month report

February 2018

Data as of Jun 4, 2026, 13:28 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

February 2018 closed with 1,350 published CVEs — +25.6% YoY . 258 criticals, hewlett packard enterprise led volume, mostly via intelligent management center (imc) plat. Biggest breakout: hp at ×36.8 their 12-month median. Top weakness class — CWE-20 (184 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

1,350

-21.3% MoM+25.6% YoY

Severity mix

258 / 558

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

2.5%

34 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

2940.9

n=34

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

1366

n=3

Detection gap

KEV pressure, no Nuclei coverage

February 2018 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1adobe44 CVE
KEV 1redhat28 CVE

Weakness × Vendor

What's spreading where in February 2018

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

36.8×hp184 CVE
15.5×hp inc.93 CVE
12.9×huawei71 CVE
12.5×quest25 CVE
8.0×dell technologies24 CVE
7.2×sap36 CVE
7.1×huawei technologies co., ltd.71 CVE
6.5×atlassian26 CVE
6.5×sap se26 CVE
4.5×siemens ag9 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#1hewlett packard enterprise186 CVE
#22quest25 CVE
#26jiangmin21 CVE
#32ccn-lite15 CVE
#40extremewireless9 CVE
#45smiths-medical8 CVE
#46micropoint7 CVE
#49xpdfreader7 CVE
#50eq-36 CVE
#51leptonica6 CVE

Top vendors

Ranked by distinct CVE count this period.

