month report

March 2018

Data as of Jun 4, 2026, 13:28 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

March 2018 closed with 2,306 published CVEs — +68.0% YoY . 199 criticals, debian led volume, mostly via debian linux. Biggest breakout: huawei at ×10.3 their 12-month median. Top weakness class — CWE-79 (194 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

2,306

+70.8% MoM+68.0% YoY

Severity mix

199 / 551

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

2.3%

53 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

2909.0

n=53

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

1436

n=22

Weakness × Vendor

What's spreading where in March 2018

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

Breakout vendors

CVE count ≥3× their own 12-period median.

10.3×huawei72 CVE
9.0×dell18 CVE
7.5×netiq30 CVE
6.7×libming20 CVE
5.6×gitlab14 CVE
4.7×canonical ltd.35 CVE
4.3×schneider electric se13 CVE
4.3×suse13 CVE
4.2×huawei technologies co., ltd.67 CVE
4.0×qnap8 CVE

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#21windows optimization master project21 CVE
#30iobit15 CVE
#50exempi project10 CVE
#52hanwha-security10 CVE
#53hanwha techwin10 CVE
#612345 security guard project8 CVE
#62cimg8 CVE
#64ics-cert8 CVE
#70drupal.org7 CVE
#72omron7 CVE

Top vendors

Ranked by distinct CVE count this period.

