month report

December 2019

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

December 2019 closed with 1,881 published CVEs. 254 criticals, apple led volume, mostly via iphone os. Top weakness class — CWE-787 (229 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

1,881

— MoM— YoY

Severity mix

254 / 664

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

4.1%

77 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

2262.8

n=77

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

849

n=20

Detection gap

KEV pressure, no Nuclei coverage

December 2019 · vendors with active exploitation listed by CISA but no public detection template.

KEV 5apple248 CVE
KEV 4apple inc.59 CVE
KEV 1microsoft30 CVE
KEV 1microsoft corp30 CVE

Weakness × Vendor

What's spreading where in December 2019

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#14apple inc.59 CVE
#31jenkins project28 CVE
#35gitlab24 CVE
#43gpac13 CVE
#48sonicwall11 CVE
#50barco10 CVE
#51mfscripts10 CVE
#58intesync9 CVE
#59petwant9 CVE
#61sap se9 CVE

Top vendors

Ranked by distinct CVE count this period.

1apple—
248 CVE16 critCVSS 7.9
KEV 5
iphone os (165) · ios (162) · mac os x (144)
2сообщество свободного программного обеспечения—
214 CVE13 critCVSS 7.1
KEV 2Nuclei 8PoC 44
debian gnu/linux (175) · linux (40) · webkitgtk (32)
3novell inc.—
165 CVE5 critCVSS 7.9
KEV 1Nuclei 1PoC 17
opensuse leap (149) · suse linux enterprise desktop (58) · suse linux enterprise server (56)
4debian—
159 CVE18 critCVSS 6.8
Nuclei 6PoC 28
debian linux (159) · debian-lan-config (1) · debian edu (1)
5ооо «русбитех-астра»—
116 CVE8 critCVSS 7.0
Nuclei 1PoC 25
astra linux special edition (109) · astra linux special edition для «эльбрус» (38) · astra linux common edition (12)
6fedoraproject—
111 CVE4 critCVSS 6.8
KEV 1Nuclei 2PoC 15
fedora (110) · sectool (1) · sssd (1)
7redhat—
106 CVE9 critCVSS 7.3
KEV 2Nuclei 1PoC 5
enterprise linux desktop (56) · enterprise linux server (56) · enterprise linux workstation (56)
8ао «концерн вниинс»—
96 CVE4 critCVSS 6.9
KEV 1Nuclei 1PoC 9
ос он «стрелец» (96)
9siemens—
78 CVE26 critCVSS 7.4
PoC 25
sppa-t3000 ms3000 migration server (35) · sppa-t3000 application server (18) · sinec infrastructure network services (9)
10opensuse—
74 CVE6 critCVSS 7.0
Nuclei 1PoC 18
leap (64) · backports sle (18) · opensuse (7)
11red hat inc.—
74 CVE3 critCVSS 7.1
KEV 2Nuclei 1PoC 6
red hat enterprise linux (70) · jboss web server (2) · keycloak (2)
12ао «ивк»—
65 CVE1 critCVSS 6.7
PoC 5
альт 8 сп (65)
13fedora project—
61 CVE2 critCVSS 6.9
KEV 1Nuclei 1PoC 4
fedora (61)
14apple inc.—
59 CVECVSS 8.4
NEWKEV 4
ios (56) · tvos (56) · itunes (55)
15google—
58 CVECVSS 6.8
PoC 2
chrome (41) · android (16) · tensorflow (1)
16qualcomm—
48 CVE12 critCVSS 8.3
qcs605 firmware (42) · sdm660 firmware (41) · sm8150 firmware (40)
17qualcomm, inc.—
48 CVE12 critCVSS 8.0
snapdragon auto, snapdragon compute, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (8) · snapdragon auto, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music (4) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables, snapdragon wired infrastructure and networking (3)
