month report

February 2019

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

February 2019 closed with 908 published CVEs. 139 criticals, сообщество свободного программного обеспечения led volume, mostly via debian gnu/linux. Top weakness class — CWE-79 (121 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

908

— MoM— YoY

Severity mix

139 / 361

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

2.3%

21 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

2572.0

n=21

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

1117

n=6

Detection gap

KEV pressure, no Nuclei coverage

February 2019 · vendors with active exploitation listed by CISA but no public detection template.

KEV 1check point software technologies ltd.14 CVE

Weakness × Vendor

What's spreading where in February 2019

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#13mozilla34 CVE
#17mozilla corp.30 CVE
#21android26 CVE
#24ао "нппкт"25 CVE
#26jenkins project23 CVE
#27ics-cert22 CVE
#28qualcomm22 CVE
#33f515 CVE
#34hackerone15 CVE
#36ао «ивк»15 CVE

Top vendors

Ranked by distinct CVE count this period.

1сообщество свободного программного обеспечения—
130 CVE22 critCVSS 8.0
KEV 1Nuclei 1PoC 30
debian gnu/linux (119) · sdl (11) · rdesktop (10)
2ооо «русбитех-астра»—
129 CVE18 critCVSS 7.3
PoC 20
astra linux special edition (118) · astra linux special edition для «эльбрус» (34) · astra linux common edition (20)
3debian—
121 CVE26 critCVSS 8.0
Nuclei 1PoC 28
debian linux (121) · tmpreaper (1)
4canonical—
99 CVE22 critCVSS 7.8
PoC 30
ubuntu linux (99)
5redhat—
76 CVE15 critCVSS 7.9
PoC 7
enterprise linux server (59) · enterprise linux workstation (59) · enterprise linux desktop (57)
6canonical ltd.—
70 CVE7 critCVSS 7.5
PoC 14
ubuntu (70)
7google—
68 CVE2 critCVSS 7.6
PoC 3
android (37) · chrome (30) · kubernetes engine (1)
8fedoraproject—
59 CVE3 critCVSS 7.8
PoC 7
fedora (59)
9novell inc.—
50 CVE8 critCVSS 7.9
PoC 16
opensuse leap (42) · suse linux enterprise software development kit (20) · suse linux enterprise server (19)
10opensuse—
48 CVE12 critCVSS 7.9
PoC 23
leap (48) · backports sle (5) · package hub (1)
11ао «концерн вниинс»—
45 CVE4 critCVSS 7.5
PoC 12
ос он «стрелец» (45)
12zoneminder—
35 CVE5 critCVSS 6.7
PoC 14
zoneminder (35)
13mozilla—
34 CVE12 critCVSS 8.3
NEWPoC 1
firefox (34) · firefox esr (17) · thunderbird (15)
14google inc—
32 CVE1 critCVSS 7.7
PoC 2
google chrome (30) · android (2) · kubernetes (1)
15maven—
31 CVE2 critCVSS 6.7
PoC 2
org.jenkins-ci.plugins:job-import-plugin (3) · io.jenkins.blueocean:blueocean (2) · org.jenkins-ci.plugins:script-security (2)
16cisco—
30 CVE1 critCVSS 6.6
Nuclei 1PoC 30
cisco hyperflex hx-series (5) · hyperflex hx data platform (5) · cisco telepresence management suite (tms) (2)
17mozilla corp.—
30 CVE12 critCVSS 8.6
NEW
firefox (30) · firefox esr (15) · thunderbird (12)
18qualcomm, inc.—
29 CVE3 critCVSS 7.3
android for msm, firefox os for msm, qrd android (7) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music (4) · snapdragon auto, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon wearables (3)
19netapp—
28 CVE6 critCVSS 6.8
PoC 12
hci management node (9) · solidfire (9) · storage automation store (7)
20ibm—
27 CVE2 critCVSS 5.9
Nuclei 1PoC 1
security identity governance and intelligence (7) · bigfix compliance (4) · security identity manager (3)
21android—
26 CVE1 critCVSS 7.4
NEWPoC 2
android (26)
22cisco systems inc.—
26 CVE1 critCVSS 6.7
Nuclei 1PoC 25
meeting server (2) · cisco hyperflex (2) · telepresence management suite (2)
23red hat inc.—
25 CVE5 critCVSS 7.6
PoC 8
red hat enterprise linux (23) · openshift container platform (2) · red hat enterprise linux server (1)
