month report
August 2016
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
August 2016 closed with 412 published CVEs — -34.1% YoY . 69 criticals, google led volume, mostly via android. Biggest breakout: libgd at ×9.0 their 12-month median. Top weakness class — CWE-264 (65 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
412
— MoM-34.1% YoY
Severity mix
69 / 195
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
1.5%
6 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
3498.2
n=6
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
2098
n=6
Detection gap
KEV pressure, no Nuclei coverage
August 2016 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 3apple4 CVE
- KEV 3apple inc.3 CVE
- KEV 2cisco27 CVE
- KEV 2cisco systems inc.4 CVE
- KEV 1microsoft28 CVE
- KEV 1microsoft corp28 CVE
Weakness × Vendor
What's spreading where in August 2016
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
264CWE-264119Memory Buffer Bounds20Improper Input Validation200Information Exposure79XSS284CWE-284190Integer Overflow416Use After Free125Out-of-bounds Read399CWE-399google381311166322google inc35119155112linux444511211microsoft510362microsoft corp510362cisco4173412debian14111343mozilla2434225сообщество свободного программного обеспечения2211553wireshark2817oracle3322141ibm11342
Breakout vendors
CVE count ≥3× their own 12-period median.
- 9.0×libgd9 CVE
- 6.0×php group12 CVE
- 6.0×theforeman6 CVE
- 6.0×vmware6 CVE
- 3.6×google inc87 CVE
- 3.2×google102 CVE
- 3.1×linux28 CVE
- 3.0×netgear6 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #20libgd9 CVE
- #22crestron8 CVE
- #25nuuo7 CVE
- #37readydesk4 CVE
- #38accellion3 CVE
- #47dbd-mysql project2 CVE
- #51perl2 CVE
- #54zmodo2 CVE
- #55amazonbasics1 CVE
- #59collectd1 CVE
Top vendors
Ranked by distinct CVE count this period.
- 102 CVE11 critCVSS 7.5×3.2android (93) · chrome (9)
- 87 CVE5 critCVSS 7.3×3.6android (87)
- 28 CVE3 critCVSS 6.9×3.1PoC 1linux kernel (28)
- 28 CVE1 critCVSS 7.3KEV 1PoC 9windows server 2012 (10) · windows 8.1 (10) · windows vista (9)
- 28 CVE1 critCVSS 7.3KEV 1PoC 9windows 8.1 (10) · windows 10 (10) · windows server 2012 r2 (10)
- 27 CVECVSS 7.6KEV 2PoC 3aironet access point software (3) · secure firewall management center (3) · adaptive security appliance software (2)
- 26 CVE7 critCVSS 7.7Nuclei 1PoC 2debian linux (26)
- 24 CVE1 critCVSS 7.2PoC 1firefox (23) · netscape portable runtime (1)
- 22 CVE10 critCVSS 8.5PoC 1debian gnu/linux (18) · linux (5) · dbd-mysql (2)
- 21 CVECVSS 6.0PoC 5wireshark (21)
- 18 CVE2 critCVSS 7.0PoC 2linux (14) · vm server (4) · solaris (3)
- 16 CVECVSS 5.3engineering lifecycle optimization - publishing (2) · vios (2) · filenet workplace (2)
- 16 CVE1 critCVSS 7.6PoC 1firefox (16) · firefox esr (7)
- 15 CVE9 critCVSS 9.0PoC 3php (15)
- 14 CVE4 critCVSS 8.3PoC 1leap (14) · opensuse (4)
- 12 CVE6 critCVSS 8.8PoC 1ubuntu (12)
- 12 CVE7 critCVSS 9.0×6.0PoC 1php (12)
- 12 CVE5 critCVSS 7.7PoC 11trex (4) · hana (3) · sap hana (2)
- 11 CVE7 critCVSS 9.3acrobat dc (7) · acrobat reader dc (7) · acrobat (7)
- 9 CVE1 critCVSS 7.5NEW×9.0PoC 1libgd (9)
- 9 CVE3 critCVSS 7.4satellite (2) · enterprise linux server (2) · openshift (2)
- 8 CVE6 critCVSS 9.4NEWPoC 1dm-txrx-100-str firmware (6) · airmedia am-100 firmware (2)
