month report

July 2017

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

July 2017 closed with 1,313 published CVEs. 169 criticals, cisco led volume, mostly via dpc3939 firmware. Biggest breakout: google inc at ×15.5 their 12-month median. Top weakness class — CWE-119 (283 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

1,313

— MoM— YoY

Severity mix

169 / 661

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

1.8%

24 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

3158.8

n=24

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

1690

n=13

Detection gap

KEV pressure, no Nuclei coverage

July 2017 · vendors with active exploitation listed by CISA but no public detection template.

KEV 8cisco81 CVE
KEV 8cisco systems inc.14 CVE
KEV 6intellishield7 CVE
KEV 1microsoft57 CVE
KEV 1microsoft corporation57 CVE
KEV 1microsoft corp28 CVE

Weakness × Vendor

What's spreading where in July 2017

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

15.5×google inc31 CVE
14.0×cisco systems inc.14 CVE
14.0×graphicsmagick14 CVE
13.0×apache software foundation26 CVE
11.4×ооо «русбитех-астра»40 CVE
6.0×gnome6 CVE
6.0×gnu6 CVE
6.0×ао «концерн вниинс»6 CVE
5.0×npm5 CVE
5.0×go5 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#3xnview74 CVE
#6microsoft corporation57 CVE
#8irfanview50 CVE
#10google inc.46 CVE
#22juniper networks20 CVE
#29graphicsmagick group13 CVE
#32swftools12 CVE
#34finecms project11 CVE
#35fiyo11 CVE
#37fontforge10 CVE

Top vendors

Ranked by distinct CVE count this period.

