month report

December 2017

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

December 2017 closed with 1,120 published CVEs. 228 criticals, adobe led volume, mostly via acrobat. Biggest breakout: google inc at ×11.0 their 12-month median. Top weakness class — CWE-119 (159 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

1,120

— MoM— YoY

Severity mix

228 / 538

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

1.9%

21 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

2999.0

n=21

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

1585

n=2

Weakness × Vendor

What's spreading where in December 2017

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

11.0×google inc11 CVE
10.0×gnu10 CVE
8.0×apache software foundation8 CVE
7.6×ооо «русбитех-астра»38 CVE
7.3×canonical44 CVE
7.0×ао «концерн вниинс»7 CVE
6.0×gnu general public license6 CVE
4.5×ibm50 CVE
4.0×apache8 CVE
4.0×atlassian4 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#6foxit43 CVE
#8qualcomm, inc.43 CVE
#9google inc.38 CVE
#13microsoft corporation34 CVE
#18tgsoft17 CVE
#19huawei technologies co., ltd.16 CVE
#23ikarussecurity14 CVE
#25synology13 CVE
#27nasm11 CVE
#28php multivendor ecommerce project11 CVE

Top vendors

Ranked by distinct CVE count this period.

1adobe—
95 CVE17 critCVSS 8.6
×3.2PoC 2
acrobat (62) · acrobat dc (62) · acrobat reader (62)
2debian—
89 CVE6 critCVSS 7.4
Nuclei 3PoC 11
debian linux (85) · tin (1) · advanced package tool (1)
3google—
85 CVE16 critCVSS 7.9
×3.9PoC 2
android (85)
4ibm—
50 CVECVSS 5.6
×4.5
security guardium (11) · sterling file gateway (6) · rational doors next generation (4)
5canonical—
44 CVE2 critCVSS 6.8
×7.3PoC 10
ubuntu linux (44)
6foxit—
43 CVECVSS 8.1
NEW
foxit reader (43)
7foxitsoftware—
43 CVECVSS 8.1
foxit reader (43)
8qualcomm, inc.—
43 CVE12 critCVSS 8.1
NEW
android for msm, firefox os for msm, qrd android (43)
9google inc.—
38 CVE4 critCVSS 7.8
NEWPoC 1
android (38)
10ооо «русбитех-астра»—
38 CVE4 critCVSS 7.3
×7.6PoC 7
astra linux special edition (27) · astra linux special edition для «эльбрус» (13) · astra linux common edition (10)
11apple—
34 CVE1 critCVSS 7.6
PoC 11
iphone os (22) · mac os x (21) · tvos (17)
12microsoft—
34 CVE1 critCVSS 7.2
PoC 10
chakracore (15) · edge (14) · internet explorer (13)
13microsoft corporation—
34 CVE1 critCVSS 7.3
NEWPoC 10
chakracore, microsoft edge (9) · internet explorer (8) · microsoft office (3)
14сообщество свободного программного обеспечения—
34 CVE4 critCVSS 7.4
×3.4PoC 8
debian gnu/linux (34) · linux (2) · libxcursor (1)
15linux—
26 CVECVSS 6.9
PoC 2
linux kernel (26)
16redhat—
23 CVE9 critCVSS 8.1
PoC 4
enterprise linux server (13) · enterprise linux desktop (13) · enterprise linux workstation (13)
17huawei—
17 CVECVSS 7.4
PoC 1
te60 firmware (3) · te50 firmware (3) · te40 firmware (3)
18tgsoft—
17 CVECVSS 7.8
NEWPoC 17
vir.it explorer (16) · vir.it explorer lite (1)
19huawei technologies co., ltd.—
16 CVECVSS 7.4
NEW
te40 (3) · te50 (3) · te60 (3)
20imagemagick—
16 CVE1 critCVSS 7.0
PoC 3
imagemagick (16)
21f5—
14 CVECVSS 7.3
big-ip access policy manager (12) · big-ip advanced firewall manager (11) · big-ip policy enforcement manager (10)
22f5 networks, inc.—
14 CVECVSS 7.1
