month report

October 2022

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

October 2022 closed with 1,936 published CVEs. 307 criticals, 12 added to CISA KEV (7 ransomware-linked). сообщество свободного программного обеспечения led volume, mostly via debian gnu/linux. Top weakness class — CWE-787 (226 CVE). 10 vendors cracked the top-100 for the first time.

Print view

Total CVEs

1,936

— MoM— YoY

Severity mix

307 / 730

critical / high

KEV added

7 ransomware-linked

Nuclei coverage

7.0%

136 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)

1235.9

n=136

Within 7 days

0.0%

Within 30 days

0.0%

Days → KEV (median)

156

n=5

Weakness × Vendor

What's spreading where in October 2022

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

#8oracle corporation79 CVE
#12unknown65 CVE
#21sourcecodester40 CVE
#22abode systems, inc.38 CVE
#23goabode38 CVE
#24unisoc (shanghai) technologies co., ltd.38 CVE
#25juniper37 CVE
#26autodesk36 CVE
#27juniper networks36 CVE
#30jenkins35 CVE

Top vendors

Ranked by distinct CVE count this period.

1сообщество свободного программного обеспечения—
110 CVE5 critCVSS 5.9
Nuclei 8PoC 25
debian gnu/linux (68) · linux (54) · opencats (4)
2google—
97 CVE1 critCVSS 6.3
Nuclei 1PoC 1
android (93) · bazel (1) · drive (1)
3microsoft corp—
91 CVE1 critCVSS 7.4
KEV 4Nuclei 1PoC 8
windows server 2022 (server core installation) (66) · windows 11 (66) · windows server 2022 (66)
4microsoft—
88 CVE1 critCVSS 7.5
KEV 4Nuclei 1PoC 7
windows server 2022 (66) · windows 11 version 21h2 (66) · windows 11 (64)
5ао "нппкт"—
83 CVE4 critCVSS 6.1
PoC 16
осон основа оnyx (83)
6ао «ивк»—
80 CVE4 critCVSS 5.9
PoC 15
альт 8 сп (72) · альт сп 10 (35)
7oracle—
79 CVE2 critCVSS 5.7
KEV 1Nuclei 6PoC 1
mysql (26) · vm virtualbox (10) · graalvm (8)
8oracle corporation—
79 CVE2 critCVSS 5.9
NEWKEV 1Nuclei 6PoC 1
mysql server (25) · vm virtualbox (10) · java se jdk and jre (6)
9maven—
73 CVE15 critCVSS 6.9
Nuclei 1PoC 5
commons-jxpath:commons-jxpath (6) · com.liferay.portal:release.dxp.bom (5) · org.jenkins-ci.plugins:katalon (4)
10ооо «русбитех-астра»—
69 CVE2 critCVSS 5.8
PoC 16
astra linux special edition (66) · astra linux special edition для «эльбрус» (18) · astra linux common edition (4)
11debian—
66 CVE4 critCVSS 6.4
Nuclei 1PoC 17
debian linux (66)
12unknown—
65 CVE2 critCVSS 6.0
NEWNuclei 65PoC 36
frontend file manager plugin (3) · wp custom cursors (2) · wp all export pro (2)
13sap—
55 CVE1 critCVSS 7.1
PoC 1
3d visual enterprise author (26) · 3d visual enterprise viewer (17) · businessobjects business intelligence (3)
14sap se—
55 CVE1 critCVSS 7.1
PoC 1
sap 3d visual enterprise author (26) · sap 3d visual enterprise viewer (17) · sap customer data cloud (gigya) (2)
15fedoraproject—
54 CVE2 critCVSS 6.4
Nuclei 1PoC 16
fedora (53) · supybot-fedora (1)
16ооо «ред софт»—
53 CVE6 critCVSS 6.5
Nuclei 1PoC 12
ред ос (53)
17oracle corp.—
50 CVE2 critCVSS 5.5
KEV 1Nuclei 1PoC 2
mysql server (23) · vm virtualbox (10) · openjdk (6)
18netapp—
47 CVE2 critCVSS 5.2
Nuclei 1PoC 4
oncommand workflow automation (32) · oncommand insight (29) · active iq unified manager (10)
19linux—
46 CVECVSS 4.7
PoC 6
linux kernel (44) · kernel (33)
20red hat inc.—
40 CVE3 critCVSS 6.1
Nuclei 1PoC 10
