month report
September 2005
Data as of Jun 11, 2026, 06:04 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
September 2005 closed with 316 published CVEs. 8 criticals, linux led volume, mostly via linux kernel. Biggest breakout: linux at ×4.0 their 12-month median. Top weakness class — CWE-119 (3 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
316
— MoM— YoY
Severity mix
8 / 111
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
0.0%
0 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
—
n=0
Within 7 days
—%
Within 30 days
—%
Days → KEV (median)
6048
n=1
Detection gap
KEV pressure, no Nuclei coverage
September 2005 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 1hp3 CVE
Weakness × Vendor
What's spreading where in September 2005
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
Most discussed CVEs — September 2005
No CVE mentions in the news this month yet.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #7phpmyfaq5 CVE
- #8avi alkalay4 CVE
- #9bugada andrea4 CVE
- #10canonical4 CVE
- #11maxdev4 CVE
- #13pblang4 CVE
- #16adaptive technology resource centre3 CVE
- #17ahnlab3 CVE
- #18barracuda networks3 CVE
- #19bfcommand and control software3 CVE
Top vendors
Ranked by distinct CVE count this period.
- 16 CVECVSS 3.1×4.0PoC 1linux kernel (16)
- 14 CVE1 critCVSS 4.8PoC 1debian gnu/linux (14)
- 10 CVECVSS 6.3firefox (10) · mozilla suite (7) · mozilla (1)
- 7 CVECVSS 5.4PoC 2vbulletin (7)
- 5 CVE1 critCVSS 4.6debian linux (4) · backupninja (1)
- 5 CVECVSS 6.0wrt54g (5)
- 5 CVECVSS 5.5NEWPoC 2phpmyfaq (5)
- 4 CVECVSS 6.9NEWPoC 3contribute.cgi (1) · man cgi (1) · notify (1)
- 4 CVECVSS 5.5NEWphp advanced transfer manager (4)
- 4 CVE1 critCVSS 6.5NEWubuntu linux (4)
- 4 CVE1 critCVSS 6.7NEWPoC 2md-pro (4)
- 4 CVE1 critCVSS 5.7opera browser (4)
- 4 CVECVSS 5.5NEWPoC 2pblang (4)
- 4 CVECVSS 5.3PoC 1enterprise linux (2) · red hat enterprise linux (2) · enterprise linux desktop (1)
- 4 CVECVSS 3.8solaris (4) · sunos (2)
- 3 CVECVSS 5.7NEWPoC 1atutor (3)
- 3 CVECVSS 6.7NEWv3net (3) · v3pro 2004 (3) · v3 virusblock 2005 (3)
- 3 CVECVSS 6.3NEWPoC 2barracuda spam firewall (3)
- 3 CVECVSS 6.7NEWPoC 1bfcc (3) · bfvcc (3)
- 3 CVECVSS 7.5NEWPoC 1vxftpsrv (1) · vxtftpsrv (1) · vxweb (1)
- 3 CVECVSS 4.9NEWcosmoshop (3)
- 3 CVECVSS 5.2NEWPoC 2flatnuke (3)
- 3 CVECVSS 4.6PoC 2emacs (1) · mailutils (1) · texinfo (1)
- 3 CVE1 critCVSS 4.5KEV 1hp-ux (1) · laserjet 2430 (1) · openview network node manager (1)
- 3 CVECVSS 5.7aix (1) · lotus domino (1) · lotus domino enterprise server (1)
- 3 CVECVSS 4.3NEWmantis (3)
- 3 CVECVSS 3.5antispyware (1) · ie for macintosh (1) · windows 2003 server (1)
- 3 CVECVSS 5.4NEWPoC 1land down under (3)
- 3 CVECVSS 6.4NEWPoC 2phpcommunitycalendar (3)
- 3 CVECVSS 4.0NEWmovable type (3)
- 3 CVECVSS 5.0×3.0squid (3)
- 2 CVECVSS 6.3NEWe-friends (1) · epay (1)
- 2 CVECVSS 4.3NEWcjweb2mail (1) · cjlinkout (1)
- 2 CVECVSS 6.3clamav (2)
- 2 CVECVSS 5.9NEWPoC 2cms made simple (2)
- 2 CVECVSS 6.3NEWdriverstudio (2)
- 2 CVECVSS 5.9NEWcutenews (2)
- 2 CVECVSS 5.9NEWdownfile (2)
- 2 CVECVSS 7.3NEWfrox (2)
- 2 CVECVSS 3.5PoC 1gentoo linux (2)
- 2 CVECVSS 7.5NEWPoC 1hesk (2)
- 2 CVECVSS 4.3NEWhiki (2)
- 2 CVECVSS 2.9hylafax (2)
- 2 CVECVSS 4.3PoC 1sqwebmail (2)
- 2 CVECVSS 6.3interchange (2)
- 2 CVECVSS 5.9NEWlooking glass (2)
- 2 CVECVSS 7.5NEWmall23 (2)