big-ip ltm, aam, afm, analytics, apm, asm, dns, gtm, link controller, pem, websafe (5) · big-ip apm (3) · big-ip ltm, aam, afm, analytics, apm, asm, dns, link controller, pem, websafe (2)
23ikarussecurity—
14 CVECVSS 7.6
NEWPoC 10
anti.virus (14)
24sap—
13 CVE1 critCVSS 6.6
sap kernel (2) · business application software integrated solution (2) · sap hana extended application services (2)
25synology—
13 CVECVSS 6.3
NEWPoC 1
photo station (3) · diskstation manager (3) · diskstation manager (dsm) (2)
26google inc—
11 CVE10 critCVSS 9.6
×11.0
android (11)
27nasm—
11 CVECVSS 5.7
NEWPoC 4
netwide assembler (11)
28php multivendor ecommerce project—
11 CVE4 critCVSS 7.9
NEWPoC 11
php multivendor ecommerce (11)
29cambium networks—
10 CVECVSS 7.6
NEWPoC 2
cnpilot (5) · epmp (5)
30cambiumnetworks—
10 CVECVSS 8.0
NEWPoC 2
cnpilot e400 firmware (5) · cnpilot e410 firmware (5) · cnpilot e600 firmware (5)
31gnu—
10 CVECVSS 7.6
×10.0PoC 2
binutils (6) · glibc (2) · libextractor (1)
32graphicsmagick—
10 CVECVSS 8.7
graphicsmagick (10)
33maven—
10 CVE3 critCVSS 7.9
×3.3PoC 1
org.apache.qpid:qpid-broker (2) · org.jenkins-ci.main:jenkins-core (1) · org.keycloak:keycloak-core (1)
34muslim matrimonial script project—
9 CVE1 critCVSS 6.4
NEWPoC 6
muslim matrimonial script (9)
35nuget—
9 CVECVSS 7.5
PoC 4
microsoft.chakracore (9)
36piwigo—
9 CVECVSS 6.2
PoC 3
piwigo (9)
37adobe systems inc.—
8 CVE8 critCVSS 9.8
flash player (5) · adobe acrobat document cloud (1) · adobe indesign (1)
38apache—
8 CVE3 critCVSS 8.3
×4.0PoC 1
qpid broker-j (2) · drill (1) · fineract (1)
39apache software foundation—
8 CVE3 critCVSS 8.2
×8.0PoC 1
apache qpid broker-j (2) · apache fineract (1) · apache flex blaze ds (1)
40iwcnetwork—
8 CVE1 critCVSS 6.6
NEWPoC 2
biometric shift employee management system (7) · shift (1)
41qnap—
8 CVE7 critCVSS 9.6
qts (7) · qts login function (2) · qts password function (2)
42canonical ltd.—
7 CVECVSS 7.0
PoC 2
ubuntu (7)
43ordermanagementscript—
7 CVE1 critCVSS 6.3
NEWPoC 6
professional service script (7)
44packagist—
7 CVE3 critCVSS 8.1
PoC 1
dolibarr/dolibarr (5) · directmailteam/direct-mail (1) · genix/cms (1)
45pypi—
7 CVE1 critCVSS 7.3
PoC 1
mercurial (1) · aubio (1) · mistune (1)
46ао «концерн вниинс»—
7 CVE1 critCVSS 6.7
NEW×7.0PoC 1
ос он «стрелец» (7)
47enigmail—
6 CVECVSS 7.0
NEWPoC 1
enigmail (6)
48fedoraproject—
6 CVECVSS 6.8
fedora (6)
49gimp—
6 CVECVSS 7.4
gimp (6)
50gnome foundation—
6 CVECVSS 7.4
NEW
gnu image manipulation program (6)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	adobe	95	17	·	·	×3.2PoC 2	acrobat (62) · acrobat dc (62) · acrobat reader (62)	—
2	debian	89	6	·	3	Nuclei 3PoC 11	debian linux (85) · tin (1) · advanced package tool (1)	—
3	google	85	16	·	·	×3.9PoC 2	android (85)	—
4	ibm	50	·	·	·	×4.5	security guardium (11) · sterling file gateway (6) · rational doors next generation (4)	—
5	canonical	44	2	·	·	×7.3PoC 10	ubuntu linux (44)	—
6	foxit	43	·	·	·	NEW	foxit reader (43)	—
7	foxitsoftware	43	·	·	·		foxit reader (43)	—
8	qualcomm, inc.	43	12	·	·	NEW	android for msm, firefox os for msm, qrd android (43)	—
9	google inc.	38	4	·	·	NEWPoC 1	android (38)	—
10	ооо «русбитех-астра»	38	4	·	·	×7.6PoC 7	astra linux special edition (27) · astra linux special edition для «эльбрус» (13) · astra linux common edition (10)	—
11	apple	34	1	·	·	PoC 11	iphone os (22) · mac os x (21) · tvos (17)	—