1debian↑2
107 CVE15 critCVSS 7.1
KEV 1Nuclei 2PoC 31
debian linux (107)
2microsoft↑5
74 CVECVSS 6.1
PoC 13
windows 10 (29) · windows server 2016 (29) · windows server 2008 (23)
3microsoft corporation↑8
74 CVECVSS 6.8
PoC 13
microsoft sharepoint (13) · windows kernel (13) · chakracore, microsoft edge (10)
4google↑4
73 CVE12 critCVSS 7.7
PoC 1
android (72) · chrome os (1)
5huawei·
72 CVECVSS 5.5
×10.3PoC 1
dp300 firmware (30) · te60 firmware (22) · te30 firmware (21)
6сообщество свободного программного обеспечения↑6
72 CVE11 critCVSS 7.3
KEV 1Nuclei 2PoC 24
debian gnu/linux (60) · rubygems (7) · linux (5)
7ibm↑2
71 CVE1 critCVSS 5.4
rational doors next generation (9) · rational collaborative lifecycle management (9) · rational quality manager (9)
8huawei technologies co., ltd.↓2
67 CVECVSS 5.7
×4.2PoC 1
dp300; rp200; te30; te40; te50; te60 (10) · mate 9 pro (5) · dp300; ips module; ngfw module; nip6300; nip6600; rp200; s12700; s1700; s2700; s5700; s6700; s7700; s9700; secospace usg6300; secospace usg6500; secospace usg6600; te30; te40; te50; te60; tp3106; tp3206; usg9500; viewpoint 9030 (4)
9canonical↑1
66 CVE7 critCVSS 7.0
×3.1Nuclei 1PoC 15
ubuntu linux (66) · screen-resolution-extra (1)
10ооо «русбитех-астра»↑4
65 CVE10 critCVSS 7.4
Nuclei 1PoC 17
astra linux special edition (52) · astra linux common edition (25) · astra linux special edition для «эльбрус» (20)
11cisco↑5
62 CVE4 critCVSS 7.1
KEV 17Nuclei 1
ios xe (31) · ios (17) · identity services engine (7)
12redhat↑6
57 CVE6 critCVSS 7.4
Nuclei 2PoC 9
enterprise linux server (31) · enterprise linux workstation (30) · enterprise linux desktop (30)
13maven↑4
40 CVE4 critCVSS 6.6
Nuclei 3PoC 6
org.jruby:jruby-stdlib (7) · org.jolokia:jolokia-core (2) · com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (2)
14canonical ltd.↑14
35 CVE3 critCVSS 7.1
×4.7Nuclei 1PoC 12
ubuntu (35)
15netiq—
30 CVE1 critCVSS 4.5
×7.5
identity manager (12) · access manager (8) · imanager (4)
16dell emc—
28 CVE3 critCVSS 6.9
Nuclei 1PoC 10
isilon onefs (9) · scaleio (3) · rsa authentication agent for web for iis, rsa authentication agent for web for apache web server (2)
17qualcomm, inc.↑18
28 CVE11 critCVSS 8.1
android for msm, firefox os for msm, qrd android (22) · snapdragon iot, snapdragon mobile (4) · snapdragon iot, snapdragon mobile, snapdragon automobile (1)
18cisco systems inc.↑39
27 CVE4 critCVSS 7.0
KEV 16Nuclei 1
cisco ios xe (18) · cisco ios (14) · cisco secure access control system (3)
19linux↑14
22 CVECVSS 6.1
PoC 1
linux kernel (22)
20google inc↑85
21 CVE10 critCVSS 8.7
android (20) · chrome os (1)
21windows optimization master project—
21 CVECVSS 7.8
NEWPoC 21
windows optimization master (21)
22libming—
20 CVECVSS 6.8
×6.7PoC 11
libming (20)
23packagist↑8
20 CVE7 critCVSS 7.6
KEV 1Nuclei 3PoC 18
drupal/core (8) · drupal/drupal (8) · simplesamlphp/saml2 (2)
24ао «концерн вниинс»↑30
19 CVE4 critCVSS 7.7
×3.2PoC 8
ос он «стрелец» (19)
25apache↓6
18 CVE2 critCVSS 7.0
Nuclei 1PoC 3
http server (8) · syncope (2) · xerces-c\+\+ (1)
26dell↑73
18 CVE3 critCVSS 7.6
×9.0Nuclei 1PoC 10
emc isilon (6) · emc scaleio (3) · emc isilon onefs (3)
27apache software foundation↓4
17 CVE2 critCVSS 7.1
Nuclei 1PoC 4
apache http server (7) · http server (7) · apache syncope (2)
28red hat inc.↑20
17 CVE3 critCVSS 8.2
PoC 5
red hat enterprise linux (16) · jboss enterprise application platform (2) · jboss bpm suite (1)
29microsoft corp↑1
16 CVECVSS 7.5
PoC 5
microsoft edge (10) · chakracore (9) · windows 10 1511 (3)
30iobit—
15 CVECVSS 7.8
NEWPoC 15
advanced systemcare ultimate (15)
31opensuse—
15 CVE2 critCVSS 7.3
PoC 1
leap (5) · libzypp (3) · open build service (3)
32gitlab—
14 CVE3 critCVSS 7.5
×5.6