1hewlett packard enterprise—
186 CVE36 critCVSS 8.0
NEWNuclei 2PoC 11
intelligent management center (imc) plat (95) · matrix operating environment (15) · system management homepage for windows and linux (9)
2hp↑16
184 CVE35 critCVSS 7.9
×36.8Nuclei 2PoC 11
intelligent management center (100) · matrix operating environment (15) · system management homepage (10)
3debian·
117 CVE22 critCVSS 7.8
KEV 1Nuclei 2PoC 27
debian linux (117)
4hp inc.↑46
93 CVE28 critCVSS 9.1
×15.5Nuclei 1PoC 7
hpe intelligent management center plat (85) · hpe moonshot provisioning manager appliance (2) · hpe network node manager i (1)
5huawei↑165
71 CVE1 critCVSS 5.4
×12.9
dp300 firmware (36) · te60 firmware (34) · te50 firmware (34)
6huawei technologies co., ltd.—
71 CVE1 critCVSS 5.9
×7.1
dp300,rp200,te30,te40,te50,te60 (11) · dp300,ips module,ngfw module,nip6300,nip6600,nip6800,rp200,svn5600,svn5800,svn5800-c,semg9811,secospace usg6300,secospace usg6500,secospace usg6600,te30,te40,te50,te60,usg9500,usg9520,usg9560,usg9580,vp9660,viewpoint 8660,viewpoint 9030,espace u1981 (6) · ips,module,ngfw,module,nip6300,nip6600,secospace,usg6300,secospace,usg6500,secospace,usg6600,usg9500 (6)
7microsoft·
58 CVECVSS 6.6
PoC 15
windows 10 (21) · windows server 2016 (20) · windows 7 (17)
8google↓4
56 CVE3 critCVSS 7.7
PoC 2
android (34) · chrome (20) · chrome os (2)
9ibm·
51 CVE4 critCVSS 6.8
tririga application platform (8) · client application access (6) · notes (6)
10canonical↓4
49 CVE9 critCVSS 7.4
KEV 1Nuclei 1PoC 11
ubuntu linux (49)
11microsoft corporation↓3
49 CVECVSS 6.5
PoC 14
windows (12) · microsoft edge, chakracore (9) · microsoft edge (4)
12сообщество свободного программного обеспечения·
45 CVE14 critCVSS 7.8
KEV 1Nuclei 1PoC 13
debian gnu/linux (28) · sam2p (4) · libxml2 (3)
13adobe—
44 CVE4 critCVSS 7.5
KEV 1PoC 1
acrobat (39) · acrobat dc (39) · acrobat reader (39)
14ооо «русбитех-астра»↓1
40 CVE8 critCVSS 7.6
KEV 1Nuclei 1PoC 10
astra linux special edition (29) · astra linux special edition для «эльбрус» (15) · astra linux common edition (6)
15sap↑84
36 CVE1 critCVSS 6.7
×7.2Nuclei 1
internet graphics server (15) · hana extended application services (8) · sap netweaver (8)
16cisco·
31 CVE5 critCVSS 7.2
KEV 1Nuclei 1
data center analytics framework (4) · unified communications manager (3) · jabber (2)
17maven↓12
28 CVE6 critCVSS 7.4
Nuclei 2PoC 1
org.jenkins-ci.main:jenkins-core (3) · com.fasterxml.jackson.core:jackson-databind (3) · org.apache.geode:geode-core (3)
18redhat↓8
28 CVE7 critCVSS 7.9
KEV 1PoC 7
enterprise linux server (16) · enterprise linux workstation (15) · enterprise linux desktop (14)
19apache↑10
26 CVE4 critCVSS 7.3
PoC 2
geode (3) · cloudstack (2) · jmeter (2)
20atlassian↑24
26 CVE1 critCVSS 5.9
×6.5
crucible (8) · bamboo (6) · fisheye (6)
21sap se↑79
26 CVECVSS 6.7
×6.5Nuclei 1
sap internet graphics server (13) · sap hana extended application services (8) · sap hana (1)
22quest—
25 CVE24 critCVSS 9.7
NEW×12.5PoC 1
netvault backup (25) · quest netvault backup (24)
23apache software foundation↑7
24 CVE4 critCVSS 7.2
PoC 1
apache geode (3) · tomcat (2) · apache cloudstack (2)
24dell technologies—
24 CVE24 critCVSS 9.8
×8.0PoC 1
netvault backup (24)
25wireshark↑107
24 CVE1 critCVSS 7.6
×4.4
wireshark (24)
26jiangmin—
21 CVECVSS 7.8
NEWPoC 21
antivirus (21)
27google inc.↓16
20 CVE1 critCVSS 7.5
PoC 1
android (20)
28canonical ltd.↑5
17 CVE2 critCVSS 7.0
PoC 4
ubuntu (17) · apport (3)
29gnu↑33
17 CVE3 critCVSS 7.2
PoC 3
binutils (7) · glibc (4) · libcdio (3)
30microsoft corp↓15
17 CVECVSS 7.7
PoC 8
microsoft edge (8) · chakracore (7) · internet explorer (5)
31packagist↓14
16 CVE2 critCVSS 6.6