12	microsoft	34	1	·	·	PoC 10	chakracore (15) · edge (14) · internet explorer (13)	—
13	microsoft corporation	34	1	·	·	NEWPoC 10	chakracore, microsoft edge (9) · internet explorer (8) · microsoft office (3)	—
14	сообщество свободного программного обеспечения	34	4	·	·	×3.4PoC 8	debian gnu/linux (34) · linux (2) · libxcursor (1)	—
15	linux	26	·	·	·	PoC 2	linux kernel (26)	—
16	redhat	23	9	·	·	PoC 4	enterprise linux server (13) · enterprise linux desktop (13) · enterprise linux workstation (13)	—
17	huawei	17	·	·	·	PoC 1	te60 firmware (3) · te50 firmware (3) · te40 firmware (3)	—
18	tgsoft	17	·	·	·	NEWPoC 17	vir.it explorer (16) · vir.it explorer lite (1)	—
19	huawei technologies co., ltd.	16	·	·	·	NEW	te40 (3) · te50 (3) · te60 (3)	—
20	imagemagick	16	1	·	·	PoC 3	imagemagick (16)	—
21	f5	14	·	·	·		big-ip access policy manager (12) · big-ip advanced firewall manager (11) · big-ip policy enforcement manager (10)	—
22	f5 networks, inc.	14	·	·	·		big-ip ltm, aam, afm, analytics, apm, asm, dns, gtm, link controller, pem, websafe (5) · big-ip apm (3) · big-ip ltm, aam, afm, analytics, apm, asm, dns, link controller, pem, websafe (2)	—
23	ikarussecurity	14	·	·	·	NEWPoC 10	anti.virus (14)	—
24	sap	13	1	·	·		sap kernel (2) · business application software integrated solution (2) · sap hana extended application services (2)	—
25	synology	13	·	·	·	NEWPoC 1	photo station (3) · diskstation manager (3) · diskstation manager (dsm) (2)	—
26	google inc	11	10	·	·	×11.0	android (11)	—
27	nasm	11	·	·	·	NEWPoC 4	netwide assembler (11)	—
28	php multivendor ecommerce project	11	4	·	·	NEWPoC 11	php multivendor ecommerce (11)	—
29	cambium networks	10	·	·	·	NEWPoC 2	cnpilot (5) · epmp (5)	—
30	cambiumnetworks	10	·	·	·	NEWPoC 2	cnpilot e400 firmware (5) · cnpilot e410 firmware (5) · cnpilot e600 firmware (5)	—
31	gnu	10	·	·	·	×10.0PoC 2	binutils (6) · glibc (2) · libextractor (1)	—
32	graphicsmagick	10	·	·	·		graphicsmagick (10)	—
33	maven	10	3	·	·	×3.3PoC 1	org.apache.qpid:qpid-broker (2) · org.jenkins-ci.main:jenkins-core (1) · org.keycloak:keycloak-core (1)	—
34	muslim matrimonial script project	9	1	·	·	NEWPoC 6	muslim matrimonial script (9)	—
35	nuget	9	·	·	·	PoC 4	microsoft.chakracore (9)	—
36	piwigo	9	·	·	·	PoC 3	piwigo (9)	—
37	adobe systems inc.	8	8	·	·		flash player (5) · adobe acrobat document cloud (1) · adobe indesign (1)	—
38	apache	8	3	·	·	×4.0PoC 1	qpid broker-j (2) · drill (1) · fineract (1)	—
39	apache software foundation	8	3	·	·	×8.0PoC 1	apache qpid broker-j (2) · apache fineract (1) · apache flex blaze ds (1)	—
40	iwcnetwork	8	1	·	·	NEWPoC 2	biometric shift employee management system (7) · shift (1)	—
41	qnap	8	7	·	·		qts (7) · qts login function (2) · qts password function (2)	—
42	canonical ltd.	7	·	·	·	PoC 2	ubuntu (7)	—
43	ordermanagementscript	7	1	·	·	NEWPoC 6	professional service script (7)	—
44	packagist	7	3	·	·	PoC 1	dolibarr/dolibarr (5) · directmailteam/direct-mail (1) · genix/cms (1)	—
45	pypi	7	1	·	·	PoC 1	mercurial (1) · aubio (1) · mistune (1)	—
46	ао «концерн вниинс»	7	1	·	·	NEW×7.0PoC 1	ос он «стрелец» (7)	—
47	enigmail	6	·	·	·	NEWPoC 1	enigmail (6)	—
48	fedoraproject	6	·	·	·		fedora (6)	—
49	gimp	6	·	·	·		gimp (6)	—
50	gnome foundation	6	·	·	·	NEW	gnu image manipulation program (6)	—