gitlab (14) · gitlab community and enterprise editions (13)
33netapp↑56
14 CVE2 critCVSS 7.0
Nuclei 1PoC 4
storagegrid (7) · clustered data ontap (7) · storage automation store (7)
34nuget↑2
14 CVE1 critCVSS 7.6
PoC 2
microsoft.chakracore (11) · curl (1) · microsoft.aspnetcore.httpoverrides (1)
35rubygems↑2
13 CVE1 critCVSS 6.9
PoC 6
rubygems-update (7) · rubygems (7) · nokogiri (1)
36schneider-electric↑34
13 CVE7 critCVSS 8.7
ibps110-1er firmware (12) · imp1110-1 firmware (12) · imp219-1e firmware (12)
37schneider electric se—
13 CVE7 critCVSS 8.7
×4.3
pelco sarix professional (12) · somove (1)
38suse—
13 CVE1 critCVSS 7.6
×4.3PoC 2
libzypp (3) · open build service (2) · nextcloud (1)
39trend micro↓1
13 CVE5 critCVSS 8.1
PoC 12
trend micro email encryption gateway (12) · email encryption gateway (2) · trend micro smart protection server (standalone) (1)
40trendmicro↓1
13 CVE5 critCVSS 7.9
PoC 12
email encryption gateway (12) · smart protection server (1)
41gemalto—
12 CVECVSS 7.7
gemalto's sentinel ldk rte (2) · sentinel ldk rte (2) · safenet authentication service windows logon agent (2)
42imagemagick↑41
12 CVE2 critCVSS 7.8
PoC 3
imagemagick (12)
43jenkins↑1
12 CVECVSS 5.7
PoC 1
gerrit trigger (2) · cppncss (1) · coverity (1)
44nvidia corporation↑122
12 CVECVSS 6.8
android (6) · shield tv (5) · nvidia tegra (1)
45philips—
12 CVE5 critCVSS 8.5
×3.0
intellispace portal (9) · philips intellispace portal (9) · philips alice 6 system (2)
46ао «нтц ит роса»↑9
12 CVE2 critCVSS 7.5
Nuclei 1PoC 2
rosa virtualization 3.0 (8) · rosa virtualization (7) · роса кобальт (4)
47f5—
11 CVECVSS 6.8
×3.1
big-ip application security manager (9) · big-ip policy enforcement manager (8) · big-ip link controller (7)
48novell inc.↑17
11 CVECVSS 7.6
PoC 1
opensuse leap (9) · suse linux enterprise desktop (3) · suse linux enterprise module for open buildservice development tools (3)
49red hat, inc.↑19
11 CVE1 critCVSS 7.0
keycloak (2) · 389-ds-base (2) · eap-5 (1)
50exempi project—
10 CVECVSS 5.7
NEWPoC 6
exempi (10)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	debian	107	15	1	2	KEV 1Nuclei 2PoC 31	debian linux (107)	↑2
2	microsoft	74	·	·	·	PoC 13	windows 10 (29) · windows server 2016 (29) · windows server 2008 (23)	↑5
3	microsoft corporation	74	·	·	·	PoC 13	microsoft sharepoint (13) · windows kernel (13) · chakracore, microsoft edge (10)	↑8
4	google	73	12	·	·	PoC 1	android (72) · chrome os (1)	↑4
5	huawei	72	·	·	·	×10.3PoC 1	dp300 firmware (30) · te60 firmware (22) · te30 firmware (21)	·
6	сообщество свободного программного обеспечения	72	11	1	2	KEV 1Nuclei 2PoC 24	debian gnu/linux (60) · rubygems (7) · linux (5)	↑6
7	ibm	71	1	·	·		rational doors next generation (9) · rational collaborative lifecycle management (9) · rational quality manager (9)	↑2
8	huawei technologies co., ltd.	67	·	·	·	×4.2PoC 1	dp300; rp200; te30; te40; te50; te60 (10) · mate 9 pro (5) · dp300; ips module; ngfw module; nip6300; nip6600; rp200; s12700; s1700; s2700; s5700; s6700; s7700; s9700; secospace usg6300; secospace usg6500; secospace usg6600; te30; te40; te50; te60; tp3106; tp3206; usg9500; viewpoint 9030 (4)	↓2
9	canonical	66	7	·	1	×3.1Nuclei 1PoC 15	ubuntu linux (66) · screen-resolution-extra (1)	↑1
10	ооо «русбитех-астра»	65	10	·	1	Nuclei 1PoC 17	astra linux special edition (52) · astra linux common edition (25) · astra linux special edition для «эльбрус» (20)	↑4
11	cisco	62	4	17	1	KEV 17Nuclei 1	ios xe (31) · ios (17) · identity services engine (7)	↑5
12	redhat	57	6	·	2	Nuclei 2PoC 9	enterprise linux server (31) · enterprise linux workstation (30) · enterprise linux desktop (30)	↑6
13	maven	40	4	·	3	Nuclei 3PoC 6	org.jruby:jruby-stdlib (7) · org.jolokia:jolokia-core (2) · com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (2)	↑4
