month report
August 2019
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
August 2019 closed with 2,064 published CVEs. 326 criticals, cpanel led volume, mostly via cpanel. Biggest breakout: adobe systems inc. at ×45.5 their 12-month median. Top weakness class — CWE-79 (458 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
2,064
— MoM— YoY
Severity mix
326 / 726
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
22.3%
460 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
2389.1
n=460
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
902
n=6
Weakness × Vendor
What's spreading where in August 2019
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS20Improper Input Validation787Out-of-bounds Write352CSRF89SQL Injection125Out-of-bounds Read200Information Exposure416Use After Free22Path Traversal119Memory Buffer Boundscpanel6068141292adobe13333244сообщество свободного программного обеспечения227221411332adobe systems inc.12933102microsoft28192131microsoft corp28172131debian13121121814packagist3548211magento283611cisco4222118cisco systems inc.4222118canonical32661
Breakout vendors
CVE count ≥3× their own 12-period median.
- 45.5×adobe systems inc.91 CVE
- 13.9×adobe118 CVE
- 8.9×fedoraproject40 CVE
- 8.0×fedora project24 CVE
- 6.8×opensuse51 CVE
- 5.3×ао «концерн вниинс»45 CVE
- 4.5×linux38 CVE
- 4.4×netapp33 CVE
- 4.3×atlassian17 CVE
- 4.0×packagist86 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #1cpanel277 CVE
- #9magento71 CVE
- #21bestwebsoft35 CVE
- #25crates.io31 CVE
- #27jenkins project25 CVE
- #40sap se16 CVE
- #42ithemes15 CVE
- #46hewlett packard enterprise (hpe)13 CVE
- #47mcafee12 CVE
- #48microdigital12 CVE
Top vendors
Ranked by distinct CVE count this period.
- 277 CVE5 critCVSS 5.9NEWcpanel (277)
- 118 CVE48 critCVSS 8.3×13.9acrobat dc (75) · acrobat reader dc (75) · adobe acrobat and reader (75)
- 95 CVE12 critCVSS 7.1KEV 1Nuclei 3PoC 34debian gnu/linux (68) · linux (28) · envoy (4)
- 91 CVE31 critCVSS 7.8×45.5PoC 1adobe acrobat reader document cloud (53) · adobe acrobat document cloud (53) · adobe acrobat 2017 (39)
- 89 CVE8 critCVSS 7.3PoC 9windows server 2016 (60) · windows 10 (59) · windows server 2019 (58)
- 89 CVE7 critCVSS 7.3PoC 9windows 10 1903 (61) · windows server 1903 (server core installation) (61) · windows server 2019 (61)
- 88 CVE15 critCVSS 7.1KEV 1Nuclei 1PoC 21debian linux (88)
- 86 CVE5 critCVSS 6.4×4.0PoC 74magento/community-edition (70) · magento/product-community-edition (3) · bolt/bolt (3)
- 71 CVECVSS 6.1NEWPoC 70magento (71)
- 69 CVE9 critCVSS 7.6×3.6PoC 69integrated management controller supervisor (17) · unified computing system (13) · cisco enterprise nfv infrastructure software (12)
- 68 CVE9 critCVSS 7.6×3.8PoC 67enterprise nfv infrastructure software (12) · unified computing system (12) · integrated management controller (11)
- 51 CVE6 critCVSS 6.7PoC 19ubuntu linux (51)
- 51 CVE2 critCVSS 6.6×6.8PoC 15leap (50) · backports (1) · backports sle (1)
- 46 CVE7 critCVSS 7.2PoC 16ubuntu (46) · apport (1)
- 46 CVE1 critCVSS 6.7KEV 1Nuclei 2PoC 5org.opencms:opencms-core (4) · org.jenkins-ci.plugins:gitlab-oauth (2) · com.xebialabs.xlt.ci:xltestview-plugin (2)
- 46 CVE8 critCVSS 7.5PoC 21astra linux special edition (42) · astra linux special edition для «эльбрус» (25) · astra linux common edition (10)