24ао "нппкт"—
25 CVECVSS 7.8
NEWPoC 8
осон основа оnyx (25)
25jenkins—
24 CVE1 critCVSS 6.5
PoC 1
job import (3) · warnings next generation (2) · blue ocean (2)
26jenkins project—
23 CVE1 critCVSS 6.6
NEWPoC 1
jenkins job import plugin (3) · jenkins github authentication plugin (2) · jenkins script security plugin (2)
27ics-cert—
22 CVE5 critCVSS 7.5
NEWPoC 2
lcds laquis scada (7) · pr100088 modbus gateway (3) · wecon levistudiou (3)
28qualcomm—
22 CVE3 critCVSS 7.3
NEW
sd 820a firmware (21) · mdm9650 firmware (21) · sd 835 firmware (20)
29fedora project—
20 CVECVSS 7.9
PoC 5
fedora (20)
30npm—
19 CVE6 critCVSS 7.6
Nuclei 1PoC 6
m-server (2) · bootstrap-sass (1) · defaults-deep (1)
31dlink—
17 CVE2 critCVSS 8.6
PoC 5
dir-878 firmware (8) · dir-823g firmware (5) · dir-825 rev.b firmware (3)
32d-link corp.—
17 CVE4 critCVSS 8.8
PoC 5
dir-878 (10) · dir-825 rev.b (3) · dir-823g (3)
33f5—
15 CVE2 critCVSS 6.9
NEWPoC 3
big-ip access policy manager (11) · big-ip local traffic manager (9) · big-ip analytics (8)
34hackerone—
15 CVE4 critCVSS 7.7
NEWPoC 3
m-server (2) · defaults-deep (1) · airmax, edgemax (1)
35intel—
15 CVE1 critCVSS 6.4
data center manager (11) · openvino (1) · proset\/wireless (1)
36ао «ивк»—
15 CVE7 critCVSS 8.8
NEW
альт 8 сп (10) · альт 8 сп рабочая станция (5) · альт линукс спт (5)
37check point software technologies ltd.—
14 CVE5 critCVSS 8.2
NEWKEV 1PoC 2
rdesktop (10) · winrar (4)
38gnu—
14 CVE1 critCVSS 6.8
PoC 4
binutils (8) · glibc (5) · pspp (1)
39matio project—
13 CVE6 critCVSS 8.2
NEWPoC 13
matio (13)
40intel corp.—
12 CVE1 critCVSS 6.6
NEW
intel data center manager sdk (10) · openvino (1) · intel unite (1)
41packagist—
12 CVE3 critCVSS 7.6
KEV 1Nuclei 2PoC 8
modx/revolution (4) · drupal/drupal (1) · joomla/joomla-cms (1)
42sap—
12 CVE2 critCVSS 7.2
sap disclosure management (2) · sap abap platform (2) · sap business objects business intelligence (2)
43libsdl—
11 CVECVSS 8.6
NEWPoC 3
simple directmedia layer (11)
44pypi—
11 CVE1 critCVSS 7.0
PoC 3
aioxmpp (2) · sqlalchemy (2) · django (1)
45sap se—
11 CVE2 critCVSS 6.7
NEW
sap disclosure management (2) · abap platform (kernel) (1) · abap platform (krnl64nuc) (1)
46lcds—
10 CVE2 critCVSS 7.5
NEW
laquis scada (10) · lcds laquis scada (3)
47nvidia corporation—
10 CVECVSS 7.6
nvidia gpu graphics driver (7) · android (3)
48rdesktop—
10 CVE5 critCVSS 8.7
NEW
rdesktop (10)
49gnu general public license—
9 CVE1 critCVSS 6.7
PoC 3
gnu binutils (7) · elfutils (1) · gnu c (1)
50oracle—
9 CVE3 critCVSS 6.8
PoC 3
communications operations monitor (5) · secure global desktop (4) · http server (3)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	сообщество свободного программного обеспечения	130	22	1	1	KEV 1Nuclei 1PoC 30	debian gnu/linux (119) · sdl (11) · rdesktop (10)	—
2	ооо «русбитех-астра»	129	18	·	·	PoC 20	astra linux special edition (118) · astra linux special edition для «эльбрус» (34) · astra linux common edition (20)	—
3	debian	121	26	·	1	Nuclei 1PoC 28	debian linux (121) · tmpreaper (1)	—
4	canonical	99	22	·	·	PoC 30	ubuntu linux (99)	—
5	redhat	76	15	·	·	PoC 7	enterprise linux server (59) · enterprise linux workstation (59) · enterprise linux desktop (57)	—
6	canonical ltd.	70	7	·	·	PoC 14	ubuntu (70)	—
7	google	68	2	·	·	PoC 3	android (37) · chrome (30) · kubernetes engine (1)	—
8	fedoraproject	59	3	·	·	PoC 7	fedora (59)	—
9	novell inc.	50	8	·	·	PoC 16	opensuse leap (42) · suse linux enterprise software development kit (20) · suse linux enterprise server (19)	—
10	opensuse	48	12	·	·	PoC 23	leap (48) · backports sle (5) · package hub (1)	—
11	ао «концерн вниинс»	45	4	·	·	PoC 12	ос он «стрелец» (45)	—
12	zoneminder	35	5	·	·	PoC 14	zoneminder (35)	—
