month report
August 2024
Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →
August 2024 closed with 3,024 published CVEs. 331 criticals, 19 added to CISA KEV (1 ransomware-linked). сообщество свободного программного обеспечения led volume, mostly via linux. Top weakness class — CWE-79 (517 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
3,024
— MoM— YoY
Severity mix
331 / 1,035
critical / high
KEV added
19
1 ransomware-linked
Nuclei coverage
18.0%
545 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
565.3
n=545
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
17
n=21
Detection gap
KEV pressure, no Nuclei coverage
August 2024 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 8microsoft corp139 CVE
- KEV 8microsoft100 CVE
- KEV 2ооо «русбитех-астра»258 CVE
- KEV 2ао "нппкт"230 CVE
- KEV 2google62 CVE
- KEV 2google inc49 CVE
- KEV 2novell inc.28 CVE
Weakness × Vendor
What's spreading where in August 2024
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
79XSS89SQL Injection787Out-of-bounds Write352CSRF476NULL Pointer Dereference22Path Traversal284CWE-284416Use After Free125Out-of-bounds Read200Information Exposureсообщество свободного программного обеспечения8126873238121ооо «ред софт»41963340121linux984339ооо «русбитех-астра»3125502256ао "нппкт"317402297canonical ltd.436165microsoft corp6113723121sourcecodester326552red hat inc.12362microsoft443814101adobe14153521819oretnom2394951
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #23janobe42 CVE
- #26itsourcecode38 CVE
- #27lopalopa38 CVE
- #32qualcomm32 CVE
- #33qualcomm, inc.32 CVE
- #35amd30 CVE
- #39shenzhen tenda technology co., ltd.25 CVE
- #40d-link24 CVE
- #41d-link corp.24 CVE
- #42siemens23 CVE
Top vendors
Ranked by distinct CVE count this period.
- 410 CVE12 critCVSS 6.0KEV 2Nuclei 5PoC 12linux (303) · debian gnu/linux (268) · ofono (7)
- 338 CVE9 critCVSS 6.2KEV 3Nuclei 1PoC 8ред ос (338)
- 302 CVE1 critCVSS 5.8PoC 1linux (302) · linux kernel (302)
- 258 CVE5 critCVSS 6.4KEV 2PoC 6astra linux special edition (249) · astra linux common edition (58) · astra linux special edition для «эльбрус» (10)
- 230 CVE3 critCVSS 6.3KEV 2PoC 3осон основа оnyx (230)
- 146 CVE2 critCVSS 5.9PoC 1ubuntu (146) · wpa_supplicant (1)
- 139 CVE10 critCVSS 7.7KEV 8PoC 4windows server 2022 (58) · windows server 2022 (server core installation) (56) · windows server 2022, 23h2 edition (server core installation) (56)
- 114 CVECVSS 5.4PoC 114simple realtime quiz system (12) · car driving school management system (12) · clinics patient management system (10)
- 111 CVECVSS 5.8PoC 1red hat enterprise linux (108) · openshift container platform (4) · logging subsystem for red hat openshift (2)
- 100 CVE9 critCVSS 7.7KEV 8PoC 4windows server 2022 (58) · windows server 2022, 23h2 edition (server core installation) (56) · windows server 2022 23h2 (56)
- 90 CVE1 critCVSS 6.3commerce (23) · adobe commerce (23) · magento (23)
- 68 CVE2 critCVSS 6.0PoC 67simple realtime quiz system (12) · car driving school management system (12) · clinic\'s patient management system (10)
- 65 CVE1 critCVSS 6.4magento open source (23) · adobe commerce (23) · adobe experience manager (13)
- 62 CVE4 critCVSS 6.3Nuclei 4PoC 2github.com/mattermost/mattermost/server/v8 (17) · github.com/mattermost/mattermost (3) · github.com/cosmwasm/wasmd (3)
- 62 CVE2 critCVSS 7.4KEV 2chrome (46) · android (14) · grpc (1)