red hat enterprise linux (35) · jboss core services (2) · red hat software collections (2)
21sourcecodester—
40 CVECVSS 4.7
NEWPoC 21
human resource management system (9) · simple cold storage management system (7) · sanitization management system (7)
22abode systems, inc.—
38 CVE24 critCVSS 9.3
NEWPoC 14
iota all-in-one security kit (38)
23goabode—
38 CVE24 critCVSS 9.3
NEWPoC 14
iota all-in-one security kit firmware (38)
24unisoc (shanghai) technologies co., ltd.—
38 CVECVSS 6.1
NEW
sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000 (38)
25juniper—
37 CVE1 critCVSS 6.5
NEWNuclei 2PoC 36
junos (29) · junos os evolved (16) · paragon active assurance control center (1)
26autodesk—
36 CVE1 critCVSS 7.8
NEW
autocad plant 3d (26) · autocad (26) · autocad advance steel (26)
27juniper networks—
36 CVECVSS 6.4
NEWNuclei 1PoC 35
junos os (29) · junos os evolved (16) · paragon active assurance (formerly netrounds) (1)
28siemens—
36 CVE11 critCVSS 8.1
scalance w1750d firmware (12) · desigo pxm30.e (7) · desigo pxm50.e firmware (7)
29huawei—
35 CVE9 critCVSS 6.7
harmonyos (34) · emui (31)
30jenkins—
35 CVE6 critCVSS 6.4
NEWPoC 1
pipeline\ (4) · katalon (4) · compuware topaz for total test (4)
31jenkins project—
35 CVE6 critCVSS 6.4
NEWPoC 1
jenkins compuware topaz for total test plugin (4) · jenkins katalon plugin (4) · jenkins script security plugin (3)
32juniper networks inc.—
35 CVECVSS 6.4
NEWNuclei 1PoC 34
junos (28) · junos os evolved (16) · paragon active assurance (1)
33ао «нтц ит роса»—
35 CVE3 critCVSS 6.4
PoC 9
роса хром (18) · роса кобальт (12) · rosa virtualization 3.0 (6)
34adobe systems inc.—
34 CVE7 critCVSS 7.3
NEW
coldfusion (13) · dimension (9) · adobe acrobat reader 2020 (6)
35tenda—
34 CVE18 critCVSS 8.6
NEWNuclei 1PoC 12
ac10 firmware (9) · tx3 firmware (6) · ac1206 firmware (5)
36adobe—
33 CVE6 critCVSS 7.3
NEW
coldfusion (13) · dimension (9) · acrobat reader (6)
37dell—
33 CVECVSS 6.6
NEW
cpg bios (12) · alienware x17 r1 firmware (8) · alienware x17 r2 firmware (8)
38npm—
33 CVE13 critCVSS 8.1
Nuclei 4PoC 7
browserify-shim (3) · feathers-sequelize (3) · loader-utils (3)
39samsung mobile—
33 CVECVSS 4.7
NEW
samsung mobile devices (12) · smartthings (8) · samsung account (3)
40go—
32 CVE5 critCVSS 6.2
Nuclei 1PoC 7
github.com/grafana/grafana (4) · github.com/openfga/openfga (3) · go.etcd.io/etcd/client/v3 (2)
41oretnom23—
32 CVE1 critCVSS 5.4
NEWPoC 20
simple cold storage management system (12) · human resource management system (10) · online birth certificate management system (4)
42pypi—
31 CVE9 critCVSS 7.7
PoC 9
rdiffweb (9) · twisted (2) · pulp-ansible (1)
43gitlab—
30 CVE2 critCVSS 5.6
Nuclei 1PoC 3
gitlab (30)
44axiosys—
28 CVECVSS 6.7
NEWPoC 16
bento4 (28)
45packagist—
28 CVE5 critCVSS 7.3
Nuclei 2PoC 9
thorsten/phpmyfaq (4) · magento/community-edition (3) · noumo/easyii (2)
46samsung—
22 CVECVSS 4.7
NEW
smartthings (8) · account (3) · factorycamera (2)
47canonical ltd.—
21 CVE2 critCVSS 5.8
PoC 4
ubuntu (21)
48f5—
21 CVE1 critCVSS 6.3
PoC 1
big-ip application security manager (10) · big-ip advanced firewall manager (9) · big-ip local traffic manager (8)
49fedora project—
21 CVE1 critCVSS 6.8
PoC 9
fedora (20) · 389 directory server (1)
50qualcomm—
21 CVE3 critCVSS 7.9
NEWPoC 1
wcd9380 firmware (18) · wsa8835 firmware (18) · wsa8830 firmware (18)