13	mozilla	34	12	·	·	NEWPoC 1	firefox (34) · firefox esr (17) · thunderbird (15)	—
14	google inc	32	1	·	·	PoC 2	google chrome (30) · android (2) · kubernetes (1)	—
15	maven	31	2	·	·	PoC 2	org.jenkins-ci.plugins:job-import-plugin (3) · io.jenkins.blueocean:blueocean (2) · org.jenkins-ci.plugins:script-security (2)	—
16	cisco	30	1	·	1	Nuclei 1PoC 30	cisco hyperflex hx-series (5) · hyperflex hx data platform (5) · cisco telepresence management suite (tms) (2)	—
17	mozilla corp.	30	12	·	·	NEW	firefox (30) · firefox esr (15) · thunderbird (12)	—
18	qualcomm, inc.	29	3	·	·		android for msm, firefox os for msm, qrd android (7) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music (4) · snapdragon auto, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon wearables (3)	—
19	netapp	28	6	·	·	PoC 12	hci management node (9) · solidfire (9) · storage automation store (7)	—
20	ibm	27	2	·	1	Nuclei 1PoC 1	security identity governance and intelligence (7) · bigfix compliance (4) · security identity manager (3)	—
21	android	26	1	·	·	NEWPoC 2	android (26)	—
22	cisco systems inc.	26	1	·	1	Nuclei 1PoC 25	meeting server (2) · cisco hyperflex (2) · telepresence management suite (2)	—
23	red hat inc.	25	5	·	·	PoC 8	red hat enterprise linux (23) · openshift container platform (2) · red hat enterprise linux server (1)	—
24	ао "нппкт"	25	·	·	·	NEWPoC 8	осон основа оnyx (25)	—
25	jenkins	24	1	·	·	PoC 1	job import (3) · warnings next generation (2) · blue ocean (2)	—
26	jenkins project	23	1	·	·	NEWPoC 1	jenkins job import plugin (3) · jenkins github authentication plugin (2) · jenkins script security plugin (2)	—
27	ics-cert	22	5	·	·	NEWPoC 2	lcds laquis scada (7) · pr100088 modbus gateway (3) · wecon levistudiou (3)	—
28	qualcomm	22	3	·	·	NEW	sd 820a firmware (21) · mdm9650 firmware (21) · sd 835 firmware (20)	—
29	fedora project	20	·	·	·	PoC 5	fedora (20)	—
30	npm	19	6	·	1	Nuclei 1PoC 6	m-server (2) · bootstrap-sass (1) · defaults-deep (1)	—
31	dlink	17	2	·	·	PoC 5	dir-878 firmware (8) · dir-823g firmware (5) · dir-825 rev.b firmware (3)	—
32	d-link corp.	17	4	·	·	PoC 5	dir-878 (10) · dir-825 rev.b (3) · dir-823g (3)	—
33	f5	15	2	·	·	NEWPoC 3	big-ip access policy manager (11) · big-ip local traffic manager (9) · big-ip analytics (8)	—
34	hackerone	15	4	·	·	NEWPoC 3	m-server (2) · defaults-deep (1) · airmax, edgemax (1)	—
35	intel	15	1	·	·		data center manager (11) · openvino (1) · proset\/wireless (1)	—
36	ао «ивк»	15	7	·	·	NEW	альт 8 сп (10) · альт 8 сп рабочая станция (5) · альт линукс спт (5)	—
37	check point software technologies ltd.	14	5	1	·	NEWKEV 1PoC 2	rdesktop (10) · winrar (4)	—
38	gnu	14	1	·	·	PoC 4	binutils (8) · glibc (5) · pspp (1)	—
39	matio project	13	6	·	·	NEWPoC 13	matio (13)	—
40	intel corp.	12	1	·	·	NEW	intel data center manager sdk (10) · openvino (1) · intel unite (1)	—
41	packagist	12	3	1	2	KEV 1Nuclei 2PoC 8	modx/revolution (4) · drupal/drupal (1) · joomla/joomla-cms (1)	—
42	sap	12	2	·	·		sap disclosure management (2) · sap abap platform (2) · sap business objects business intelligence (2)	—
43	libsdl	11	·	·	·	NEWPoC 3	simple directmedia layer (11)	—
44	pypi	11	1	·	·	PoC 3	aioxmpp (2) · sqlalchemy (2) · django (1)	—
45	sap se	11	2	·	·	NEW	sap disclosure management (2) · abap platform (kernel) (1) · abap platform (krnl64nuc) (1)	—
46	lcds	10	2	·	·	NEW	laquis scada (10) · lcds laquis scada (3)	—
47	nvidia corporation	10	·	·	·		nvidia gpu graphics driver (7) · android (3)	—
48	rdesktop	10	5	·	·	NEW	rdesktop (10)	—
49	gnu general public license	9	1	·	·	PoC 3	gnu binutils (7) · elfutils (1) · gnu c (1)	—
50	oracle	9	3	·	·	PoC 3	communications operations monitor (5) · secure global desktop (4) · http server (3)	—