1cisco—
81 CVE12 critCVSS 7.7
KEV 8PoC 16
dpc3939 firmware (16) · ios (8) · ios xe (8)
2ibm—
78 CVE4 critCVSS 6.2
security guardium (8) · jazz reporting service (7) · infosphere master data management server (7)
3xnview—
74 CVECVSS 7.8
NEWPoC 74
xnview (74)
4apple—
66 CVE2 critCVSS 8.1
Nuclei 1PoC 15
iphone os (46) · tvos (37) · mac os x (30)
5microsoft—
57 CVE2 critCVSS 7.1
KEV 1PoC 5
windows 10 (26) · windows server 2016 (25) · windows 8.1 (23)
6microsoft corporation—
57 CVE2 critCVSS 7.2
NEWKEV 1PoC 5
windows 10 gold, 1511, 1607, and 1703, and windows server 2016 (8) · microsoft windows server 2008 sp2 and r2 sp1, windows 7 sp1, windows 8.1, windows server 2012 gold and r2, windows rt 8.1, windows 10 gold, 1511, 1607, and 1703, and windows server 2016 (7) · microsoft windows 7 sp1, windows server 2008 sp2 and r2 sp1, windows 8.1 and windows rt 8.1, windows server 2012 and r2, windows 10 gold, 1511, 1607, 1703, and windows server 2016. (5)
7google—
56 CVECVSS 6.7
PoC 2
android (55) · news and weather (1)
8irfanview—
50 CVECVSS 7.8
NEWPoC 50
irfanview (49) · fpx (31) · tools (10)
9сообщество свободного программного обеспечения—
47 CVE7 critCVSS 7.6
×3.6PoC 9
debian gnu/linux (33) · linux (6) · librsvg (1)
10google inc.—
46 CVECVSS 6.8
NEWPoC 1
android (46)
11imagemagick—
46 CVECVSS 6.8
×4.6PoC 2
imagemagick (46)
12debian—
43 CVE3 critCVSS 7.4
Nuclei 1PoC 7
debian linux (42) · tor (1)
13ооо «русбитех-астра»—
40 CVE7 critCVSS 7.6
×11.4PoC 9
astra linux special edition (29) · astra linux common edition (16) · astra linux special edition для «эльбрус» (2)
14google inc—
31 CVE1 critCVSS 7.6
×15.5PoC 1
android (30) · kubernetes (1)
15apache—
29 CVE7 critCVSS 7.8
×4.5KEV 1Nuclei 1PoC 4
openmeetings (11) · http server (6) · struts (3)
16microsoft corp—
28 CVE2 critCVSS 7.9
KEV 1PoC 4
microsoft edge (16) · windows server 2016 (6) · windows rt 8.1 (5)
17apache software foundation—
26 CVE6 critCVSS 7.9
×13.0KEV 1Nuclei 1PoC 4
apache openmeetings (11) · apache http server (6) · http server (5)
18imagemagick studio llc—
25 CVECVSS 6.6
PoC 2
imagemagick (25)
19maven—
25 CVE7 critCVSS 8.0
KEV 1Nuclei 1PoC 4
org.apache.openmeetings:openmeetings-parent (11) · org.apache.sling:org.apache.sling.xss.compat (2) · org.apache.sling:org.apache.sling.xss (2)
20apple inc.—
23 CVECVSS 8.2
PoC 3
ios (13) · macos (12) · itunes (10)
21juniper—
20 CVE5 critCVSS 8.1
×4.0PoC 1
junos (15) · screenos (5)
22juniper networks—
20 CVE5 critCVSS 8.1
NEWPoC 1
junos os (15) · screenos (5)
23packagist—
20 CVE1 critCVSS 7.2
PoC 4
phpmyadmin/phpmyadmin (6) · moodle/moodle (3) · bolt/bolt (2)
24redhat—
17 CVE2 critCVSS 7.5
enterprise linux server (12) · enterprise linux workstation (11) · enterprise linux desktop (11)
25canonical—
14 CVECVSS 7.3
ubuntu linux (13) · ubuntu-image (1)
26canonical ltd.—
14 CVECVSS 6.8
PoC 2
ubuntu (14)
27cisco systems inc.—
14 CVE3 critCVSS 8.7
×14.0KEV 8PoC 10
cisco ios (11) · cisco dpc3939 (3)
28graphicsmagick—
14 CVE5 critCVSS 8.0
×14.0PoC 1
graphicsmagick (14)
29graphicsmagick group—
13 CVE4 critCVSS 7.9
NEWPoC 1
graphicsmagick (13)
30artifex—
12 CVECVSS 7.8
×4.0PoC 4
ghostscript ghostxps (9) · ghostscript (3)
31emc—
12 CVE1 critCVSS 6.4
×4.0
rsa archer egrc (5) · rsa authentication manager (2) · rsa identity governance and lifecycle (2)
32swftools—
12 CVECVSS 8.5
NEWPoC 9
swftools (12)
33xen—
12 CVE7 critCVSS 8.7
×4.8
xen (12)
34finecms project—
11 CVE2 critCVSS 7.1
NEWPoC 4
finecms (11)
35fiyo—
11 CVE10 critCVSS 9.6
NEW
fiyo cms (11)
36nvidia corporation—
11 CVECVSS 7.4
nvidia windows gpu display driver (6) · android (3) · nvidia gpu display driver (2)
37fontforge—
10 CVECVSS 7.6
NEW
fontforge (10)
38freeradius—
10 CVE2 critCVSS 8.0
NEW
freeradius (10)
39libming—
10 CVECVSS 5.8
NEWPoC 2
ming (10)
40linux—
10 CVECVSS 7.2
PoC 1
linux kernel (10)
41netapp—
10 CVE2 critCVSS 7.8
×4.0
clustered data ontap (5) · oncommand unified manager (3) · data ontap (2)
42exiv2—
9 CVECVSS 6.8
NEWPoC 1
exiv2 (9)
43nvidia—
9 CVECVSS 7.6
gpu driver (9)
44fedoraproject—
8 CVECVSS 7.0
fedora (7) · fedmsg (1)
45php—
8 CVE2 critCVSS 8.0
php (8)
46php group—
8 CVE2 critCVSS 8.0
php (8)
47finecms—
7 CVE4 critCVSS 8.2
NEWNuclei 2PoC 3
finecms (7)