18maven—
47 CVE4 critCVSS 7.1
KEV 1Nuclei 2PoC 4
org.jenkins-ci.plugins:teamconcert (3) · org.jenkins-ci.plugins:websphere-deployer (3) · com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (3)
19canonical—
46 CVE6 critCVSS 6.7
Nuclei 2PoC 13
ubuntu linux (45) · ubuntu cobbler (1)
20canonical ltd.—
44 CVE2 critCVSS 6.7
KEV 1Nuclei 2PoC 7
ubuntu (44)
21linux—
41 CVECVSS 5.9
PoC 16
linux kernel (41)
22intel—
40 CVE2 critCVSS 6.1
converged security management engine firmware (12) · trusted execution engine firmware (11) · active management technology firmware (8)
23google inc—
39 CVE1 critCVSS 6.8
Nuclei 1PoC 1
google chrome (37) · android (1) · android studio (1)
24intel corp.—
37 CVE2 critCVSS 6.9
intel converged security and manageability engine (13) · active management technology (8) · intel trusted execution engine firmware (6)
25ibm—
34 CVE4 critCVSS 6.3
KEV 1Nuclei 1PoC 1
cloud pak system (8) · financial transaction manager (4) · cognos analytics (4)
26microsoft—
30 CVECVSS 6.6
KEV 1PoC 3
windows (19) · windows server (17) · windows server 2016 (15)
27microsoft corp—
30 CVECVSS 6.5
KEV 1PoC 3
windows server 2019 (server core installation) (14) · windows server 2019 (14) · windows 10 1903 (13)
28oracle—
30 CVE3 critCVSS 7.8
KEV 1Nuclei 2PoC 6
mysql workbench (10) · communications cloud native core network function cloud native environment (3) · sd-wan edge (3)
29huawei—
28 CVE1 critCVSS 5.9
s5700 firmware (7) · svn5800-c firmware (5) · svn5600 firmware (5)
30jenkins—
28 CVECVSS 6.7
team concert (3) · websphere deployer (3) · build failure analyzer (3)
31jenkins project—
28 CVECVSS 6.7
NEW
jenkins team concert plugin (3) · jenkins websphere deployer plugin (3) · jenkins build failure analyzer plugin (3)
32adobe—
27 CVE19 critCVSS 9.1
PoC 1
acrobat dc (21) · acrobat reader dc (21) · adobe acrobat and reader (21)
33ао "нппкт"—
27 CVE2 critCVSS 7.1
PoC 4
осон основа оnyx (27)
34netapp—
25 CVE3 critCVSS 6.2
Nuclei 1PoC 6
cloud backup (18) · steelstore cloud integrated storage (12) · active iq unified manager (12)
35gitlab—
24 CVECVSS 6.0
NEWNuclei 4PoC 7
gitlab (24)
36npm—
24 CVE6 critCVSS 7.5
KEV 1Nuclei 2PoC 6
cli (4) · npm (3) · connect (2)
37adobe systems inc.—
20 CVE12 critCVSS 9.0
adobe acrobat 2017 (16) · adobe acrobat document cloud (16) · adobe acrobat reader 2017 (16)
38apache—
19 CVE2 critCVSS 7.4
KEV 1Nuclei 2PoC 4
olingo (3) · bookkeeper (3) · tomcat (2)
39pypi—
19 CVE4 critCVSS 6.7
Nuclei 1PoC 3
waitress (4) · apache-superset (2) · django (2)
40f5—
16 CVECVSS 5.9
big-ip application security manager (13) · big-ip local traffic manager (13) · big-ip access policy manager (12)
41packagist—
16 CVE4 critCVSS 6.9
PoC 12
typo3/cms-core (3) · contao/contao (3) · contao/core-bundle (3)
42siemens ag—
14 CVE3 critCVSS 6.4
PoC 6
en100 ethernet module profinet io variant (3) · en100 ethernet module dnp3 variant (3) · en100 ethernet module iec104 variant (3)
43gpac—
13 CVECVSS 5.5
NEWPoC 11
gpac (13)
44qnap—
12 CVE7 critCVSS 8.2
