month report

July 2020

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

July 2020 closed with 1,482 published CVEs. 224 criticals, oracle led volume, mostly via mysql. Top weakness class — CWE-79 (173 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

1,482

— MoM— YoY

Severity mix

224 / 592

critical / high

KEV added

0 ransomware-linked

Nuclei coverage

5.8%

86 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

2060.1

n=86

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

481

n=16

Weakness × Vendor

What's spreading where in July 2020

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

Top vendors

Ranked by distinct CVE count this period.

1oracle—
225 CVE12 critCVSS 6.4
KEV 1Nuclei 24PoC 4
mysql (33) · vm virtualbox (25) · weblogic server (17)
2oracle corp.—
218 CVE12 critCVSS 6.4
KEV 1Nuclei 25PoC 3
mysql server (30) · vm virtualbox (25) · weblogic server (17)
3oracle corporation—
213 CVE11 critCVSS 6.2
NEWKEV 1Nuclei 21PoC 2
mysql server (33) · vm virtualbox (25) · weblogic server (17)
4microsoft corp—
132 CVE8 critCVSS 7.5
KEV 3Nuclei 1PoC 3
windows 10 1903 (91) · windows server 2004 (server core installation) (90) · windows 10 1909 (90)
5microsoft—
128 CVE8 critCVSS 7.4
KEV 3Nuclei 1PoC 3
windows server 2016 (97) · windows 10 (91) · windows server (88)
6opensuse—
105 CVE4 critCVSS 6.8
Nuclei 3PoC 5
leap (105) · backports sle (28) · backports (1)
7сообщество свободного программного обеспечения—
93 CVE7 critCVSS 6.9
Nuclei 6PoC 15
debian gnu/linux (89) · linux (3) · avertx (1)
8debian—
85 CVE6 critCVSS 6.6
Nuclei 5PoC 14
debian linux (85)
9fedoraproject—
81 CVE5 critCVSS 6.5
Nuclei 1PoC 7
fedora (81)
10ао «концерн вниинс»—
79 CVE4 critCVSS 6.9
Nuclei 3PoC 12
ос он «стрелец» (79)
11canonical—
77 CVE3 critCVSS 6.0
Nuclei 2PoC 6
ubuntu linux (76) · snapd (2) · trust-store \(ubuntu\) (1)
12ооо «русбитех-астра»—
63 CVE3 critCVSS 7.3
Nuclei 2PoC 11
astra linux special edition (59) · astra linux common edition (37) · astra linux special edition для «эльбрус» (7)
13novell inc.—
57 CVE1 critCVSS 6.6
Nuclei 3PoC 4
opensuse leap (55) · suse linux enterprise server (12) · suse linux enterprise server for sap applications (11)
14ibm—
56 CVE2 critCVSS 6.0
Nuclei 1
verify gateway (ivg) (8) · verify gateway (8) · db2 (6)
15netapp—
56 CVE1 critCVSS 5.5
Nuclei 3PoC 1
active iq unified manager (45) · oncommand insight (40) · oncommand workflow automation (40)
16cisco—
52 CVE10 critCVSS 8.7
KEV 1Nuclei 1PoC 50
sd-wan firmware (14) · cisco sd-wan vmanage (13) · cisco data center network manager (12)
17cisco systems inc.—
52 CVE10 critCVSS 8.0
KEV 1Nuclei 3PoC 50
cisco sd-wan (16) · cisco data center network manager (12) · cisco rv215w (7)
18google—
50 CVE7 critCVSS 7.3
PoC 4
chrome (30) · android (19) · oauth client library for java (1)
19fedora project—