- 2 CVECVSS 4.8NEWmasqmail (2)
- 2 CVECVSS 5.0NEWPoC 1multitheftauto (2)
- 2 CVECVSS 7.5NEWnateon messenger (2)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | linux | 16 | · | · | · | ×4.0PoC 1 | linux kernel (16) | — | |
| 2 | сообщество свободного программного обеспечения | 14 | 1 | · | · | PoC 1 | debian gnu/linux (14) | — | |
| 3 | mozilla | 10 | · | · | · | firefox (10) · mozilla suite (7) · mozilla (1) | — | ||
| 4 | jelsoft | 7 | · | · | · | PoC 2 | vbulletin (7) | — | |
| 5 | debian | 5 | 1 | · | · | debian linux (4) · backupninja (1) | — | ||
| 6 | linksys | 5 | · | · | · | wrt54g (5) | — | ||
| 7 | phpmyfaq | 5 | · | · | · | NEWPoC 2 | phpmyfaq (5) | — | |
| 8 | avi alkalay | 4 | · | · | · | NEWPoC 3 | contribute.cgi (1) · man cgi (1) · notify (1) | — | |
| 9 | bugada andrea | 4 | · | · | · | NEW | php advanced transfer manager (4) | — | |
| 10 | canonical | 4 | 1 | · | · | NEW | ubuntu linux (4) | — | |
| 11 | maxdev | 4 | 1 | · | · | NEWPoC 2 | md-pro (4) | — | |
| 12 | opera | 4 | 1 | · | · | opera browser (4) | — | ||
| 13 | pblang | 4 | · | · | · | NEWPoC 2 | pblang (4) | — | |
| 14 | redhat | 4 | · | · | · | PoC 1 | enterprise linux (2) · red hat enterprise linux (2) · enterprise linux desktop (1) | — | |
| 15 | sun | 4 | · | · | · | solaris (4) · sunos (2) | — | ||
| 16 | adaptive technology resource centre | 3 | · | · | · | NEWPoC 1 | atutor (3) | — | |
| 17 | ahnlab | 3 | · | · | · | NEW | v3net (3) · v3pro 2004 (3) · v3 virusblock 2005 (3) | — | |
| 18 | barracuda networks | 3 | · | · | · | NEWPoC 2 | barracuda spam firewall (3) | — | |
| 19 | bfcommand and control software | 3 | · | · | · | NEWPoC 1 | bfcc (3) · bfvcc (3) | — | |
| 20 | cambridge computer corporation | 3 | · | · | · | NEWPoC 1 | vxftpsrv (1) · vxtftpsrv (1) · vxweb (1) | — | |
| 21 | cosmoshop | 3 | · | · | · | NEW | cosmoshop (3) | — | |
| 22 | flatnuke | 3 | · | · | · | NEWPoC 2 | flatnuke (3) | — | |
| 23 | gnu | 3 | · | · | · | PoC 2 | emacs (1) · mailutils (1) · texinfo (1) | — | |
| 24 | hp | 3 | 1 | 1 | · | KEV 1 | hp-ux (1) · laserjet 2430 (1) · openview network node manager (1) | — | |
| 25 | ibm | 3 | · | · | · | aix (1) · lotus domino (1) · lotus domino enterprise server (1) | — | ||
| 26 | mantis | 3 | · | · | · | NEW | mantis (3) | — | |
| 27 | microsoft | 3 | · | · | · | antispyware (1) · ie for macintosh (1) · windows 2003 server (1) | — | ||
| 28 | neocrome | 3 | · | · | · | NEWPoC 1 | land down under (3) | — | |
| 29 | phpcommunitycalendar | 3 | · | · | · | NEWPoC 2 | phpcommunitycalendar (3) | — | |
| 30 | six apart | 3 | · | · | · | NEW | movable type (3) | — | |
| 31 | squid | 3 | · | · | · | ×3.0 | squid (3) | — | |
| 32 | alstrasoft | 2 | · | · | · | NEW | e-friends (1) · epay (1) | — | |
| 33 | cj desing | 2 | · | · | · | NEW | cjweb2mail (1) · cjlinkout (1) | — | |
| 34 | clam anti-virus | 2 | · | · | · | clamav (2) | — | ||
| 35 | cmsmadesimple | 2 | · | · | · | NEWPoC 2 | cms made simple (2) | — | |
| 36 | compuware | 2 | · | · | · | NEW | driverstudio (2) | — | |
| 37 | cutephp | 2 | · | · | · | NEW | cutenews (2) | — | |
| 38 | eric fichot | 2 | · | · | · | NEW | downfile (2) | — | |
| 39 | frox | 2 | · | · | · | NEW | frox (2) | — | |
| 40 | gentoo foundation inc. | 2 | · | · | · | PoC 1 | gentoo linux (2) | — | |
| 41 | helpdesk software | 2 | · | · | · | NEWPoC 1 | hesk (2) | — | |
