | · | · | · | ×3.0 | endpoint protection manager (3) | — | |
| 41 | broadcom | 2 | 2 | · | · | single sign-on (2) | — | ||
| 42 | fuseiso project | 2 | · | · | · | NEWPoC 1 | fuseiso (2) | — | |
| 43 | juniper | 2 | · | · | · | junos (2) | — | ||
| 44 | lenovo | 2 | · | · | · | thinkcentre e75s firmware (2) | — | ||
| 45 | linux | 2 | · | · | · | linux kernel (2) | — | ||
| 46 | moxa | 2 | · | · | · | NEW | ioadmin firmware (2) · iologik firmware (2) | — | |
| 47 | nodejs | 2 | · | · | · | NEW | node.js (2) | — | |
| 48 | packagist | 2 | · | · | · | phpmyadmin/phpmyadmin (2) | — | ||
| 49 | pcre | 2 | 1 | · | · | NEWPoC 1 | pcre (2) · pcre2 (1) | — | |
| 50 | php | 2 | 1 | · | · | php (2) | — |