48 CVE3 critCVSS 6.6
Nuclei 1PoC 5
fedora (48)
20npm—
48 CVE6 critCVSS 7.2
Nuclei 3PoC 13
electron (4) · rollup-plugin-server (2) · jspdf (2)
21canonical ltd.—
46 CVE1 critCVSS 6.3
Nuclei 2PoC 3
ubuntu (46)
22maven—
44 CVE5 critCVSS 6.5
Nuclei 4PoC 1
org.jenkins-ci.main:jenkins-core (4) · org.jenkins-ci.plugins:fortify-on-demand-uploader (3) · org.apache.kylin:kylin-server-base (2)
23ао "нппкт"—
40 CVE1 critCVSS 6.9
Nuclei 1PoC 9
осон основа оnyx (40)
24centos web panel—
39 CVE27 critCVSS 9.1
NEW
centos web panel (39)
25control-webpanel—
38 CVE26 critCVSS 9.1
NEW
webpanel (38)
26packagist—
36 CVE3 critCVSS 6.9
Nuclei 2PoC 8
magento/community-edition (4) · silverstripe/framework (3) · silverstripe/cms (3)
27adobe—
34 CVE6 critCVSS 7.8
magento (6) · adobe photoshop (5) · acrobat dc (5)
28google inc—
31 CVE3 critCVSS 7.4
PoC 4
google chrome (30) · android (1)
29red hat inc.—
30 CVE1 critCVSS 6.5
Nuclei 4PoC 3
red hat enterprise linux (24) · red hat software collections (5) · red hat satellite (3)
30adobe systems inc.—
29 CVE6 critCVSS 7.9
NEW
magento open source (6) · photoshop cc 2019 (5) · photoshop cc (5)
31jenkins project—
28 CVECVSS 5.3
PoC 1
jenkins (4) · jenkins fortify on demand plugin (3) · jenkins zephyr for jira test management plugin (2)
32huawei—
26 CVECVSS 7.2
p30 firmware (7) · ips module (4) · usg9500 firmware (4)
33jenkins—
26 CVECVSS 5.3
PoC 1
jenkins (4) · fortify on demand (3) · vncrecorder (2)
34mozilla—
26 CVECVSS 7.3
NEWPoC 1
firefox (25) · thunderbird (11) · firefox esr (10)
35atlassian—
25 CVE1 critCVSS 5.8
PoC 1
jira (18) · jira server (17) · jira software data center (16)
36ао «ивк»—
25 CVECVSS 7.2
KEV 1Nuclei 1PoC 4
альт 8 сп (24) · альт 8 сп рабочая станция (1) · альт 8 сп сервер (1)
37mozilla corp.—
20 CVECVSS 7.4
NEWPoC 2
firefox (20) · thunderbird (15) · firefox esr (11)
38redhat—
18 CVE2 critCVSS 6.6
enterprise linux (8) · openshift container platform (4) · single sign-on (3)
39siemens—
18 CVE3 critCVSS 7.0
PoC 1
sicam sgu firmware (9) · sicam mmu firmware (9) · sicam t firmware (9)
40apache—
16 CVE5 critCVSS 7.5
KEV 1Nuclei 6PoC 2
airflow (5) · guacamole (2) · kylin (2)
41gnu—
16 CVE1 critCVSS 7.2
PoC 4
libredwg (8) · grub2 (8)
42qualcomm—
16 CVE5 critCVSS 8.5
sm8250 firmware (11) · sdx55 firmware (11) · sxr2130 firmware (11)
43qualcomm, inc.—
16 CVE5 critCVSS 8.4
snapdragon auto, snapdragon compute, snapdragon mobile, snapdragon wired infrastructure and networking (3) · snapdragon auto, snapdragon compute, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (2) · snapdragon auto, snapdragon compute, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (2)
44juniper networks—
15 CVE2 critCVSS 7.3
NEWPoC 15
junos os (14) · junos os evolved (3) · junos space (1)
45pypi—
15 CVE2 critCVSS 6.3
KEV 1Nuclei 2PoC 2
apache-airflow (5) · uvicorn (2) · freewvs (2)