- 59 CVE14 critCVSS 8.5PoC 32fh1206 firmware (23) · ax1806 firmware (11) · fh1201 firmware (11)
- 58 CVE5 critCVSS 6.6PoC 1альт сп 10 (55) · альт 8 сп (15)
- 52 CVECVSS 5.8PoC 1intel oneapi base toolkit (9) · intel c250 series (5) · 8th generation intel core processors (5)
- 49 CVE2 critCVSS 7.5KEV 2PoC 1google chrome (48) · chrome os (1)
- 49 CVE1 critCVSS 5.9Nuclei 2PoC 5magento/community-edition (22) · magento/project-community-edition (17) · shopware/platform (4)
- 49 CVE5 critCVSS 7.1PoC 2rosa virtualization 3.0 (36) · роса кобальт (12) · rosa virtualization (7)
- 44 CVE5 critCVSS 6.2Nuclei 43PoC 44wp-cart-for-digital-products (3) · woocommerce customers manager (3) · chatbot with chatgpt wordpress (2)
- 42 CVE18 critCVSS 8.8NEWPoC 4school event management system (28) · school attendence monitoring system (22) · credit card (18)
- 42 CVE11 critCVSS 8.6Nuclei 3PoC 26x5000r firmware (12) · ac1200 t8 (5) · ex1200l (5)
- 40 CVE1 critCVSS 6.8PoC 4mage-ai (5) · django (4) · ckan (3)
- 38 CVECVSS 6.2NEWPoC 34tailoring management system (5) · airline reservation system (5) · project expense monitoring system (5)
- 38 CVE8 critCVSS 7.2NEWPoC 15responsive school management system (17) · music management system (17) · live membership system (4)
- 34 CVECVSS 6.7PoC 1oneapi base toolkit (8) · ethernet 800 series controllers driver (4) · distribution for gdb (4)
- 34 CVECVSS 5.7KEV 1Nuclei 1android (16) · notes (15) · wear os (1)
- 33 CVECVSS 5.6samsung mobile devices (17) · samsung notes (15) · samsung email (1)
- 32 CVE4 critCVSS 6.9Nuclei 3PoC 2directus (3) · elliptic (3) · flowise (2)
- 32 CVECVSS 7.6NEWwcd9380 firmware (31) · qca6698aq firmware (31) · fastconnect 6900 firmware (31)
- 32 CVECVSS 7.7NEWsnapdragon (32)
- 31 CVECVSS 6.0cloud pak for security (4) · db2 (4) · db2 for linux, unix and windows (4)
- 30 CVECVSS 6.3NEWamd radeon™ pro w6000 series graphics cards (9) · amd radeon™ rx 6000 series graphics cards (9) · amd ryzen™ embedded r1000 series processors (8)
- 29 CVE7 critCVSS 7.0Nuclei 1PoC 28dns-726-4 firmware (18) · dns-325 firmware (18) · dns-326 firmware (18)
- 28 CVE2 critCVSS 6.4KEV 2opensuse leap (24) · opensuse tumbleweed (23) · suse package hub (16)
- 27 CVE8 critCVSS 7.5Nuclei 1PoC 2org.openhab.ui.bundles:org.openhab.ui.cometvisu (4) · org.jenkins-ci.main:jenkins-core (2) · org.apache.dolphinscheduler:dolphinscheduler (2)
- 25 CVE1 critCVSS 8.4NEWPoC 16tenda fh1206 (9) · tenda fh1201 (4) · tenda o6 (3)
- 24 CVECVSS 7.0NEWPoC 24dns-726-4 (21) · dns-343 (21) · dns-345 (21)
- 24 CVE7 critCVSS 7.5NEWNuclei 1PoC 22dns-726-4 (13) · dnr-326 (13) · dns-1100-4 (13)
- 23 CVE1 critCVSS 6.9NEWsinec traffic analyzer (5) · sinec nms (5) · omnivise t3000 application server r9.2 (4)
- 23 CVE5 critCVSS 8.6NEWcms netcat extra (23)
- 21 CVE3 critCVSS 7.1PoC 19nx-os (7) · cisco small business spa300 series ip phones (5) · cisco identity services engine (5)
- 21 CVECVSS 5.0NEWmattermost (21) · mattermost server (8) · mattermost channel export (1)
- 20 CVE4 critCVSS 7.5KEV 1Nuclei 2PoC 1dolphinscheduler (3) · linkis (2) · hertzbeat (2)
- 20 CVECVSS 6.4PoC 2emc idrac service module (5) · idrac service module (ism) (5) · poweredge t440 firmware (2)
- 20 CVECVSS 7.9NEWadaudit plus (13) · endpoint central (2) · pam360 (1)
- 20 CVE1 critCVSS 7.2NEWnetiq advance authentication (6) · arcsight intelligence (3) · performance center (2)