#	Vendor	CVEs	Crit	KEV	Nuclei	Signals	Top products	Δ
1	сообщество свободного программного обеспечения	110	5	·	8	Nuclei 8PoC 25	debian gnu/linux (68) · linux (54) · opencats (4)	—
2	google	97	1	·	1	Nuclei 1PoC 1	android (93) · bazel (1) · drive (1)	—
3	microsoft corp	91	1	4	1	KEV 4Nuclei 1PoC 8	windows server 2022 (server core installation) (66) · windows 11 (66) · windows server 2022 (66)	—
4	microsoft	88	1	4	1	KEV 4Nuclei 1PoC 7	windows server 2022 (66) · windows 11 version 21h2 (66) · windows 11 (64)	—
5	ао "нппкт"	83	4	·	·	PoC 16	осон основа оnyx (83)	—
6	ао «ивк»	80	4	·	·	PoC 15	альт 8 сп (72) · альт сп 10 (35)	—
7	oracle	79	2	1	6	KEV 1Nuclei 6PoC 1	mysql (26) · vm virtualbox (10) · graalvm (8)	—
8	oracle corporation	79	2	1	6	NEWKEV 1Nuclei 6PoC 1	mysql server (25) · vm virtualbox (10) · java se jdk and jre (6)	—
9	maven	73	15	·	1	Nuclei 1PoC 5	commons-jxpath:commons-jxpath (6) · com.liferay.portal:release.dxp.bom (5) · org.jenkins-ci.plugins:katalon (4)	—
10	ооо «русбитех-астра»	69	2	·	·	PoC 16	astra linux special edition (66) · astra linux special edition для «эльбрус» (18) · astra linux common edition (4)	—
11	debian	66	4	·	1	Nuclei 1PoC 17	debian linux (66)	—
12	unknown	65	2	·	65	NEWNuclei 65PoC 36	frontend file manager plugin (3) · wp custom cursors (2) · wp all export pro (2)	—
13	sap	55	1	·	·	PoC 1	3d visual enterprise author (26) · 3d visual enterprise viewer (17) · businessobjects business intelligence (3)	—
14	sap se	55	1	·	·	PoC 1	sap 3d visual enterprise author (26) · sap 3d visual enterprise viewer (17) · sap customer data cloud (gigya) (2)	—
15	fedoraproject	54	2	·	1	Nuclei 1PoC 16	fedora (53) · supybot-fedora (1)	—
16	ооо «ред софт»	53	6	·	1	Nuclei 1PoC 12	ред ос (53)	—
17	oracle corp.	50	2	1	1	KEV 1Nuclei 1PoC 2	mysql server (23) · vm virtualbox (10) · openjdk (6)	—
18	netapp	47	2	·	1	Nuclei 1PoC 4	oncommand workflow automation (32) · oncommand insight (29) · active iq unified manager (10)	—
19	linux	46	·	·	·	PoC 6	linux kernel (44) · kernel (33)	—
20	red hat inc.	40	3	·	1	Nuclei 1PoC 10	red hat enterprise linux (35) · jboss core services (2) · red hat software collections (2)	—
21	sourcecodester	40	·	·	·	NEWPoC 21	human resource management system (9) · simple cold storage management system (7) · sanitization management system (7)	—
22	abode systems, inc.	38	24	·	·	NEWPoC 14	iota all-in-one security kit (38)	—
23	goabode	38	24	·	·	NEWPoC 14	iota all-in-one security kit firmware (38)	—
24	unisoc (shanghai) technologies co., ltd.	38	·	·	·	NEW	sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000 (38)	—