46siemens ag—
15 CVE3 critCVSS 7.1
PoC 1
sicam mmu (9) · sicam sgu (9) · sicam t (9)
47ооо «ред софт»—
15 CVE1 critCVSS 6.6
NEWNuclei 2PoC 5
ред ос (15)
48go—
14 CVE2 critCVSS 6.4
Nuclei 3PoC 4
k8s.io/kubernetes (2) · github.com/traefik/traefik/v2 (2) · github.com/sylabs/singularity (2)
49juniper—
14 CVE2 critCVSS 7.5
NEWPoC 14
junos (14) · junos os evolved (3)
50juniper networks inc.—
14 CVE2 critCVSS 7.3
NEWPoC 14
junos (13) · junos os evolved (3) · junos space (1)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	oracle	225	12	1	24	KEV 1Nuclei 24PoC 4	mysql (33) · vm virtualbox (25) · weblogic server (17)	—
2	oracle corp.	218	12	1	25	KEV 1Nuclei 25PoC 3	mysql server (30) · vm virtualbox (25) · weblogic server (17)	—
3	oracle corporation	213	11	1	21	NEWKEV 1Nuclei 21PoC 2	mysql server (33) · vm virtualbox (25) · weblogic server (17)	—
4	microsoft corp	132	8	3	1	KEV 3Nuclei 1PoC 3	windows 10 1903 (91) · windows server 2004 (server core installation) (90) · windows 10 1909 (90)	—
5	microsoft	128	8	3	1	KEV 3Nuclei 1PoC 3	windows server 2016 (97) · windows 10 (91) · windows server (88)	—
6	opensuse	105	4	·	3	Nuclei 3PoC 5	leap (105) · backports sle (28) · backports (1)	—
7	сообщество свободного программного обеспечения	93	7	·	6	Nuclei 6PoC 15	debian gnu/linux (89) · linux (3) · avertx (1)	—
8	debian	85	6	·	5	Nuclei 5PoC 14	debian linux (85)	—
9	fedoraproject	81	5	·	1	Nuclei 1PoC 7	fedora (81)	—
10	ао «концерн вниинс»	79	4	·	3	Nuclei 3PoC 12	ос он «стрелец» (79)	—
11	canonical	77	3	·	2	Nuclei 2PoC 6	ubuntu linux (76) · snapd (2) · trust-store \(ubuntu\) (1)	—
12	ооо «русбитех-астра»	63	3	·	2	Nuclei 2PoC 11	astra linux special edition (59) · astra linux common edition (37) · astra linux special edition для «эльбрус» (7)	—
13	novell inc.	57	1	·	3	Nuclei 3PoC 4	opensuse leap (55) · suse linux enterprise server (12) · suse linux enterprise server for sap applications (11)	—
14	ibm	56	2	·	1	Nuclei 1	verify gateway (ivg) (8) · verify gateway (8) · db2 (6)	—
15	netapp	56	1	·	3	Nuclei 3PoC 1	active iq unified manager (45) · oncommand insight (40) · oncommand workflow automation (40)	—
16	cisco	52	10	1	1	KEV 1Nuclei 1PoC 50	sd-wan firmware (14) · cisco sd-wan vmanage (13) · cisco data center network manager (12)	—
17	cisco systems inc.	52	10	1	3	KEV 1Nuclei 3PoC 50	cisco sd-wan (16) · cisco data center network manager (12) · cisco rv215w (7)	—
18	google	50	7	·	·	PoC 4	chrome (30) · android (19) · oauth client library for java (1)	—
19	fedora project	48	3	·	1	Nuclei 1PoC 5	fedora (48)	—
20	npm	48	6	·	3	Nuclei 3PoC 13	electron (4) · rollup-plugin-server (2) · jspdf (2)	—
21	canonical ltd.	46	1	·	2	Nuclei 2PoC 3	ubuntu (46)	—
22	maven	44	5	·	4	Nuclei 4PoC 1	org.jenkins-ci.main:jenkins-core (4) · org.jenkins-ci.plugins:fortify-on-demand-uploader (3) · org.apache.kylin:kylin-server-base (2)	—