- 45 CVE3 critCVSS 6.7informix dynamic server (9) · informix dynamic server enterprise edition (9) · emptoris spend analysis (6)
- 45 CVE7 critCVSS 7.7×5.3KEV 1Nuclei 1PoC 13ос он «стрелец» (45)
- 40 CVE7 critCVSS 7.8×8.9PoC 13fedora (39) · 389 directory server (1)
- 38 CVE3 critCVSS 6.1×4.5PoC 17linux kernel (38)
- 35 CVE2 critCVSS 6.3NEWNuclei 35contact form (5) · visitors online (2) · pdf \& print (2)
- 34 CVECVSS 7.4Nuclei 1PoC 3enterprise linux (15) · jboss enterprise application platform (9) · software collections (9)
- 33 CVE6 critCVSS 5.7×4.4PoC 11data availability services (15) · h410c firmware (14) · active iq unified manager (14)
- 32 CVE5 critCVSS 7.5PoC 10opensuse leap (24) · suse linux enterprise server for sap applications (9) · suse linux enterprise server (9)
- 31 CVE11 critCVSS 8.0NEWPoC 1smallvec (3) · slice-deque (2) · ncurses (2)
- 25 CVE2 critCVSS 7.2PoC 2android (18) · nest cam iq indoor firmware (5) · cloud messaging notification (1)
- 25 CVECVSS 6.5NEWNuclei 1jenkins jclouds plugin (2) · jenkins (2) · jenkins relution enterprise appstore publisher plugin (2)
- 24 CVE7 critCVSS 8.1×8.0Nuclei 1PoC 6fedora (24)
- 24 CVECVSS 6.5Nuclei 1xl testview (2) · gitlab oauth (2) · jclouds (2)
- 21 CVECVSS 7.0KEV 2Nuclei 1PoC 3traffic server (8) · apache tika (3) · tika (3)
- 20 CVE4 critCVSS 7.2PoC 5openpgp (3) · status-board (2) · editor.md (2)
- 20 CVE1 critCVSS 7.5Nuclei 1PoC 5red hat enterprise linux (16) · libvirt (3) · red hat openstack platform (2)
- 19 CVE4 critCVSS 7.8PoC 4django (4) · opencv-contrib-python-headless (3) · opencv-contrib-python (3)
- 18 CVE1 critCVSS 7.0×3.0Nuclei 1PoC 166600-ap firmware (7) · dwl-3600ap firmware (7) · dir-823g firmware (5)
- 17 CVE1 critCVSS 5.9×4.3KEV 1Nuclei 3PoC 4jira (14) · jira server (11) · confluence (1)
- 17 CVE6 critCVSS 7.6×3.4PoC 1ruggedcom win7000 firmware (11) · ruggedcom win7200 firmware (11) · ruggedcom win7018 firmware (11)
- 16 CVECVSS 7.3KEV 1Nuclei 1PoC 2traffic server (6) · netty (3) · tika (3)
- 16 CVE3 critCVSS 7.4Nuclei 1PoC 3graalvm (7) · retail xstore point of service (3) · flexcube private banking (2)
- 16 CVE2 critCVSS 7.1KEV 1businessobjects business intelligence (7) · sap business objects business intelligence (4) · sap commerce cloud (2)
- 16 CVE2 critCVSS 7.1NEWKEV 1sap enable now (2) · sap businessobjects business intelligence platform (bi workspace) (2) · sap businessobjects business intelligence platform (cmc) (1)
- 16 CVE3 critCVSS 7.7×4.0PoC 6осон основа оnyx (16)
- 15 CVECVSS 6.1NEWNuclei 15authorize.net (1) · builder style manager (1) · builder theme depot (1)
- 15 CVE6 critCVSS 8.2PoC 1ruggedcom win70xxb base station (11) · ruggedcom win72xx base station (10) · scalance sc-600 (2)
- 14 CVE4 critCVSS 7.23par service processor firmware (6) · 3par storeserv management console (6) · hp 2910-48g al switch (1)
- 13 CVE1 critCVSS 5.6fortios (9) · fortios ips engine (1) · fortimanager vm (1)
- 13 CVE4 critCVSS 7.6NEWhpe 3par service processor (6) · hpe 3par storeserv management and core software media (6) · hp xp7 cvae (1)
- 12 CVECVSS 6.9NEWweb gateway (9) · data loss prevention endpoint (2) · file and removable media protection (1)
- 12 CVE6 critCVSS 8.7NEWmdc-n2190v firmware (12) · mdc-n4090 firmware (12) · mdc-n4090w firmware (12)
