CVE Tools
Sign in
month report

December 2020

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

December 2020 closed with 1,618 published CVEs. 292 criticals, сообщество свободного программного обеспечения led volume, mostly via debian gnu/linux. Top weakness class — CWE-79 (198 CVE). 10 vendors cracked the top-100 for the first time.

Print view
Total CVEs
1,618
— MoM— YoY
Severity mix
292 / 573
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
4.4%
71 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)
1904.1
n=71
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
330
n=9
Detection gap

KEV pressure, no Nuclei coverage

December 2020 · vendors with active exploitation listed by CISA but no public detection template.

Weakness × Vendor

What's spreading where in December 2020

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

79XSS787Out-of-bounds Write125Out-of-bounds Read89SQL Injection416Use After Free20Improper Input Validation78OS Command Injection862Missing Authorization190Integer Overflow306Missing Auth for Critical Func…сообщество свободного программного обеспечения61281163324google223194143debian464181222crates.io64141ооо «русбитех-астра»17714124apple11288121netgear38111ао "нппкт"58419124ао «концерн вниинс»35312121microsoft21fedoraproject84361122microsoft corp11

First time in top-100

Vendors never in top-100 in the prior 24 periods.

Top vendors

Ranked by distinct CVE count this period.

  • 1сообщество свободного программного обеспечения
    130 CVE4 critCVSS 6.2
    KEV 1Nuclei 2PoC 25
    debian gnu/linux (110) · linux (13) · mediawiki (5)
  • 2google
    117 CVE7 critCVSS 6.2
    PoC 1
    android (96) · asylo (10) · tensorflow (6)
  • 3debian
    96 CVE3 critCVSS 5.7
    KEV 1Nuclei 3PoC 22
    debian linux (94) · advanced package tool (2)
  • 4crates.io
    85 CVE31 critCVSS 7.6
    NEWPoC 15
    rusqlite (8) · lock_api (5) · arr (3)
  • 5ооо «русбитех-астра»
    80 CVECVSS 5.0
    PoC 17
    astra linux special edition (73) · astra linux special edition для «эльбрус» (48) · astra linux common edition (36)
  • 6apple
    68 CVECVSS 7.0
    KEV 3PoC 6
    macos (57) · iphone os (44) · ipados (43)
  • 7netgear
    66 CVE4 critCVSS 7.4
    NEWNuclei 1PoC 1
    r7800 firmware (46) · r9000 firmware (42) · r8900 firmware (42)
  • 8ао "нппкт"
    66 CVECVSS 6.3
    Nuclei 1PoC 10
    осон основа оnyx (66)
  • 9ао «концерн вниинс»
    62 CVECVSS 5.4
    Nuclei 1PoC 16
    ос он «стрелец» (62)
  • 10microsoft
    61 CVE2 critCVSS 7.2
    KEV 1PoC 2
    windows server 2016 (22) · windows 10 (21) · windows server version 20h2 (20)
  • 11fedoraproject
    58 CVE2 critCVSS 6.1
    KEV 1Nuclei 5PoC 8
    fedora (58) · extra packages for enterprise linux (1)
  • 12microsoft corp
    57 CVE2 critCVSS 7.2
    KEV 1
    windows server 2004 (server core installation) (20) · windows server 2019 (20) · windows server 20h2 (server core installation) (20)
  • 13maven
    35 CVE7 critCVSS 7.2
    KEV 1Nuclei 7PoC 5
    com.fasterxml.jackson.core:jackson-databind (4) · com.thoughtworks.xstream:xstream (2) · io.jenkins.plugins:chaos-monkey (2)
  • 14imagemagick
    34 CVECVSS 4.5
    PoC 14
    imagemagick (34)
  • 15netapp
    34 CVE4 critCVSS 6.5
    Nuclei 1PoC 4
    cloud backup (8) · ontap select deploy administration utility (6) · solidfire baseboard management controller firmware (6)
  • 16npm
    33 CVE14 critCVSS 8.1
    PoC 10
    multi-ini (2) · corenlp-js-interface (1) · corenlp-js-prefab (1)
  • 17redhat
    32 CVE1 critCVSS 6.2
    Nuclei 2PoC 6
    enterprise linux (22) · openshift container platform (5) · keycloak (2)
  • 18imagemagick studio llc
    31 CVECVSS 4.4
    PoC 13
    imagemagick (31)
  • 19pypi
    30 CVE1 critCVSS 6.7
    Nuclei 1PoC 5
    tensorflow-cpu (6) · tensorflow (6) · tensorflow-gpu (6)
  • 20red hat inc.
    30 CVECVSS 6.1
    PoC 8