14	canonical ltd.	35	3	·	1	×4.7Nuclei 1PoC 12	ubuntu (35)	↑14
15	netiq	30	1	·	·	×7.5	identity manager (12) · access manager (8) · imanager (4)	—
16	dell emc	28	3	·	1	Nuclei 1PoC 10	isilon onefs (9) · scaleio (3) · rsa authentication agent for web for iis, rsa authentication agent for web for apache web server (2)	—
17	qualcomm, inc.	28	11	·	·		android for msm, firefox os for msm, qrd android (22) · snapdragon iot, snapdragon mobile (4) · snapdragon iot, snapdragon mobile, snapdragon automobile (1)	↑18
18	cisco systems inc.	27	4	16	1	KEV 16Nuclei 1	cisco ios xe (18) · cisco ios (14) · cisco secure access control system (3)	↑39
19	linux	22	·	·	·	PoC 1	linux kernel (22)	↑14
20	google inc	21	10	·	·		android (20) · chrome os (1)	↑85
21	windows optimization master project	21	·	·	·	NEWPoC 21	windows optimization master (21)	—
22	libming	20	·	·	·	×6.7PoC 11	libming (20)	—
23	packagist	20	7	1	3	KEV 1Nuclei 3PoC 18	drupal/core (8) · drupal/drupal (8) · simplesamlphp/saml2 (2)	↑8
24	ао «концерн вниинс»	19	4	·	·	×3.2PoC 8	ос он «стрелец» (19)	↑30
25	apache	18	2	·	1	Nuclei 1PoC 3	http server (8) · syncope (2) · xerces-c\+\+ (1)	↓6
26	dell	18	3	·	1	×9.0Nuclei 1PoC 10	emc isilon (6) · emc scaleio (3) · emc isilon onefs (3)	↑73
27	apache software foundation	17	2	·	1	Nuclei 1PoC 4	apache http server (7) · http server (7) · apache syncope (2)	↓4
28	red hat inc.	17	3	·	·	PoC 5	red hat enterprise linux (16) · jboss enterprise application platform (2) · jboss bpm suite (1)	↑20
29	microsoft corp	16	·	·	·	PoC 5	microsoft edge (10) · chakracore (9) · windows 10 1511 (3)	↑1
30	iobit	15	·	·	·	NEWPoC 15	advanced systemcare ultimate (15)	—
31	opensuse	15	2	·	·	PoC 1	leap (5) · libzypp (3) · open build service (3)	—
32	gitlab	14	3	·	·	×5.6	gitlab (14) · gitlab community and enterprise editions (13)	—
33	netapp	14	2	·	1	Nuclei 1PoC 4	storagegrid (7) · clustered data ontap (7) · storage automation store (7)	↑56
34	nuget	14	1	·	·	PoC 2	microsoft.chakracore (11) · curl (1) · microsoft.aspnetcore.httpoverrides (1)	↑2
35	rubygems	13	1	·	·	PoC 6	rubygems-update (7) · rubygems (7) · nokogiri (1)	↑2
36	schneider-electric	13	7	·	·		ibps110-1er firmware (12) · imp1110-1 firmware (12) · imp219-1e firmware (12)	↑34
37	schneider electric se	13	7	·	·	×4.3	pelco sarix professional (12) · somove (1)	—
38	suse	13	1	·	·	×4.3PoC 2	libzypp (3) · open build service (2) · nextcloud (1)	—
39	trend micro	13	5	·	·	PoC 12	trend micro email encryption gateway (12) · email encryption gateway (2) · trend micro smart protection server (standalone) (1)	↓1
40	trendmicro	13	5	·	·	PoC 12	email encryption gateway (12) · smart protection server (1)	↓1
41	gemalto	12	·	·	·		gemalto's sentinel ldk rte (2) · sentinel ldk rte (2) · safenet authentication service windows logon agent (2)	—
42	imagemagick	12	2	·	·	PoC 3	imagemagick (12)	↑41
43	jenkins	12	·	·	·	PoC 1	gerrit trigger (2) · cppncss (1) · coverity (1)	↑1
44	nvidia corporation	12	·	·	·		android (6) · shield tv (5) · nvidia tegra (1)	↑122
45	philips	12	5	·	·	×3.0	intellispace portal (9) · philips intellispace portal (9) · philips alice 6 system (2)	—
46	ао «нтц ит роса»	12	2	·	1	Nuclei 1PoC 2	rosa virtualization 3.0 (8) · rosa virtualization (7) · роса кобальт (4)	↑9
47	f5	11	·	·	·	×3.1	big-ip application security manager (9) · big-ip policy enforcement manager (8) · big-ip link controller (7)	—
48	novell inc.	11	·	·	·	PoC 1	opensuse leap (9) · suse linux enterprise desktop (3) · suse linux enterprise module for open buildservice development tools (3)	↑17
49	red hat, inc.	11	1	·	·		keycloak (2) · 389-ds-base (2) · eap-5 (1)	↑19
50	exempi project	10	·	·	·	NEWPoC 6	exempi (10)	—