CVE Tools
Sign in
month report

January 2020

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

January 2020 closed with 1,984 published CVEs. 247 criticals, oracle led volume, mostly via enterprise manager base platform. Top weakness class — CWE-79 (242 CVE). 10 vendors cracked the top-100 for the first time.

Print view
Total CVEs
1,984
— MoM— YoY
Severity mix
247 / 642
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
5.8%
116 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)
2242.2
n=116
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
786
n=7
Weakness × Vendor

What's spreading where in January 2020

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

79XSS787Out-of-bounds Write20Improper Input Validation78OS Command Injection200Information Exposure269Improper Privilege Mgmt22Path Traversal352CSRF89SQL Injection125Out-of-bounds Readoracle3411oracle corp.341oracle corporation1сообщество свободного программного обеспечения5216412117ооо «русбитех-астра»518316debian410211124opensuse214219ао «концерн вниинс»517513canonical39113novell inc.314321113redhat693121122red hat inc.513421

First time in top-100

Vendors never in top-100 in the prior 24 periods.

Top vendors

Ranked by distinct CVE count this period.

  • 1oracle
    220 CVE7 critCVSS 6.6
    KEV 2Nuclei 13PoC 7
    enterprise manager base platform (40) · vm virtualbox (18) · mysql (16)
  • 2oracle corp.
    214 CVE7 critCVSS 6.3
    KEV 2Nuclei 13PoC 7
    enterprise manager base platform (28) · vm virtualbox (18) · database server (12)
  • 3oracle corporation
    203 CVE5 critCVSS 6.0
    NEWKEV 2Nuclei 11PoC 4
    enterprise manager base platform (36) · vm virtualbox (18) · mysql server (15)
  • 4сообщество свободного программного обеспечения
    125 CVE18 critCVSS 7.4
    KEV 1Nuclei 3PoC 33
    debian gnu/linux (112) · linux (9) · rconfig (2)
  • 5ооо «русбитех-астра»
    81 CVE10 critCVSS 7.3
    PoC 22
    astra linux special edition (75) · astra linux special edition для «эльбрус» (23) · astra linux common edition (21)
  • 6debian
    80 CVE14 critCVSS 7.1
    KEV 1Nuclei 3PoC 15
    debian linux (80)
  • 7opensuse
    76 CVE5 critCVSS 6.8
    Nuclei 2PoC 20
    leap (59) · backports sle (19) · factory (7)
  • 8ао «концерн вниинс»
    75 CVE8 critCVSS 7.3
    PoC 22
    ос он «стрелец» (75)
  • 9canonical
    73 CVE8 critCVSS 6.8
    KEV 1Nuclei 2PoC 16
    ubuntu linux (73)
  • 10novell inc.
    64 CVE6 critCVSS 6.7
    Nuclei 1PoC 18
    opensuse leap (56) · suse linux enterprise server for sap applications (11) · suse linux enterprise server (11)
  • 11redhat
    64 CVE8 critCVSS 6.7
    Nuclei 1PoC 8
    enterprise linux (23) · enterprise linux workstation (20) · enterprise linux desktop (20)
  • 12red hat inc.
    63 CVE7 critCVSS 7.5
    Nuclei 2PoC 14
    red hat enterprise linux (53) · red hat software collections (4) · openshift container platform (3)
  • 13canonical ltd.
    60 CVE2 critCVSS 6.8
    PoC 16
    ubuntu (60)
  • 14microsoft
    59 CVE4 critCVSS 7.7
    KEV 3Nuclei 1PoC 3
    windows server (36) · windows server 2016 (36) · windows server 2019 (35)
  • 15ао «ивк»
    59 CVE2 critCVSS 7.4
    PoC 18
    альт 8 сп (59) · альт сп 10 (1)
  • 16microsoft corp
    58 CVE4 critCVSS 7.3
    KEV 3Nuclei 1PoC 3
    windows server 2019 (34) · windows server 2016 (31) · windows 10 1803 (31)
  • 17maven
    56 CVE8 critCVSS 7.1
    Nuclei 7PoC 7
    org.jenkins-ci.main:jenkins-core (9) · org.opencastproject:opencast-kernel (3) · org.apache.cxf:cxf (2)
  • 18gitlab
    48 CVE4 critCVSS 6.5
    NEWNuclei 2PoC 2
    gitlab (48) · gitlab ce/ee (7) · gitlab ee (4)
  • 19fedoraproject
    45 CVE9 critCVSS 7.2
    KEV 1Nuclei 2PoC 11
    fedora (44) · extra packages for enterprise linux (1) · 389 directory server (1)
  • 20cisco
    43 CVE4 critCVSS 6.8
    PoC 33
    cisco data center network manager (12) · data center network manager (12) · ios xr (5)