- 20 CVECVSS 8.0NEWmanageengine adaudit plus (13) · manageengine supportcenter plus (2) · manageengine servicedesk plus (2)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | сообщество свободного программного обеспечения | 410 | 12 | 2 | 5 | KEV 2Nuclei 5PoC 12 | linux (303) · debian gnu/linux (268) · ofono (7) | — | |
| 2 | ооо «ред софт» | 338 | 9 | 3 | 1 | KEV 3Nuclei 1PoC 8 | ред ос (338) | — | |
| 3 | linux | 302 | 1 | · | · | PoC 1 | linux (302) · linux kernel (302) | — | |
| 4 | ооо «русбитех-астра» | 258 | 5 | 2 | · | KEV 2PoC 6 | astra linux special edition (249) · astra linux common edition (58) · astra linux special edition для «эльбрус» (10) | — | |
| 5 | ао "нппкт" | 230 | 3 | 2 | · | KEV 2PoC 3 | осон основа оnyx (230) | — | |
| 6 | canonical ltd. | 146 | 2 | · | · | PoC 1 | ubuntu (146) · wpa_supplicant (1) | — | |
| 7 | microsoft corp | 139 | 10 | 8 | · | KEV 8PoC 4 | windows server 2022 (58) · windows server 2022 (server core installation) (56) · windows server 2022, 23h2 edition (server core installation) (56) | — | |
| 8 | sourcecodester | 114 | · | · | · | PoC 114 | simple realtime quiz system (12) · car driving school management system (12) · clinics patient management system (10) | — | |
| 9 | red hat inc. | 111 | · | · | · | PoC 1 | red hat enterprise linux (108) · openshift container platform (4) · logging subsystem for red hat openshift (2) | — | |
| 10 | microsoft | 100 | 9 | 8 | · | KEV 8PoC 4 | windows server 2022 (58) · windows server 2022, 23h2 edition (server core installation) (56) · windows server 2022 23h2 (56) | — | |
| 11 | adobe | 90 | 1 | · | · | commerce (23) · adobe commerce (23) · magento (23) | — | ||
| 12 | oretnom23 | 68 | 2 | · | · | PoC 67 | simple realtime quiz system (12) · car driving school management system (12) · clinic\'s patient management system (10) | — | |
| 13 | adobe systems inc. | 65 | 1 | · | · | magento open source (23) · adobe commerce (23) · adobe experience manager (13) | — | ||
| 14 | go | 62 | 4 | · | 4 | Nuclei 4PoC 2 | github.com/mattermost/mattermost/server/v8 (17) · github.com/mattermost/mattermost (3) · github.com/cosmwasm/wasmd (3) | — | |
| 15 | 62 | 2 | 2 | · | KEV 2 | chrome (46) · android (14) · grpc (1) | — | ||
| 16 | tenda | 59 | 14 | · | · | PoC 32 | fh1206 firmware (23) · ax1806 firmware (11) · fh1201 firmware (11) | — | |
| 17 | ао «ивк» | 58 | 5 | · | · | PoC 1 | альт сп 10 (55) · альт 8 сп (15) | — | |
| 18 | intel corp. | 52 | · | · | · | PoC 1 | intel oneapi base toolkit (9) · intel c250 series (5) · 8th generation intel core processors (5) | — | |
| 19 | google inc | 49 | 2 | 2 | · | KEV 2PoC 1 | google chrome (48) · chrome os (1) | — | |
| 20 | packagist | 49 | 1 | · | 2 | Nuclei 2PoC 5 | magento/community-edition (22) · magento/project-community-edition (17) · shopware/platform (4) | — | |
| 21 | ао «нтц ит роса» | 49 | 5 | · | · | PoC 2 | rosa virtualization 3.0 (36) · роса кобальт (12) · rosa virtualization (7) | — | |
| 22 | unknown | 44 | 5 | · | 43 | Nuclei 43PoC 44 | wp-cart-for-digital-products (3) · woocommerce customers manager (3) · chatbot with chatgpt wordpress (2) | — | |
| 23 | janobe | 42 | 18 | · | · | NEWPoC 4 | school event management system (28) · school attendence monitoring system (22) · credit card (18) | — | |