- 8 CVE1 critCVSS 7.7PoC 1fedora (8)
- 7 CVE7 critCVSS 9.8adobe acrobat (7) · adobe acrobat document cloud (7) · adobe reader (7)
- 7 CVE3 critCVSS 8.9NEWNuclei 1PoC 7nvrmini 2 (7) · nvrsolo (5) · crystal (1)
- 6 CVECVSS 6.9PoC 2openmeetings (1) · activemq (1) · openoffice (1)
- 6 CVECVSS 7.4ubuntu linux (6)
- 6 CVE2 critCVSS 8.7×3.0Nuclei 1PoC 6readynas surveillance (6)
- 6 CVECVSS 6.0×6.0foreman (6)
- 6 CVE2 critCVSS 7.6×6.0PoC 2vrealize automation (2) · esxi (2) · workstation pro (1)
- 5 CVE1 critCVSS 6.6PoC 1fortianalyzer firmware (4) · fortimanager firmware (4) · fortios (1)
- 5 CVECVSS 7.3PoC 5filr (5)
- 4 CVECVSS 7.5KEV 3PoC 3iphone os (4)
- 4 CVECVSS 8.3KEV 2PoC 3adaptive security appliance (2) · cisco rv130w (2) · cisco rv215w (2)
- 4 CVECVSS 6.8big-ip application acceleration manager (4) · big-ip application security manager (4) · big-ip edge gateway (4)
- 4 CVE1 critCVSS 8.1converged infrastructure solution sizer suite (1) · insight management sizer (1) · operations manager (1)
- 4 CVE2 critCVSS 8.7NEWreadydesk (4)
- 3 CVECVSS 6.1NEWkiteworks appliance (3)
- 3 CVECVSS 7.4KEV 3PoC 3ios (3)
- 3 CVE1 critCVSS 8.7xenserver (2) · xenapp (1) · xendesktop (1)
- 3 CVECVSS 7.7libcurl (3)
- 3 CVE1 critCVSS 9.2p8 smartphone firmware (2) · cx600 firmware (1) · cloudengine 12800 firmware (1)
- 3 CVECVSS 5.7PoC 2org.apache.openmeetings:openmeetings-parent (1) · org.apache.poi:poi-examples (1) · org.apache.activemq:activemq-client (1)
- 3 CVE2 critCVSS 7.2oncell g3001 firmware (2) · oncell g3100v2 firmware (2) · softcms (1)
- 3 CVE1 critCVSS 8.7opensuse leap (3) · opensuse (1)
- 3 CVECVSS 7.8Nuclei 3wordpress (3)
- 2 CVE2 critCVSS 9.8NEWdbd-mysql (2)
- 2 CVECVSS 6.8junos (2)
- 2 CVE1 critCVSS 9.0PoC 1moxa edr-810 (1) · onecell g3001 firmware (1) · onecell g3100v2 firmware (1)
- 2 CVECVSS 6.5dotnetnuke.core (1) · microsoft.chakracore (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | 102 | 11 | · | · | ×3.2 | android (93) · chrome (9) | — | ||
| 2 | google inc | 87 | 5 | · | · | ×3.6 | android (87) | — | |
| 3 | linux | 28 | 3 | · | · | ×3.1PoC 1 | linux kernel (28) | — | |
| 4 | microsoft | 28 | 1 | 1 | · | KEV 1PoC 9 | windows server 2012 (10) · windows 8.1 (10) · windows vista (9) | — | |
| 5 | microsoft corp | 28 | 1 | 1 | · | KEV 1PoC 9 | windows 8.1 (10) · windows 10 (10) · windows server 2012 r2 (10) | — | |
| 6 | cisco | 27 | · | 2 | · | KEV 2PoC 3 | aironet access point software (3) · secure firewall management center (3) · adaptive security appliance software (2) | — | |
| 7 | debian | 26 | 7 | · | 1 | Nuclei 1PoC 2 | debian linux (26) | — | |
| 8 | mozilla | 24 | 1 | · | · | PoC 1 | firefox (23) · netscape portable runtime (1) | — | |
| 9 | сообщество свободного программного обеспечения | 22 | 10 | · | · | PoC 1 | debian gnu/linux (18) · linux (5) · dbd-mysql (2) | — | |
| 10 | wireshark | 21 | · | · | · | PoC 5 | wireshark (21) | — | |
| 11 | oracle | 18 | 2 | · | · | PoC 2 | linux (14) · vm server (4) · solaris (3) | — | |
| 12 | ibm | 16 | · | · | · | engineering lifecycle optimization - publishing (2) · vios (2) · filenet workplace (2) | — | ||
| 13 | mozilla corp. | 16 | 1 | · | · | PoC 1 | firefox (16) · firefox esr (7) | — | |
| 14 | php | 15 | 9 | · | · | PoC 3 | php (15) | — | |