48glpi-project—
7 CVE3 critCVSS 8.1
glpi (7)
49intellishield—
7 CVECVSS 8.8
NEWKEV 6PoC 7
universal product (7)
50libsass—
7 CVECVSS 7.2
NEWPoC 2
libsass (7)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	cisco	81	12	8	·	KEV 8PoC 16	dpc3939 firmware (16) · ios (8) · ios xe (8)	—
2	ibm	78	4	·	·		security guardium (8) · jazz reporting service (7) · infosphere master data management server (7)	—
3	xnview	74	·	·	·	NEWPoC 74	xnview (74)	—
4	apple	66	2	·	1	Nuclei 1PoC 15	iphone os (46) · tvos (37) · mac os x (30)	—
5	microsoft	57	2	1	·	KEV 1PoC 5	windows 10 (26) · windows server 2016 (25) · windows 8.1 (23)	—
6	microsoft corporation	57	2	1	·	NEWKEV 1PoC 5	windows 10 gold, 1511, 1607, and 1703, and windows server 2016 (8) · microsoft windows server 2008 sp2 and r2 sp1, windows 7 sp1, windows 8.1, windows server 2012 gold and r2, windows rt 8.1, windows 10 gold, 1511, 1607, and 1703, and windows server 2016 (7) · microsoft windows 7 sp1, windows server 2008 sp2 and r2 sp1, windows 8.1 and windows rt 8.1, windows server 2012 and r2, windows 10 gold, 1511, 1607, 1703, and windows server 2016. (5)	—
7	google	56	·	·	·	PoC 2	android (55) · news and weather (1)	—
8	irfanview	50	·	·	·	NEWPoC 50	irfanview (49) · fpx (31) · tools (10)	—
9	сообщество свободного программного обеспечения	47	7	·	·	×3.6PoC 9	debian gnu/linux (33) · linux (6) · librsvg (1)	—
10	google inc.	46	·	·	·	NEWPoC 1	android (46)	—
11	imagemagick	46	·	·	·	×4.6PoC 2	imagemagick (46)	—
12	debian	43	3	·	1	Nuclei 1PoC 7	debian linux (42) · tor (1)	—
13	ооо «русбитех-астра»	40	7	·	·	×11.4PoC 9	astra linux special edition (29) · astra linux common edition (16) · astra linux special edition для «эльбрус» (2)	—
14	google inc	31	1	·	·	×15.5PoC 1	android (30) · kubernetes (1)	—
15	apache	29	7	1	1	×4.5KEV 1Nuclei 1PoC 4	openmeetings (11) · http server (6) · struts (3)	—
16	microsoft corp	28	2	1	·	KEV 1PoC 4	microsoft edge (16) · windows server 2016 (6) · windows rt 8.1 (5)	—
17	apache software foundation	26	6	1	1	×13.0KEV 1Nuclei 1PoC 4	apache openmeetings (11) · apache http server (6) · http server (5)	—
18	imagemagick studio llc	25	·	·	·	PoC 2	imagemagick (25)	—
19	maven	25	7	1	1	KEV 1Nuclei 1PoC 4	org.apache.openmeetings:openmeetings-parent (11) · org.apache.sling:org.apache.sling.xss.compat (2) · org.apache.sling:org.apache.sling.xss (2)	—
20	apple inc.	23	·	·	·	PoC 3	ios (13) · macos (12) · itunes (10)	—
21	juniper	20	5	·	·	×4.0PoC 1	junos (15) · screenos (5)	—
22	juniper networks	20	5	·	·	NEWPoC 1	junos os (15) · screenos (5)	—
23	packagist	20	1	·	·	PoC 4	phpmyadmin/phpmyadmin (6) · moodle/moodle (3) · bolt/bolt (2)	—
24	redhat	17	2	·	·		enterprise linux server (12) · enterprise linux workstation (11) · enterprise linux desktop (11)	—
25	canonical	14	·	·	·		ubuntu linux (13) · ubuntu-image (1)	—
26	canonical ltd.	14	·	·	·	PoC 2	ubuntu (14)	—
27	cisco systems inc.	14	3	8	·	×14.0KEV 8PoC 10	cisco ios (11) · cisco dpc3939 (3)	—
28	graphicsmagick	14	5	·	·	×14.0PoC 1	graphicsmagick (14)	—
29	graphicsmagick group	13	4	·	·	NEWPoC 1	graphicsmagick (13)	—
30	artifex	12	·	·	·	×4.0PoC 4	ghostscript ghostxps (9) · ghostscript (3)	—
31	emc	12	1	·	·	×4.0	rsa archer egrc (5) · rsa authentication manager (2) · rsa identity governance and lifecycle (2)	—
32	swftools	12	·	·	·	NEWPoC 9	swftools (12)	—
33	xen	12	7	·	·	×4.8	xen (12)	—
34	finecms project	11	2	·	·	NEWPoC 4	finecms (11)	—
35	fiyo	11	10	·	·	NEW	fiyo cms (11)	—
36	nvidia corporation	11	·	·	·		nvidia windows gpu display driver (6) · android (3) · nvidia gpu display driver (2)	—
37	fontforge	10	·	·	·	NEW	fontforge (10)	—
38	freeradius	10	2	·	·	NEW	freeradius (10)	—
39	libming	10	·	·	·	NEWPoC 2	ming (10)	—
40	linux	10	·	·	·	PoC 1	linux kernel (10)	—
41	netapp	10	2	·	·	×4.0	clustered data ontap (5) · oncommand unified manager (3) · data ontap (2)	—
42	exiv2	9	·	·	·	NEWPoC 1	exiv2 (9)	—
43	nvidia	9	·	·	·		gpu driver (9)	—
44	fedoraproject	8	·	·	·		fedora (7) · fedmsg (1)	—
45	php	8	2	·	·		php (8)	—
46	php group	8	2	·	·		php (8)	—
47	finecms	7	4	·	2	NEWNuclei 2PoC 3	finecms (7)	—
48	glpi-project	7	3	·	·		glpi (7)	—
49	intellishield	7	·	6	·	NEWKEV 6PoC 7	universal product (7)	—
50	libsass	7	·	·	·	NEWPoC 2	libsass (7)	—