| 24 | totolink | 42 | 11 | · | 3 | Nuclei 3PoC 26 | x5000r firmware (12) · ac1200 t8 (5) · ex1200l (5) | — | |
| 25 | pypi | 40 | 1 | · | · | PoC 4 | mage-ai (5) · django (4) · ckan (3) | — | |
| 26 | itsourcecode | 38 | · | · | · | NEWPoC 34 | tailoring management system (5) · airline reservation system (5) · project expense monitoring system (5) | — | |
| 27 | lopalopa | 38 | 8 | · | · | NEWPoC 15 | responsive school management system (17) · music management system (17) · live membership system (4) | — | |
| 28 | intel | 34 | · | · | · | PoC 1 | oneapi base toolkit (8) · ethernet 800 series controllers driver (4) · distribution for gdb (4) | — | |
| 29 | samsung | 34 | · | 1 | 1 | KEV 1Nuclei 1 | android (16) · notes (15) · wear os (1) | — | |
| 30 | samsung mobile | 33 | · | · | · | samsung mobile devices (17) · samsung notes (15) · samsung email (1) | — | ||
| 31 | npm | 32 | 4 | · | 3 | Nuclei 3PoC 2 | directus (3) · elliptic (3) · flowise (2) | — | |
| 32 | qualcomm | 32 | · | · | · | NEW | wcd9380 firmware (31) · qca6698aq firmware (31) · fastconnect 6900 firmware (31) | — | |
| 33 | qualcomm, inc. | 32 | · | · | · | NEW | snapdragon (32) | — | |
| 34 | ibm | 31 | · | · | · | cloud pak for security (4) · db2 (4) · db2 for linux, unix and windows (4) | — | ||
| 35 | amd | 30 | · | · | · | NEW | amd radeon™ pro w6000 series graphics cards (9) · amd radeon™ rx 6000 series graphics cards (9) · amd ryzen™ embedded r1000 series processors (8) | — | |
| 36 | dlink | 29 | 7 | · | 1 | Nuclei 1PoC 28 | dns-726-4 firmware (18) · dns-325 firmware (18) · dns-326 firmware (18) | — | |
| 37 | novell inc. | 28 | 2 | 2 | · | KEV 2 | opensuse leap (24) · opensuse tumbleweed (23) · suse package hub (16) | — | |
| 38 | maven | 27 | 8 | · | 1 | Nuclei 1PoC 2 | org.openhab.ui.bundles:org.openhab.ui.cometvisu (4) · org.jenkins-ci.main:jenkins-core (2) · org.apache.dolphinscheduler:dolphinscheduler (2) | — | |
| 39 | shenzhen tenda technology co., ltd. | 25 | 1 | · | · | NEWPoC 16 | tenda fh1206 (9) · tenda fh1201 (4) · tenda o6 (3) | — | |
| 40 | d-link | 24 | · | · | · | NEWPoC 24 | dns-726-4 (21) · dns-343 (21) · dns-345 (21) | — | |
| 41 | d-link corp. | 24 | 7 | · | 1 | NEWNuclei 1PoC 22 | dns-726-4 (13) · dnr-326 (13) · dns-1100-4 (13) | — | |
| 42 | siemens | 23 | 1 | · | · | NEW | sinec traffic analyzer (5) · sinec nms (5) · omnivise t3000 application server r9.2 (4) | — | |
| 43 | ооо «неткэт» | 23 | 5 | · | · | NEW | cms netcat extra (23) | — | |
| 44 | cisco systems inc. | 21 | 3 | · | · | PoC 19 | nx-os (7) · cisco small business spa300 series ip phones (5) · cisco identity services engine (5) | — | |
| 45 | mattermost | 21 | · | · | · | NEW | mattermost (21) · mattermost server (8) · mattermost channel export (1) | — | |
| 46 | apache | 20 | 4 | 1 | 2 | KEV 1Nuclei 2PoC 1 | dolphinscheduler (3) · linkis (2) · hertzbeat (2) | — | |
| 47 | dell | 20 | · | · | · | PoC 2 | emc idrac service module (5) · idrac service module (ism) (5) · poweredge t440 firmware (2) | — | |
| 48 | manageengine | 20 | · | · | · | NEW | adaudit plus (13) · endpoint central (2) · pam360 (1) | — | |
| 49 | opentext | 20 | 1 | · | · | NEW | netiq advance authentication (6) · arcsight intelligence (3) · performance center (2) | — | |
| 50 | zohocorp | 20 | · | · | · | NEW | manageengine adaudit plus (13) · manageengine supportcenter plus (2) · manageengine servicedesk plus (2) | — |