25	juniper	37	1	·	2	NEWNuclei 2PoC 36	junos (29) · junos os evolved (16) · paragon active assurance control center (1)	—
26	autodesk	36	1	·	·	NEW	autocad plant 3d (26) · autocad (26) · autocad advance steel (26)	—
27	juniper networks	36	·	·	1	NEWNuclei 1PoC 35	junos os (29) · junos os evolved (16) · paragon active assurance (formerly netrounds) (1)	—
28	siemens	36	11	·	·		scalance w1750d firmware (12) · desigo pxm30.e (7) · desigo pxm50.e firmware (7)	—
29	huawei	35	9	·	·		harmonyos (34) · emui (31)	—
30	jenkins	35	6	·	·	NEWPoC 1	pipeline\ (4) · katalon (4) · compuware topaz for total test (4)	—
31	jenkins project	35	6	·	·	NEWPoC 1	jenkins compuware topaz for total test plugin (4) · jenkins katalon plugin (4) · jenkins script security plugin (3)	—
32	juniper networks inc.	35	·	·	1	NEWNuclei 1PoC 34	junos (28) · junos os evolved (16) · paragon active assurance (1)	—
33	ао «нтц ит роса»	35	3	·	·	PoC 9	роса хром (18) · роса кобальт (12) · rosa virtualization 3.0 (6)	—
34	adobe systems inc.	34	7	·	·	NEW	coldfusion (13) · dimension (9) · adobe acrobat reader 2020 (6)	—
35	tenda	34	18	·	1	NEWNuclei 1PoC 12	ac10 firmware (9) · tx3 firmware (6) · ac1206 firmware (5)	—
36	adobe	33	6	·	·	NEW	coldfusion (13) · dimension (9) · acrobat reader (6)	—
37	dell	33	·	·	·	NEW	cpg bios (12) · alienware x17 r1 firmware (8) · alienware x17 r2 firmware (8)	—
38	npm	33	13	·	4	Nuclei 4PoC 7	browserify-shim (3) · feathers-sequelize (3) · loader-utils (3)	—
39	samsung mobile	33	·	·	·	NEW	samsung mobile devices (12) · smartthings (8) · samsung account (3)	—
40	go	32	5	·	1	Nuclei 1PoC 7	github.com/grafana/grafana (4) · github.com/openfga/openfga (3) · go.etcd.io/etcd/client/v3 (2)	—
41	oretnom23	32	1	·	·	NEWPoC 20	simple cold storage management system (12) · human resource management system (10) · online birth certificate management system (4)	—
42	pypi	31	9	·	·	PoC 9	rdiffweb (9) · twisted (2) · pulp-ansible (1)	—
43	gitlab	30	2	·	1	Nuclei 1PoC 3	gitlab (30)	—
44	axiosys	28	·	·	·	NEWPoC 16	bento4 (28)	—
45	packagist	28	5	·	2	Nuclei 2PoC 9	thorsten/phpmyfaq (4) · magento/community-edition (3) · noumo/easyii (2)	—
46	samsung	22	·	·	·	NEW	smartthings (8) · account (3) · factorycamera (2)	—
47	canonical ltd.	21	2	·	·	PoC 4	ubuntu (21)	—
48	f5	21	1	·	·	PoC 1	big-ip application security manager (10) · big-ip advanced firewall manager (9) · big-ip local traffic manager (8)	—
49	fedora project	21	1	·	·	PoC 9	fedora (20) · 389 directory server (1)	—
50	qualcomm	21	3	·	·	NEWPoC 1	wcd9380 firmware (18) · wsa8835 firmware (18) · wsa8830 firmware (18)	—