month report
September 2003
Data as of Jun 11, 2026, 06:04 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
September 2003 closed with 105 published CVEs. 16 criticals, redhat led volume, mostly via red hat enterprise linux. Biggest breakout: redhat at ×9.0 their 12-month median. Top weakness class — CWE-119 (1 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
105
— MoM— YoY
Severity mix
16 / 52
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
0.0%
0 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
—
n=0
Within 7 days
—%
Within 30 days
—%
Days → KEV (median)
—
n=0
Weakness × Vendor
What's spreading where in September 2003
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
Most discussed CVEs — September 2003
No CVE mentions in the news this month yet.
Breakout vendors
CVE count ≥3× their own 12-period median.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #7phpwebsite4 CVE
- #13nokia3 CVE
- #14sap3 CVE
- #18digium2 CVE
- #19gentoo2 CVE
- #21kismac2 CVE
- #22newsphp2 CVE
- #23nicolas boullis2 CVE
- #25py-membres2 CVE
- #28squished mosquito2 CVE
Top vendors
Ranked by distinct CVE count this period.
- 9 CVE1 critCVSS 7.2×9.0red hat enterprise linux (7) · pam smb (1) · enterprise linux (1)
- 8 CVE3 critCVSS 8.4×8.0windows nt (3) · windows 2003 server (3) · windows 2000 (3)
- 8 CVE2 critCVSS 7.5openssh (5) · openbsd (3)
- 7 CVE2 critCVSS 7.7PoC 1aix (4) · db2 universal database (3)
- 6 CVECVSS 6.3PoC 1sane (6) · sane-backend (6)
- 5 CVE1 critCVSS 7.5debian gnu/linux (5)
- 4 CVECVSS 6.8NEWphpwebsite (4)
- 3 CVE1 critCVSS 7.5mac os x (3) · mac os x server (3)
- 3 CVE1 critCVSS 7.5×3.0tru64 (3)
- 3 CVE1 critCVSS 6.7×3.0freebsd (3)
- 3 CVE1 critCVSS 7.5×3.0hp-ux (2) · openview (1)
- 3 CVE1 critCVSS 8.3netbsd (3)
- 3 CVECVSS 5.6NEWPoC 1electronic documentation (3)
- 3 CVECVSS 5.6NEWPoC 1internet transaction server (3)
- 3 CVE1 critCVSS 8.3sendmail (3) · advanced message server (2) · sendmail pro (2)
- 3 CVE1 critCVSS 7.5irix (3)
- 2 CVE2 critCVSS 10.0PoC 1ciscoworks cd1 (2) · ciscoworks common management foundation (2) · resource manager (2)
- 2 CVECVSS 7.5NEWPoC 1asterisk (2)
- 2 CVE1 critCVSS 8.8NEWlinux (2)
- 2 CVE1 critCVSS 8.8kde (2)
- 2 CVECVSS 7.2NEWkismac (2)
- 2 CVECVSS 6.3NEWPoC 1newsphp (2)
- 2 CVECVSS 6.3NEWmah-jong (2)
- 2 CVE1 critCVSS 5.5PoC 1mysql (1) · database server (1)
- 2 CVECVSS 7.5NEWpy-membres (2)
- 2 CVECVSS 6.1PoC 1realone player (1) · helix universal server (1) · realone desktop manager (1)
- 2 CVECVSS 6.1openserver (1) · unixware (1)
- 2 CVECVSS 4.7NEWescapade (2)
- 2 CVE2 critCVSS 10.0solaris (2) · sunos (1)
- 2 CVECVSS 7.5NEWlinuxnode (2)
- 2 CVE1 critCVSS 8.8NEWturbolinux advanced server (2) · turbolinux server (2) · turbolinux workstation (2)
- 1 CVECVSS 6.8PoC 1tomcat (1)
- 1 CVECVSS 4.6NEWapache gallery (1)
- 1 CVECVSS 7.2NEWatari800 (1)
- 1 CVECVSS 7.5NEWPoC 1attilaphp (1)
- 1 CVECVSS 6.8NEWliquid data (1) · weblogic integration (1) · weblogic server (1)
- 1 CVECVSS 7.5NEWipmasq (1)
- 1 CVECVSS 5.0openlinux server (1) · openlinux workstation (1) · openserver (1)
- 1 CVE1 critCVSS 10.0NEWsnmpc (1)
- 1 CVECVSS 5.0firewall-1 (1)
- 1 CVE1 critCVSS 9.0linux (1)
- 1 CVECVSS 7.5NEWpam smb (1)