Nuclei 1PoC 12
simplesamlphp/simplesamlphp (4) · anchorcms/anchor-cms (1) · austintoddj/canvas (1)
32ccn-lite—
15 CVE10 critCVSS 9.1
NEW
ccn-lite (15)
33linux↓7
13 CVE1 critCVSS 6.6
PoC 2
linux kernel (13)
34oracle↓33
12 CVE5 critCVSS 8.7
Nuclei 3PoC 2
communications cloud native core automated test suite (3) · communications billing and revenue management (3) · communications instant messaging server (3)
35qualcomm, inc.↓10
11 CVE1 critCVSS 7.9
android for msm, firefox os for msm, qrd android (10) · snapdragon automobile, snapdragon iot, snapdragon mobile (1)
36nuget↑30
10 CVECVSS 7.5
PoC 6
microsoft.chakracore (10)
37rubygems↓13
10 CVE2 critCVSS 6.8
PoC 6
echor (2) · ember-source (2) · sensu (1)
38trend micro↑34
10 CVE1 critCVSS 8.4
trend micro control manager (8) · trend micro interscan messaging security virtual appliance (1) · trend micro user-mode hooking (umh) module (1)
39trendmicro↑34
10 CVE1 critCVSS 8.0
control manager (8) · deep security (1) · endpoint sensor (1)
40extremewireless—
9 CVECVSS 6.2
NEW
wing (9)
41gnu general public license—
9 CVE2 critCVSS 7.0
KEV 1Nuclei 2PoC 3
gnu binutils (7) · joomla! (1) · exim (1)
42pypi↓8
9 CVE2 critCVSS 8.0
Nuclei 1PoC 3
web2py (2) · django (1) · django-anymail (1)
43siemens ag↑27
9 CVECVSS 6.1
×4.5PoC 1
simatic s7-1500 cpu 1518(f)-4 pn/dp mfp (7) · ruggedcom rox ii (2)
44jenkins↓30
8 CVECVSS 6.9
Nuclei 2
jenkins (3) · credentials binding (1) · android lint (1)
45smiths-medical—
8 CVECVSS 6.5
NEW×4.0PoC 1
medfusion 4000 wireless syringe infusion pump (8)
46micropoint—
7 CVECVSS 7.8
NEWPoC 7
proactive defense (7)
47oracle corp.↓15
7 CVE2 critCVSS 7.4
Nuclei 1PoC 2
managed file transfer (2) · micros relate crm software (2) · fmw platform (2)
48red hat inc.↓7
7 CVE2 critCVSS 7.5
PoC 1
red hat enterprise linux (6) · cloudforms management engine (1) · libvirt (1)
49xpdfreader—
7 CVECVSS 5.5
NEWPoC 1
xpdf (7)
50eq-3—
6 CVE3 critCVSS 8.5
NEWPoC 2
homematic central control unit ccu2 firmware (5) · homematic ccu2 firmware (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	hewlett packard enterprise	186	36	·	2	NEWNuclei 2PoC 11	intelligent management center (imc) plat (95) · matrix operating environment (15) · system management homepage for windows and linux (9)	—
2	hp	184	35	·	2	×36.8Nuclei 2PoC 11	intelligent management center (100) · matrix operating environment (15) · system management homepage (10)	↑16
3	debian	117	22	1	2	KEV 1Nuclei 2PoC 27	debian linux (117)	·
4	hp inc.	93	28	·	1	×15.5Nuclei 1PoC 7	hpe intelligent management center plat (85) · hpe moonshot provisioning manager appliance (2) · hpe network node manager i (1)	↑46
5	huawei	71	1	·	·	×12.9	dp300 firmware (36) · te60 firmware (34) · te50 firmware (34)	↑165
6	huawei technologies co., ltd.	71	1	·	·	×7.1	dp300,rp200,te30,te40,te50,te60 (11) · dp300,ips module,ngfw module,nip6300,nip6600,nip6800,rp200,svn5600,svn5800,svn5800-c,semg9811,secospace usg6300,secospace usg6500,secospace usg6600,te30,te40,te50,te60,usg9500,usg9520,usg9560,usg9580,vp9660,viewpoint 8660,viewpoint 9030,espace u1981 (6) · ips,module,ngfw,module,nip6300,nip6600,secospace,usg6300,secospace,usg6500,secospace,usg6600,usg9500 (6)	—
7	microsoft	58	·	·	·	PoC 15	windows 10 (21) · windows server 2016 (20) · windows 7 (17)	·
8	google	56	3	·	·	PoC 2	android (34) · chrome (20) · chrome os (2)	↓4
9	ibm	51	4	·	·		tririga application platform (8) · client application access (6) · notes (6)	·
10	canonical	49	9	1	1	KEV 1Nuclei 1PoC 11	ubuntu linux (49)	↓4
11	microsoft corporation	49	·	·	·	PoC 14	windows (12) · microsoft edge, chakracore (9) · microsoft edge (4)	↓3