  • 21cisco systems inc.
    42 CVE5 critCVSS 7.2
    PoC 33
    cisco data center network manager (12) · cisco ios xr (5) · cisco sd-wan (3)
  • 22mozilla
    37 CVE1 critCVSS 7.7
    NEWPoC 11
    firefox (37) · firefox esr (22) · thunderbird (15)
  • 23pypi
    37 CVE5 critCVSS 7.4
    Nuclei 1PoC 1
    plone (7) · pillow (5) · ansible (2)
  • 24netapp
    35 CVE1 critCVSS 5.6
    Nuclei 1PoC 3
    active iq unified manager (26) · oncommand insight (22) · oncommand workflow automation (22)
  • 25mozilla corp.
    34 CVE1 critCVSS 7.7
    NEWPoC 11
    firefox (34) · firefox esr (22) · thunderbird (18)
  • 26packagist
    34 CVE6 critCVSS 6.9
    Nuclei 1PoC 12
    magento/community-edition (6) · magento/core (3) · dolibarr/dolibarr (3)
  • 27google
    28 CVE1 critCVSS 6.8
    PoC 3
    android (19) · chrome (8) · tensorflow (1)
  • 28qualcomm
    28 CVE11 critCVSS 8.7
    sm8150 firmware (25) · sxr2130 firmware (23) · sdm845 firmware (23)
  • 29qualcomm, inc.
    28 CVE11 critCVSS 8.4
    snapdragon auto, snapdragon compute, snapdragon connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (10) · snapdragon auto, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music (2) · snapdragon auto, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (2)
  • 30ао "нппкт"
    25 CVE5 critCVSS 7.2
    Nuclei 1PoC 6
    осон основа оnyx (25)
  • 31red hat
    23 CVE5 critCVSS 7.2
    Nuclei 1PoC 1
    jboss portal (2) · quay (2) · jboss eap (2)
  • 32ibm
    21 CVE2 critCVSS 6.3
    Nuclei 1
    security secret server (8) · mq appliance (3) · qradar security information and event manager (2)
  • 33jenkins
    21 CVECVSS 6.6
    Nuclei 2PoC 1
    jenkins (7) · cloudbees (2) · amazon ec2 (2)
  • 34npm
    21 CVE8 critCVSS 8.1
    hashbrown-cms (2) · angular-expressions (1) · aws-lambda (1)
  • 35suse
    21 CVECVSS 6.4
    Nuclei 1PoC 5
    linux enterprise server (5) · suse linux enterprise server 15 (4) · suse linux enterprise server (3)
  • 36fedora project
    19 CVE4 critCVSS 7.8
    PoC 4
    fedora (19)
  • 37jenkins project
    19 CVECVSS 6.5
    NEWNuclei 2PoC 1
    jenkins (7) · jenkins sounds plugin (2) · jenkins amazon ec2 plugin (2)
  • 38adobe
    17 CVE4 critCVSS 7.9
    Nuclei 1
    magento (6) · illustrator cc (5) · adobe illustrator cc (5)
  • 39apache
    17 CVE5 critCVSS 7.7
    nifi (2) · cxf (2) · spamassassin (2)
  • 40apache software foundation
    16 CVE5 critCVSS 7.9
    Nuclei 1PoC 2
    netty (3) · cxf (2) · apache spamassassin (2)
  • 41hp
    16 CVE2 critCVSS 6.3
    PoC 3
    sgi tempo (3) · simplivity 380 gen10 g firmware (2) · simplivity 380 gen9 firmware (2)
  • 42huawei
    15 CVE1 critCVSS 6.9
    Nuclei 1
    dp300 firmware (2) · mate 20 firmware (2) · rp200 firmware (2)
  • 43linux
    15 CVECVSS 6.8
    PoC 4
    linux kernel (8) · tizen (7) · kernel (1)
  • 44gnu
    13 CVE2 critCVSS 7.8
    PoC 5
    libredwg (7) · coreutils (2) · cpio (1)
  • 45jetbrains
    12 CVECVSS 6.5
    NEW
    teamcity (4) · intellij idea (3) · youtrack (2)
  • 46juniper
    12 CVECVSS 7.2
    NEWPoC 9
    junos (11) · junos space (1)
  • 47symantec
    12 CVECVSS 7.0
    NEWPoC 1
    norton mobile security for android (3) · it management suite (3) · norton mobile security (3)
  • 48dlink
    11 CVE5 critCVSS 7.2
    PoC 7
    dcs-2102 firmware (5) · dcs-2121 firmware (5) · dir-859 firmware (4)
  • 49juniper networks
    11 CVECVSS 7.4
    NEWPoC 9
    junos os (10) · junos os evolved (3) · junos space (1)
  • 50juniper networks inc.
    11 CVECVSS 7.3
    NEWPoC 9
    junos (10) · junos os evolved (1) · junos space (1)

Top weaknesses

CWE classes by distinct CVE count.

1CWE-79242
2CWE-78786
3CWE-2065
4CWE-7863
5CWE-20046
6CWE-26944
7CWE-2243
8CWE-35240
9CWE-8940
10CWE-12535
11CWE-28735
12CWE-12034
13CWE-41634
14CWE-43426
15CWE-52225
16CWE-79823
17CWE-7421
18CWE-40020
19CWE-86320
20CWE-29518