23	ао "нппкт"	40	1	·	1	Nuclei 1PoC 9	осон основа оnyx (40)	—
24	centos web panel	39	27	·	·	NEW	centos web panel (39)	—
25	control-webpanel	38	26	·	·	NEW	webpanel (38)	—
26	packagist	36	3	·	2	Nuclei 2PoC 8	magento/community-edition (4) · silverstripe/framework (3) · silverstripe/cms (3)	—
27	adobe	34	6	·	·		magento (6) · adobe photoshop (5) · acrobat dc (5)	—
28	google inc	31	3	·	·	PoC 4	google chrome (30) · android (1)	—
29	red hat inc.	30	1	·	4	Nuclei 4PoC 3	red hat enterprise linux (24) · red hat software collections (5) · red hat satellite (3)	—
30	adobe systems inc.	29	6	·	·	NEW	magento open source (6) · photoshop cc 2019 (5) · photoshop cc (5)	—
31	jenkins project	28	·	·	·	PoC 1	jenkins (4) · jenkins fortify on demand plugin (3) · jenkins zephyr for jira test management plugin (2)	—
32	huawei	26	·	·	·		p30 firmware (7) · ips module (4) · usg9500 firmware (4)	—
33	jenkins	26	·	·	·	PoC 1	jenkins (4) · fortify on demand (3) · vncrecorder (2)	—
34	mozilla	26	·	·	·	NEWPoC 1	firefox (25) · thunderbird (11) · firefox esr (10)	—
35	atlassian	25	1	·	·	PoC 1	jira (18) · jira server (17) · jira software data center (16)	—
36	ао «ивк»	25	·	1	1	KEV 1Nuclei 1PoC 4	альт 8 сп (24) · альт 8 сп рабочая станция (1) · альт 8 сп сервер (1)	—
37	mozilla corp.	20	·	·	·	NEWPoC 2	firefox (20) · thunderbird (15) · firefox esr (11)	—
38	redhat	18	2	·	·		enterprise linux (8) · openshift container platform (4) · single sign-on (3)	—
39	siemens	18	3	·	·	PoC 1	sicam sgu firmware (9) · sicam mmu firmware (9) · sicam t firmware (9)	—
40	apache	16	5	1	6	KEV 1Nuclei 6PoC 2	airflow (5) · guacamole (2) · kylin (2)	—
41	gnu	16	1	·	·	PoC 4	libredwg (8) · grub2 (8)	—
42	qualcomm	16	5	·	·		sm8250 firmware (11) · sdx55 firmware (11) · sxr2130 firmware (11)	—
43	qualcomm, inc.	16	5	·	·		snapdragon auto, snapdragon compute, snapdragon mobile, snapdragon wired infrastructure and networking (3) · snapdragon auto, snapdragon compute, snapdragon consumer electronics connectivity, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (2) · snapdragon auto, snapdragon compute, snapdragon consumer iot, snapdragon industrial iot, snapdragon mobile, snapdragon voice & music, snapdragon wearables (2)	—
44	juniper networks	15	2	·	·	NEWPoC 15	junos os (14) · junos os evolved (3) · junos space (1)	—
45	pypi	15	2	1	2	KEV 1Nuclei 2PoC 2	apache-airflow (5) · uvicorn (2) · freewvs (2)	—
46	siemens ag	15	3	·	·	PoC 1	sicam mmu (9) · sicam sgu (9) · sicam t (9)	—
47	ооо «ред софт»	15	1	·	2	NEWNuclei 2PoC 5	ред ос (15)	—
48	go	14	2	·	3	Nuclei 3PoC 4	k8s.io/kubernetes (2) · github.com/traefik/traefik/v2 (2) · github.com/sylabs/singularity (2)	—
49	juniper	14	2	·	·	NEWPoC 14	junos (14) · junos os evolved (3)	—
50	juniper networks inc.	14	2	·	·	NEWPoC 14	junos (13) · junos os evolved (3) · junos space (1)	—