- 11 CVECVSS 7.5×3.7PoC 1swiftnio (8) · mac os x (3) · tvos (1)
- 11 CVE5 critCVSS 8.5NEWPoC 1garrettcom magnum dx940e firmware (11) · hirschmann hios (11)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | cpanel | 277 | 5 | · | · | NEW | cpanel (277) | — | |
| 2 | adobe | 118 | 48 | · | · | ×13.9 | acrobat dc (75) · acrobat reader dc (75) · adobe acrobat and reader (75) | — | |
| 3 | сообщество свободного программного обеспечения | 95 | 12 | 1 | 3 | KEV 1Nuclei 3PoC 34 | debian gnu/linux (68) · linux (28) · envoy (4) | — | |
| 4 | adobe systems inc. | 91 | 31 | · | · | ×45.5PoC 1 | adobe acrobat reader document cloud (53) · adobe acrobat document cloud (53) · adobe acrobat 2017 (39) | — | |
| 5 | microsoft | 89 | 8 | · | · | PoC 9 | windows server 2016 (60) · windows 10 (59) · windows server 2019 (58) | — | |
| 6 | microsoft corp | 89 | 7 | · | · | PoC 9 | windows 10 1903 (61) · windows server 1903 (server core installation) (61) · windows server 2019 (61) | — | |
| 7 | debian | 88 | 15 | 1 | 1 | KEV 1Nuclei 1PoC 21 | debian linux (88) | — | |
| 8 | packagist | 86 | 5 | · | · | ×4.0PoC 74 | magento/community-edition (70) · magento/product-community-edition (3) · bolt/bolt (3) | — | |
| 9 | magento | 71 | · | · | · | NEWPoC 70 | magento (71) | — | |
| 10 | cisco | 69 | 9 | · | · | ×3.6PoC 69 | integrated management controller supervisor (17) · unified computing system (13) · cisco enterprise nfv infrastructure software (12) | — | |
| 11 | cisco systems inc. | 68 | 9 | · | · | ×3.8PoC 67 | enterprise nfv infrastructure software (12) · unified computing system (12) · integrated management controller (11) | — | |
| 12 | canonical | 51 | 6 | · | · | PoC 19 | ubuntu linux (51) | — | |
| 13 | opensuse | 51 | 2 | · | · | ×6.8PoC 15 | leap (50) · backports (1) · backports sle (1) | — | |
| 14 | canonical ltd. | 46 | 7 | · | · | PoC 16 | ubuntu (46) · apport (1) | — | |
| 15 | maven | 46 | 1 | 1 | 2 | KEV 1Nuclei 2PoC 5 | org.opencms:opencms-core (4) · org.jenkins-ci.plugins:gitlab-oauth (2) · com.xebialabs.xlt.ci:xltestview-plugin (2) | — | |
| 16 | ооо «русбитех-астра» | 46 | 8 | · | · | PoC 21 | astra linux special edition (42) · astra linux special edition для «эльбрус» (25) · astra linux common edition (10) | — | |
| 17 | ibm | 45 | 3 | · | · | informix dynamic server (9) · informix dynamic server enterprise edition (9) · emptoris spend analysis (6) | — | ||
| 18 | ао «концерн вниинс» | 45 | 7 | 1 | 1 | ×5.3KEV 1Nuclei 1PoC 13 | ос он «стрелец» (45) | — | |
| 19 | fedoraproject | 40 | 7 | · | · | ×8.9PoC 13 | fedora (39) · 389 directory server (1) | — | |
| 20 | linux | 38 | 3 | · | · | ×4.5PoC 17 | linux kernel (38) | — | |
| 21 | bestwebsoft | 35 | 2 | · | 35 | NEWNuclei 35 | contact form (5) · visitors online (2) · pdf \& print (2) | — | |
| 22 | redhat | 34 | · | · | 1 | Nuclei 1PoC 3 | enterprise linux (15) · jboss enterprise application platform (9) · software collections (9) | — | |
| 23 | netapp | 33 | 6 | · | · | ×4.4PoC 11 | data availability services (15) · h410c firmware (14) · active iq unified manager (14) | — | |
| 24 | novell inc. | 32 | 5 | · | · | PoC 10 | opensuse leap (24) · suse linux enterprise server for sap applications (9) · suse linux enterprise server (9) | — | |