KEV 4Nuclei 3PoC 4
qts (4) · photo station (3) · music station (2)
45dlink—
11 CVE2 critCVSS 8.3
KEV 1Nuclei 1PoC 6
dba-1510p firmware (2) · dap-1860 firmware (2) · dir-601 firmware (2)
46oracle corp.—
11 CVE2 critCVSS 7.4
KEV 1Nuclei 2PoC 3
graalvm enterprise edition (3) · peoplesoft enterprise peopletools (2) · mysql enterprise monitor (2)
47saitoha—
11 CVE4 critCVSS 8.5
PoC 3
libsixel (11)
48sonicwall—
11 CVE4 critCVSS 8.3
NEWKEV 2Nuclei 2
sma100 (6) · sma 100 firmware (6) · email security appliance (2)
49tenable—
11 CVE2 critCVSS 5.7
PoC 3
securitycenter (5) · tenable.sc (3) · nessus (2)
50barco—
10 CVE2 critCVSS 7.4
NEWPoC 1
clickshare cse-200 firmware (6) · clickshare cse-800 firmware (5) · clickshare cs-100 firmware (5)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	apple	248	16	5	·	KEV 5	iphone os (165) · ios (162) · mac os x (144)	—
2	сообщество свободного программного обеспечения	214	13	2	8	KEV 2Nuclei 8PoC 44	debian gnu/linux (175) · linux (40) · webkitgtk (32)	—
3	novell inc.	165	5	1	1	KEV 1Nuclei 1PoC 17	opensuse leap (149) · suse linux enterprise desktop (58) · suse linux enterprise server (56)	—
4	debian	159	18	·	6	Nuclei 6PoC 28	debian linux (159) · debian-lan-config (1) · debian edu (1)	—
5	ооо «русбитех-астра»	116	8	·	1	Nuclei 1PoC 25	astra linux special edition (109) · astra linux special edition для «эльбрус» (38) · astra linux common edition (12)	—
6	fedoraproject	111	4	1	2	KEV 1Nuclei 2PoC 15	fedora (110) · sectool (1) · sssd (1)	—
7	redhat	106	9	2	1	KEV 2Nuclei 1PoC 5	enterprise linux desktop (56) · enterprise linux server (56) · enterprise linux workstation (56)	—
8	ао «концерн вниинс»	96	4	1	1	KEV 1Nuclei 1PoC 9	ос он «стрелец» (96)	—
9	siemens	78	26	·	·	PoC 25	sppa-t3000 ms3000 migration server (35) · sppa-t3000 application server (18) · sinec infrastructure network services (9)	—
10	opensuse	74	6	·	1	Nuclei 1PoC 18	leap (64) · backports sle (18) · opensuse (7)	—
11	red hat inc.	74	3	2	1	KEV 2Nuclei 1PoC 6	red hat enterprise linux (70) · jboss web server (2) · keycloak (2)	—
12	ао «ивк»	65	1	·	·	PoC 5	альт 8 сп (65)	—
13	fedora project	61	2	1	1	KEV 1Nuclei 1PoC 4	fedora (61)	—
14	apple inc.	59	·	4	·	NEWKEV 4	ios (56) · tvos (56) · itunes (55)	—
15	google	58	·	·	·	PoC 2	chrome (41) · android (16) · tensorflow (1)	—
16	qualcomm	48	12	·	·		qcs605 firmware (42) · sdm660 firmware (41) · sm8150 firmware (40)	—
17	qualcomm, inc.	48	12	·	·		snapdragon auto, snapdragon compute, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (8) · snapdragon auto, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music (4) · snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables, snapdragon wired infrastructure and networking (3)	—
18	maven	47	4	1	2	KEV 1Nuclei 2PoC 4	org.jenkins-ci.plugins:teamconcert (3) · org.jenkins-ci.plugins:websphere-deployer (3) · com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (3)	—
19	canonical	46	6	·	2	Nuclei 2PoC 13	ubuntu linux (45) · ubuntu cobbler (1)	—
20	canonical ltd.	44	2	1	2	KEV 1Nuclei 2PoC 7	ubuntu (44)	—
21	linux	41	·	·	·	PoC 16	linux kernel (41)	—