- 1 CVECVSS 7.5NEWPoC 1foxweb (1)
- 1 CVECVSS 7.5NEWftp desktop (1)
- 1 CVECVSS 7.5NEWroger wilco dedicated server (1) · roger wilco graphical server (1)
- 1 CVECVSS 7.5NEWgkrellm (1)
- 1 CVECVSS 5.0gtkhtml (1)
- 1 CVECVSS 7.5lsh (1)
- 1 CVE1 critCVSS 10.0NEWgtkftp (1)
- 1 CVECVSS 6.4horde (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | redhat | 9 | 1 | · | · | ×9.0 | red hat enterprise linux (7) · pam smb (1) · enterprise linux (1) | — | |
| 2 | microsoft | 8 | 3 | · | · | ×8.0 | windows nt (3) · windows 2003 server (3) · windows 2000 (3) | — | |
| 3 | openbsd | 8 | 2 | · | · | openssh (5) · openbsd (3) | — | ||
| 4 | ibm | 7 | 2 | · | · | PoC 1 | aix (4) · db2 universal database (3) | — | |
| 5 | sane | 6 | · | · | · | PoC 1 | sane (6) · sane-backend (6) | — | |
| 6 | сообщество свободного программного обеспечения | 5 | 1 | · | · | debian gnu/linux (5) | — | ||
| 7 | phpwebsite | 4 | · | · | · | NEW | phpwebsite (4) | — | |
| 8 | apple | 3 | 1 | · | · | mac os x (3) · mac os x server (3) | — | ||
| 9 | compaq | 3 | 1 | · | · | ×3.0 | tru64 (3) | — | |
| 10 | freebsd | 3 | 1 | · | · | ×3.0 | freebsd (3) | — | |
| 11 | hp | 3 | 1 | · | · | ×3.0 | hp-ux (2) · openview (1) | — | |
| 12 | netbsd | 3 | 1 | · | · | netbsd (3) | — | ||
| 13 | nokia | 3 | · | · | · | NEWPoC 1 | electronic documentation (3) | — | |
| 14 | sap | 3 | · | · | · | NEWPoC 1 | internet transaction server (3) | — | |
| 15 | sendmail | 3 | 1 | · | · | sendmail (3) · advanced message server (2) · sendmail pro (2) | — | ||
| 16 | sgi | 3 | 1 | · | · | irix (3) | — | ||
| 17 | cisco | 2 | 2 | · | · | PoC 1 | ciscoworks cd1 (2) · ciscoworks common management foundation (2) · resource manager (2) | — | |
| 18 | digium | 2 | · | · | · | NEWPoC 1 | asterisk (2) | — | |
| 19 | gentoo | 2 | 1 | · | · | NEW | linux (2) | — | |
| 20 | kde | 2 | 1 | · | · | kde (2) | — | ||
| 21 | kismac | 2 | · | · | · | NEW | kismac (2) | — | |
| 22 | newsphp | 2 | · | · | · | NEWPoC 1 | newsphp (2) | — | |
| 23 | nicolas boullis | 2 | · | · | · | NEW | mah-jong (2) | — | |
| 24 | oracle | 2 | 1 | · | · | PoC 1 | mysql (1) · database server (1) | — | |
| 25 | py-membres | 2 | · | · | · | NEW | py-membres (2) | — | |
| 26 | realnetworks | 2 | · | · | · | PoC 1 | realone player (1) · helix universal server (1) · realone desktop manager (1) | — | |
| 27 | sco | 2 | · | · | · | openserver (1) · unixware (1) | — | ||
| 28 | squished mosquito | 2 | · | · | · | NEW | escapade (2) | — | |
| 29 | sun | 2 | 2 | · | · | solaris (2) · sunos (1) | — | ||
| 30 | tomi manninen | 2 | · | · | · | NEW | linuxnode (2) | — | |
| 31 | turbolinux | 2 | 1 | · | · | NEW | turbolinux advanced server (2) · turbolinux server (2) · turbolinux workstation (2) | — | |
| 32 | apache | 1 | · | · | · | PoC 1 | tomcat (1) | — | |
| 33 | apache gallery | 1 | · | · | · | NEW | apache gallery (1) | — | |
| 34 | atari800 | 1 | · | · | · | NEW | atari800 (1) | — | |
| 35 | attila-php.net | 1 | · | · | · | NEWPoC 1 | attilaphp (1) | — | |
| 36 | bea | 1 | · | · | · | NEW | liquid data (1) · weblogic integration (1) · weblogic server (1) | — | |
| 37 | brian bassett | 1 | · | · | · | NEW | ipmasq (1) | — | |