| 15 | opensuse | 14 | 4 | · | · | PoC 1 | leap (14) · opensuse (4) | — | |
| 16 | canonical ltd. | 12 | 6 | · | · | PoC 1 | ubuntu (12) | — | |
| 17 | php group | 12 | 7 | · | · | ×6.0PoC 1 | php (12) | — | |
| 18 | sap | 12 | 5 | · | · | PoC 11 | trex (4) · hana (3) · sap hana (2) | — | |
| 19 | adobe | 11 | 7 | · | · | acrobat dc (7) · acrobat reader dc (7) · acrobat (7) | — | ||
| 20 | libgd | 9 | 1 | · | · | NEW×9.0PoC 1 | libgd (9) | — | |
| 21 | redhat | 9 | 3 | · | · | satellite (2) · enterprise linux server (2) · openshift (2) | — | ||
| 22 | crestron | 8 | 6 | · | · | NEWPoC 1 | dm-txrx-100-str firmware (6) · airmedia am-100 firmware (2) | — | |
| 23 | fedoraproject | 8 | 1 | · | · | PoC 1 | fedora (8) | — | |
| 24 | adobe systems inc. | 7 | 7 | · | · | adobe acrobat (7) · adobe acrobat document cloud (7) · adobe reader (7) | — | ||
| 25 | nuuo | 7 | 3 | · | 1 | NEWNuclei 1PoC 7 | nvrmini 2 (7) · nvrsolo (5) · crystal (1) | — | |
| 26 | apache | 6 | · | · | · | PoC 2 | openmeetings (1) · activemq (1) · openoffice (1) | — | |
| 27 | canonical | 6 | · | · | · | ubuntu linux (6) | — | ||
| 28 | netgear | 6 | 2 | · | 1 | ×3.0Nuclei 1PoC 6 | readynas surveillance (6) | — | |
| 29 | theforeman | 6 | · | · | · | ×6.0 | foreman (6) | — | |
| 30 | vmware | 6 | 2 | · | · | ×6.0PoC 2 | vrealize automation (2) · esxi (2) · workstation pro (1) | — | |
| 31 | fortinet | 5 | 1 | · | · | PoC 1 | fortianalyzer firmware (4) · fortimanager firmware (4) · fortios (1) | — | |
| 32 | novell | 5 | · | · | · | PoC 5 | filr (5) | — | |
| 33 | apple | 4 | · | 3 | · | KEV 3PoC 3 | iphone os (4) | — | |
| 34 | cisco systems inc. | 4 | · | 2 | · | KEV 2PoC 3 | adaptive security appliance (2) · cisco rv130w (2) · cisco rv215w (2) | — | |
| 35 | f5 | 4 | · | · | · | big-ip application acceleration manager (4) · big-ip application security manager (4) · big-ip edge gateway (4) | — | ||
| 36 | hp | 4 | 1 | · | · | converged infrastructure solution sizer suite (1) · insight management sizer (1) · operations manager (1) | — | ||
| 37 | readydesk | 4 | 2 | · | · | NEW | readydesk (4) | — | |
| 38 | accellion | 3 | · | · | · | NEW | kiteworks appliance (3) | — | |
| 39 | apple inc. | 3 | · | 3 | · | KEV 3PoC 3 | ios (3) | — | |
| 40 | citrix | 3 | 1 | · | · | xenserver (2) · xenapp (1) · xendesktop (1) | — | ||
| 41 | haxx | 3 | · | · | · | libcurl (3) | — | ||
| 42 | huawei | 3 | 1 | · | · | p8 smartphone firmware (2) · cx600 firmware (1) · cloudengine 12800 firmware (1) | — | ||
| 43 | maven | 3 | · | · | · | PoC 2 | org.apache.openmeetings:openmeetings-parent (1) · org.apache.poi:poi-examples (1) · org.apache.activemq:activemq-client (1) | — | |
| 44 | moxa | 3 | 2 | · | · | oncell g3001 firmware (2) · oncell g3100v2 firmware (2) · softcms (1) | — | ||
| 45 | novell inc. | 3 | 1 | · | · | opensuse leap (3) · opensuse (1) | — | ||
| 46 | wordpress | 3 | · | · | 3 | Nuclei 3 | wordpress (3) | — | |
| 47 | dbd-mysql project | 2 | 2 | · | · | NEW | dbd-mysql (2) | — | |
| 48 | juniper | 2 | · | · | · | junos (2) | — | ||
| 49 | moxa inc. | 2 | 1 | · | · | PoC 1 | moxa edr-810 (1) · onecell g3001 firmware (1) · onecell g3100v2 firmware (1) | — | |
| 50 | nuget | 2 | · | · | · | dotnetnuke.core (1) · microsoft.chakracore (1) | — |