22	intel	40	2	·	·		converged security management engine firmware (12) · trusted execution engine firmware (11) · active management technology firmware (8)	—
23	google inc	39	1	·	1	Nuclei 1PoC 1	google chrome (37) · android (1) · android studio (1)	—
24	intel corp.	37	2	·	·		intel converged security and manageability engine (13) · active management technology (8) · intel trusted execution engine firmware (6)	—
25	ibm	34	4	1	1	KEV 1Nuclei 1PoC 1	cloud pak system (8) · financial transaction manager (4) · cognos analytics (4)	—
26	microsoft	30	·	1	·	KEV 1PoC 3	windows (19) · windows server (17) · windows server 2016 (15)	—
27	microsoft corp	30	·	1	·	KEV 1PoC 3	windows server 2019 (server core installation) (14) · windows server 2019 (14) · windows 10 1903 (13)	—
28	oracle	30	3	1	2	KEV 1Nuclei 2PoC 6	mysql workbench (10) · communications cloud native core network function cloud native environment (3) · sd-wan edge (3)	—
29	huawei	28	1	·	·		s5700 firmware (7) · svn5800-c firmware (5) · svn5600 firmware (5)	—
30	jenkins	28	·	·	·		team concert (3) · websphere deployer (3) · build failure analyzer (3)	—
31	jenkins project	28	·	·	·	NEW	jenkins team concert plugin (3) · jenkins websphere deployer plugin (3) · jenkins build failure analyzer plugin (3)	—
32	adobe	27	19	·	·	PoC 1	acrobat dc (21) · acrobat reader dc (21) · adobe acrobat and reader (21)	—
33	ао "нппкт"	27	2	·	·	PoC 4	осон основа оnyx (27)	—
34	netapp	25	3	·	1	Nuclei 1PoC 6	cloud backup (18) · steelstore cloud integrated storage (12) · active iq unified manager (12)	—
35	gitlab	24	·	·	4	NEWNuclei 4PoC 7	gitlab (24)	—
36	npm	24	6	1	2	KEV 1Nuclei 2PoC 6	cli (4) · npm (3) · connect (2)	—
37	adobe systems inc.	20	12	·	·		adobe acrobat 2017 (16) · adobe acrobat document cloud (16) · adobe acrobat reader 2017 (16)	—
38	apache	19	2	1	2	KEV 1Nuclei 2PoC 4	olingo (3) · bookkeeper (3) · tomcat (2)	—
39	pypi	19	4	·	1	Nuclei 1PoC 3	waitress (4) · apache-superset (2) · django (2)	—
40	f5	16	·	·	·		big-ip application security manager (13) · big-ip local traffic manager (13) · big-ip access policy manager (12)	—
41	packagist	16	4	·	·	PoC 12	typo3/cms-core (3) · contao/contao (3) · contao/core-bundle (3)	—
42	siemens ag	14	3	·	·	PoC 6	en100 ethernet module profinet io variant (3) · en100 ethernet module dnp3 variant (3) · en100 ethernet module iec104 variant (3)	—
43	gpac	13	·	·	·	NEWPoC 11	gpac (13)	—
44	qnap	12	7	4	3	KEV 4Nuclei 3PoC 4	qts (4) · photo station (3) · music station (2)	—
45	dlink	11	2	1	1	KEV 1Nuclei 1PoC 6	dba-1510p firmware (2) · dap-1860 firmware (2) · dir-601 firmware (2)	—
46	oracle corp.	11	2	1	2	KEV 1Nuclei 2PoC 3	graalvm enterprise edition (3) · peoplesoft enterprise peopletools (2) · mysql enterprise monitor (2)	—
47	saitoha	11	4	·	·	PoC 3	libsixel (11)	—
48	sonicwall	11	4	2	2	NEWKEV 2Nuclei 2	sma100 (6) · sma 100 firmware (6) · email security appliance (2)	—
49	tenable	11	2	·	·	PoC 3	securitycenter (5) · tenable.sc (3) · nessus (2)	—
50	barco	10	2	·	·	NEWPoC 1	clickshare cse-200 firmware (6) · clickshare cse-800 firmware (5) · clickshare cs-100 firmware (5)	—