    red hat enterprise linux (20) · openshift container platform (3) · red hat openshift container platform (3)
  • 21oracle
    29 CVE1 critCVSS 7.0
    KEV 1Nuclei 2PoC 5
    communications cloud native core policy (9) · peoplesoft enterprise peopletools (7) · zfs storage appliance kit (7)
  • 22fedora project
    27 CVECVSS 6.2
    KEV 1PoC 5
    fedora (27)
  • 23packagist
    27 CVE2 critCVSS 6.6
    Nuclei 4PoC 9
    moodle/moodle (5) · shopware/platform (3) · shopware/core (3)
  • 24siemens
    27 CVE1 critCVSS 7.2
    PoC 2
    logo\! 8 bm firmware (8) · logo! 8 bm (incl. siplus variants) (8) · xhq (7)
  • 25ibm
    25 CVE2 critCVSS 6.1
    financial transaction manager (6) · financial transaction manager for multiplatform (5) · security secret server (4)
  • 26go
    24 CVE4 critCVSS 6.7
    Nuclei 1PoC 3
    github.com/dhowden/tag (4) · github.com/kubernetes/kubernetes (3) · k8s.io/kubernetes (2)
  • 27novell inc.
    24 CVE1 critCVSS 6.8
    Nuclei 1PoC 9
    opensuse leap (19) · suse linux enterprise server (16) · suse linux enterprise server for sap applications (10)
  • 28schneider-electric
    22 CVE4 critCVSS 7.6
    modicon m340 bmxp342000 firmware (10) · modicon m340 bmxp3420302 firmware (10) · modicon m340 bmxp3420102 firmware (10)
  • 29apache
    21 CVE6 critCVSS 7.3
    KEV 1Nuclei 6PoC 3
    airflow (4) · struts (3) · nuttx (2)
  • 30f5
    21 CVE2 critCVSS 7.0
    big-ip access policy manager (11) · big-ip advanced firewall manager (8) · big-ip domain name system (8)
  • 31mozilla
    21 CVECVSS 7.0
    PoC 1
    firefox (20) · thunderbird (12) · firefox esr (11)
  • 32huawei
    17 CVECVSS 7.3
    NEW
    cloudengine 5800 firmware (4) · cloudengine 6800 firmware (4) · cloudengine 12800 firmware (4)
  • 33ао «ивк»
    17 CVECVSS 6.3
    PoC 3
    альт 8 сп (17)
  • 34apache software foundation
    16 CVE4 critCVSS 7.0
    KEV 1Nuclei 5PoC 2
    apache airflow (4) · apache nuttx (incubating) (2) · apache apisix (1)
  • 35qnap
    16 CVE3 critCVSS 7.0
    NEW
    qts (9) · quts hero (7) · qes (4)
  • 36qnap systems inc.
    16 CVE3 critCVSS 7.0
    NEW
    qts (9) · quts hero (7) · qes (4)
  • 37xen
    15 CVECVSS 6.5
    xen (14) · xapi (1)
  • 38docker
    14 CVE13 critCVSS 9.5
    NEWPoC 13
    adminer (1) · composer docker image (1) · crux linux docker image (1)
  • 39hcltech
    14 CVE4 critCVSS 7.5
    NEW
    domino (6) · notes (4) · hcl inotes (2)
  • 40schneider electric
    14 CVE4 critCVSS 8.4
    modicon quantum (5) · modicon premium (5) · modicon quantum with integrated ethernet copro (5)
  • 41apple inc.
    13 CVECVSS 7.4
    KEV 3PoC 3
    watchos (12) · ipados (12) · macos (12)
  • 42odoo
    13 CVE1 critCVSS 6.5
    odoo (13) · odoo community (13) · odoo enterprise (13)
  • 43trend micro
    13 CVE2 critCVSS 6.1
    NEWPoC 2
    trend micro interscan web security virtual appliance (7) · trend micro officescan (5) · apex one (5)
  • 44trendmicro
    13 CVE2 critCVSS 6.3
    NEWPoC 2
    interscan web security virtual appliance (7) · apex one (5) · officescan (5)
  • 45linux
    12 CVECVSS 6.9
    PoC 3
    linux kernel (12)
  • 46sap
    12 CVE4 critCVSS 7.5
    Nuclei 2PoC 5
    solution manager (3) · netweaver application server java (3) · netweaver application server abap (2)
  • 47sap se
    12 CVE4 critCVSS 7.5
    Nuclei 2PoC 5
    sap solution manager (user experience monitoring) (2) · sap business warehouse (1) · sap bw4hana (1)
  • 48solarwinds
    12 CVE1 critCVSS 7.3
    NEWKEV 1Nuclei 1PoC 1
    n-central (6) · webhelpdesk (3) · help desk (1)
  • 49the linux foundation
    12 CVECVSS 6.4
    xen (12)
  • 50canonical ltd.
    11 CVECVSS 7.1
    PoC 1
    ubuntu (11)

Top weaknesses

CWE classes by distinct CVE count.

1CWE-79198
2CWE-78799
3CWE-12578
4CWE-8961
5CWE-41654
6CWE-2051
7CWE-7844
8CWE-86244
9CWE-19036
10CWE-30636
11CWE-35232
12CWE-2231
13CWE-12027
14CWE-26927
15CWE-28727
16CWE-40021
17CWE-20019
18CWE-43419
19CWE-40117
20CWE-36216