12	сообщество свободного программного обеспечения	45	14	1	1	KEV 1Nuclei 1PoC 13	debian gnu/linux (28) · sam2p (4) · libxml2 (3)	·
13	adobe	44	4	1	·	KEV 1PoC 1	acrobat (39) · acrobat dc (39) · acrobat reader (39)	—
14	ооо «русбитех-астра»	40	8	1	1	KEV 1Nuclei 1PoC 10	astra linux special edition (29) · astra linux special edition для «эльбрус» (15) · astra linux common edition (6)	↓1
15	sap	36	1	·	1	×7.2Nuclei 1	internet graphics server (15) · hana extended application services (8) · sap netweaver (8)	↑84
16	cisco	31	5	1	1	KEV 1Nuclei 1	data center analytics framework (4) · unified communications manager (3) · jabber (2)	·
17	maven	28	6	·	2	Nuclei 2PoC 1	org.jenkins-ci.main:jenkins-core (3) · com.fasterxml.jackson.core:jackson-databind (3) · org.apache.geode:geode-core (3)	↓12
18	redhat	28	7	1	·	KEV 1PoC 7	enterprise linux server (16) · enterprise linux workstation (15) · enterprise linux desktop (14)	↓8
19	apache	26	4	·	·	PoC 2	geode (3) · cloudstack (2) · jmeter (2)	↑10
20	atlassian	26	1	·	·	×6.5	crucible (8) · bamboo (6) · fisheye (6)	↑24
21	sap se	26	·	·	1	×6.5Nuclei 1	sap internet graphics server (13) · sap hana extended application services (8) · sap hana (1)	↑79
22	quest	25	24	·	·	NEW×12.5PoC 1	netvault backup (25) · quest netvault backup (24)	—
23	apache software foundation	24	4	·	·	PoC 1	apache geode (3) · tomcat (2) · apache cloudstack (2)	↑7
24	dell technologies	24	24	·	·	×8.0PoC 1	netvault backup (24)	—
25	wireshark	24	1	·	·	×4.4	wireshark (24)	↑107
26	jiangmin	21	·	·	·	NEWPoC 21	antivirus (21)	—
27	google inc.	20	1	·	·	PoC 1	android (20)	↓16
28	canonical ltd.	17	2	·	·	PoC 4	ubuntu (17) · apport (3)	↑5
29	gnu	17	3	·	·	PoC 3	binutils (7) · glibc (4) · libcdio (3)	↑33
30	microsoft corp	17	·	·	·	PoC 8	microsoft edge (8) · chakracore (7) · internet explorer (5)	↓15
31	packagist	16	2	·	1	Nuclei 1PoC 12	simplesamlphp/simplesamlphp (4) · anchorcms/anchor-cms (1) · austintoddj/canvas (1)	↓14
32	ccn-lite	15	10	·	·	NEW	ccn-lite (15)	—
33	linux	13	1	·	·	PoC 2	linux kernel (13)	↓7
34	oracle	12	5	·	3	Nuclei 3PoC 2	communications cloud native core automated test suite (3) · communications billing and revenue management (3) · communications instant messaging server (3)	↓33
35	qualcomm, inc.	11	1	·	·		android for msm, firefox os for msm, qrd android (10) · snapdragon automobile, snapdragon iot, snapdragon mobile (1)	↓10
36	nuget	10	·	·	·	PoC 6	microsoft.chakracore (10)	↑30
37	rubygems	10	2	·	·	PoC 6	echor (2) · ember-source (2) · sensu (1)	↓13
38	trend micro	10	1	·	·		trend micro control manager (8) · trend micro interscan messaging security virtual appliance (1) · trend micro user-mode hooking (umh) module (1)	↑34
39	trendmicro	10	1	·	·		control manager (8) · deep security (1) · endpoint sensor (1)	↑34
40	extremewireless	9	·	·	·	NEW	wing (9)	—
41	gnu general public license	9	2	1	2	KEV 1Nuclei 2PoC 3	gnu binutils (7) · joomla! (1) · exim (1)	—
42	pypi	9	2	·	1	Nuclei 1PoC 3	web2py (2) · django (1) · django-anymail (1)	↓8
43	siemens ag	9	·	·	·	×4.5PoC 1	simatic s7-1500 cpu 1518(f)-4 pn/dp mfp (7) · ruggedcom rox ii (2)	↑27
44	jenkins	8	·	·	2	Nuclei 2	jenkins (3) · credentials binding (1) · android lint (1)	↓30
45	smiths-medical	8	·	·	·	NEW×4.0PoC 1	medfusion 4000 wireless syringe infusion pump (8)	—
46	micropoint	7	·	·	·	NEWPoC 7	proactive defense (7)	—
47	oracle corp.	7	2	·	1	Nuclei 1PoC 2	managed file transfer (2) · micros relate crm software (2) · fmw platform (2)	↓15
48	red hat inc.	7	2	·	·	PoC 1	red hat enterprise linux (6) · cloudforms management engine (1) · libvirt (1)	↓7
49	xpdfreader	7	·	·	·	NEWPoC 1	xpdf (7)	—
50	eq-3	6	3	·	·	NEWPoC 2	homematic central control unit ccu2 firmware (5) · homematic ccu2 firmware (1)	—