| 38 | caldera | 1 | · | · | · | openlinux server (1) · openlinux workstation (1) · openserver (1) | — | ||
| 39 | castle rock computing | 1 | 1 | · | · | NEW | snmpc (1) | — | |
| 40 | checkpoint | 1 | · | · | · | firewall-1 (1) | — | ||
| 41 | conectiva | 1 | 1 | · | · | linux (1) | — | ||
| 42 | dave airlie | 1 | · | · | · | NEW | pam smb (1) | — | |
| 43 | foxweb | 1 | · | · | · | NEWPoC 1 | foxweb (1) | — | |
| 44 | ftp desktop | 1 | · | · | · | NEW | ftp desktop (1) | — | |
| 45 | gamespy | 1 | · | · | · | NEW | roger wilco dedicated server (1) · roger wilco graphical server (1) | — | |
| 46 | gkrellm | 1 | · | · | · | NEW | gkrellm (1) | — | |
| 47 | gnome | 1 | · | · | · | gtkhtml (1) | — | ||
| 48 | gnu | 1 | · | · | · | lsh (1) | — | ||
| 49 | gtkftpd | 1 | 1 | · | · | NEW | gtkftp (1) | — | |
| 50 | horde | 1 | · | · | · | horde (1) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- Operating Systems45 CVE29 crit19 vendorsCVSS 8.4red hat enterprise linux (7) · sane (6) · sane-backend (6)
- Enterprise Software15 CVE3 crit7 vendorsCVSS 7.6aix (4) · db2 universal database (3) · hp-ux (2)
- Web & CMS Plugins13 CVE8 vendorsCVSS 7.5phpwebsite (4) · newsphp (2) · py-membres (2)
- Consumer Software10 CVE7 vendorsCVSS 7.5helix universal server (1) · realone desktop manager (1) · realone enterprise desktop (1)
- Communications9 CVE4 crit6 vendorsCVSS 7.8sendmail (3) · advanced message server (2) · sendmail pro (2)
- 9 crit4 vendorsCVSS 10.0electronic documentation (3) · proftpd (1)
- OSS Libraries4 CVE4 vendorsCVSS 7.5attilaphp (1) · exim (1) · lsh (1)
- Security Products4 CVE1 crit4 vendorsCVSS 10.0pam ldap (1)
- Mobile Apps3 CVE2 crit1 vendorsCVSS 7.5mac os x (3) · mac os x server (3)
- Databases2 CVE2 crit2 vendorsCVSS 6.7mysql (2) · database server (1)
- Cloud & SaaS1 CVE1 vendorsCVSS 4.6workstation (1)
- Unclassified11 CVE2 crit9 vendorsCVSS 7.4escapade (2) · linuxnode (2) · atari800 (1)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Operating Systems▸ 3 | 45 | 29 | · | 19 | 39 | 8.4 | red hat enterprise linux (7) · sane (6) · sane-backend (6) |
| Enterprise Software▸ 4 | 15 | 3 | · | 7 | 11 | 7.6 | aix (4) · db2 universal database (3) · hp-ux (2) |
| Web & CMS Plugins▸ 3 | 13 | · | · | 8 | 8 | 7.5 | phpwebsite (4) · newsphp (2) · py-membres (2) |
| Consumer Software▸ 4 | 10 | · | · | 7 | 12 | 7.5 | helix universal server (1) · realone desktop manager (1) · realone enterprise desktop (1) |
| Communications▸ 3 | 9 | 4 | · | 6 | 9 | 7.8 | sendmail (3) · advanced message server (2) · sendmail pro (2) |
| Networking Infrastructure▸ 2 | 7 | 9 | · | 4 | 7 | 10.0 | electronic documentation (3) · proftpd (1) |
| OSS Libraries▸ 2 | 4 | · | · | 4 | 4 | 7.5 | attilaphp (1) · exim (1) · lsh (1) |
| Security Products▸ 3 | 4 | 1 | · | 4 | 4 | 10.0 | pam ldap (1) |
| Mobile Apps▸ 1 | 3 | 2 | · | 1 | 2 | 7.5 | mac os x (3) · mac os x server (3) |
| Databases▸ 1 | 2 | 2 | · | 2 | 2 | 6.7 | mysql (2) · database server (1) |
| Cloud & SaaS▸ 1 | 1 | · | · | 1 | 1 | 4.6 | workstation (1) |
| Unclassified | 11 | 2 | · | 9 | 9 | 7.4 | escapade (2) · linuxnode (2) · atari800 (1) |
Weakness × Sector
Which weaknesses hit which solution categories in September 2003
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.