| 25 | crates.io | 31 | 11 | · | · | NEWPoC 1 | smallvec (3) · slice-deque (2) · ncurses (2) | — | |
| 26 | 25 | 2 | · | · | PoC 2 | android (18) · nest cam iq indoor firmware (5) · cloud messaging notification (1) | — | ||
| 27 | jenkins project | 25 | · | · | 1 | NEWNuclei 1 | jenkins jclouds plugin (2) · jenkins (2) · jenkins relution enterprise appstore publisher plugin (2) | — | |
| 28 | fedora project | 24 | 7 | · | 1 | ×8.0Nuclei 1PoC 6 | fedora (24) | — | |
| 29 | jenkins | 24 | · | · | 1 | Nuclei 1 | xl testview (2) · gitlab oauth (2) · jclouds (2) | — | |
| 30 | apache | 21 | · | 2 | 1 | KEV 2Nuclei 1PoC 3 | traffic server (8) · apache tika (3) · tika (3) | — | |
| 31 | npm | 20 | 4 | · | · | PoC 5 | openpgp (3) · status-board (2) · editor.md (2) | — | |
| 32 | red hat inc. | 20 | 1 | · | 1 | Nuclei 1PoC 5 | red hat enterprise linux (16) · libvirt (3) · red hat openstack platform (2) | — | |
| 33 | pypi | 19 | 4 | · | · | PoC 4 | django (4) · opencv-contrib-python-headless (3) · opencv-contrib-python (3) | — | |
| 34 | dlink | 18 | 1 | · | 1 | ×3.0Nuclei 1PoC 16 | 6600-ap firmware (7) · dwl-3600ap firmware (7) · dir-823g firmware (5) | — | |
| 35 | atlassian | 17 | 1 | 1 | 3 | ×4.3KEV 1Nuclei 3PoC 4 | jira (14) · jira server (11) · confluence (1) | — | |
| 36 | siemens | 17 | 6 | · | · | ×3.4PoC 1 | ruggedcom win7000 firmware (11) · ruggedcom win7200 firmware (11) · ruggedcom win7018 firmware (11) | — | |
| 37 | apache software foundation | 16 | · | 1 | 1 | KEV 1Nuclei 1PoC 2 | traffic server (6) · netty (3) · tika (3) | — | |
| 38 | oracle | 16 | 3 | · | 1 | Nuclei 1PoC 3 | graalvm (7) · retail xstore point of service (3) · flexcube private banking (2) | — | |
| 39 | sap | 16 | 2 | 1 | · | KEV 1 | businessobjects business intelligence (7) · sap business objects business intelligence (4) · sap commerce cloud (2) | — | |
| 40 | sap se | 16 | 2 | 1 | · | NEWKEV 1 | sap enable now (2) · sap businessobjects business intelligence platform (bi workspace) (2) · sap businessobjects business intelligence platform (cmc) (1) | — | |
| 41 | ао "нппкт" | 16 | 3 | · | · | ×4.0PoC 6 | осон основа оnyx (16) | — | |
| 42 | ithemes | 15 | · | · | 15 | NEWNuclei 15 | authorize.net (1) · builder style manager (1) · builder theme depot (1) | — | |
| 43 | siemens ag | 15 | 6 | · | · | PoC 1 | ruggedcom win70xxb base station (11) · ruggedcom win72xx base station (10) · scalance sc-600 (2) | — | |
| 44 | hp | 14 | 4 | · | · | 3par service processor firmware (6) · 3par storeserv management console (6) · hp 2910-48g al switch (1) | — | ||
| 45 | fortinet inc. | 13 | 1 | · | · | fortios (9) · fortios ips engine (1) · fortimanager vm (1) | — | ||
| 46 | hewlett packard enterprise (hpe) | 13 | 4 | · | · | NEW | hpe 3par service processor (6) · hpe 3par storeserv management and core software media (6) · hp xp7 cvae (1) | — | |
| 47 | mcafee | 12 | · | · | · | NEW | web gateway (9) · data loss prevention endpoint (2) · file and removable media protection (1) | — | |
| 48 | microdigital | 12 | 6 | · | · | NEW | mdc-n2190v firmware (12) · mdc-n4090 firmware (12) · mdc-n4090w firmware (12) | — | |
| 49 | apple | 11 | · | · | · | ×3.7PoC 1 | swiftnio (8) · mac os x (3) · tvos (1) | — | |
| 50 | belden | 11 | 5 | · | · | NEWPoC 1 | garrettcom magnum dx940e firmware (11) · hirschmann hios (11) | — |