| 42 | hiki | 2 | · | · | · | NEW | hiki (2) | — | |
| 43 | hylafax | 2 | · | · | · | hylafax (2) | — | ||
| 44 | inter7 | 2 | · | · | · | PoC 1 | sqwebmail (2) | — | |
| 45 | interchange development group | 2 | · | · | · | interchange (2) | — | ||
| 46 | looking glass | 2 | · | · | · | NEW | looking glass (2) | — | |
| 47 | mall23 | 2 | · | · | · | NEW | mall23 (2) | — | |
| 48 | masqmail | 2 | · | · | · | NEW | masqmail (2) | — | |
| 49 | multitheftauto | 2 | · | · | · | NEWPoC 1 | multitheftauto (2) | — | |
| 50 | nateon | 2 | · | · | · | NEW | nateon messenger (2) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- Web & CMS Plugins77 CVE3 crit42 vendorsCVSS 6.7atutor (3) · flatnuke (3) · movable type (3)
- Operating Systems49 CVE3 crit19 vendorsCVSS 4.8linux kernel (16) · debian gnu/linux (14) · debian linux (4)
- 18 vendorsCVSS 6.3squid (3) · leapftp (1) · savant webserver (1)
- Consumer Software26 CVE2 crit13 vendorsCVSS 7.5firefox (10) · mozilla suite (7) · opera browser (4)
- Enterprise Software22 CVE1 crit1 KEV15 vendorsCVSS 7.5mantis (3) · hesk (2) · aix (1)
- OSS Libraries20 CVE12 vendorsCVSS 7.5pblang (4) · common-lisp-controller (1) · emacs (1)
- Security Products16 CVE1 crit13 vendorsCVSS 6.6v3 virusblock 2005 (3) · v3net (3) · v3pro 2004 (3)
- Communications10 CVE6 vendorsCVSS 7.5masqmail (2) · sqwebmail (2) · open webmail (1)
- DevTools & CI6 CVE4 vendorsCVSS 6.7driverstudio (2) · webmin (1)
- ICS / OT / IoT5 CVE3 vendorsCVSS 7.5bfcc (3) · bfvcc (3)
- Cloud & SaaS3 CVE2 vendorsCVSS 6.3e-friends (1) · epay (1)
- Databases2 CVE2 vendorsCVSS 7.5phpmyadmin (1)
- Hardware Firmware1 CVE1 vendorsCVSS 4.6qpopper (1)
- Mobile Apps1 CVE1 vendorsCVSS 5.0safari (1)
- Unclassified31 CVE2 crit25 vendorsCVSS 6.0multitheftauto (2) · perldiver (2) · web news (2)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Web & CMS Plugins▸ 6 | 77 | 3 | · | 42 | 43 | 6.7 | atutor (3) · flatnuke (3) · movable type (3) |
| Operating Systems▸ 3 | 49 | 3 | · | 19 | 25 | 4.8 | linux kernel (16) · debian gnu/linux (14) · debian linux (4) |
| Networking Infrastructure▸ 5 | 28 | · | · | 18 | 21 | 6.3 | squid (3) · leapftp (1) · savant webserver (1) |
| Consumer Software▸ 5 | 26 | 2 | · | 13 | 19 | 7.5 | firefox (10) · mozilla suite (7) · opera browser (4) |
| Enterprise Software▸ 3 | 22 | 1 | 1 | 15 | 22 | 7.5 | mantis (3) · hesk (2) · aix (1) |
| OSS Libraries▸ 3 | 20 | · | · | 12 | 14 | 7.5 | pblang (4) · common-lisp-controller (1) · emacs (1) |
| Security Products▸ 3 | 16 | 1 | · | 13 | 15 | 6.6 | v3 virusblock 2005 (3) · v3net (3) · v3pro 2004 (3) |
| Communications▸ 4 | 10 | · | · | 6 | 6 | 7.5 | masqmail (2) · sqwebmail (2) · open webmail (1) |
| DevTools & CI▸ 1 | 6 | · | · | 4 | 4 | 6.7 | driverstudio (2) · webmin (1) |
| ICS / OT / IoT▸ 3 | 5 | · | · | 3 | 10 | 7.5 | bfcc (3) · bfvcc (3) |
| Cloud & SaaS▸ 2 | 3 | · | · | 2 | 3 | 6.3 | e-friends (1) · epay (1) |
| Databases▸ 2 | 2 | · | · | 2 | 2 | 7.5 | phpmyadmin (1) |
| Hardware Firmware▸ 1 | 1 | · | · | 1 | 1 | 4.6 | qpopper (1) |
| Mobile Apps▸ 1 | 1 | · | · | 1 | 1 | 5.0 | safari (1) |
| Unclassified | 31 | 2 | · | 25 | 28 | 6.0 | multitheftauto (2) · perldiver (2) · web news (2) |
Weakness × Sector
Which weaknesses hit which solution categories in September 2005
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
119Memory Buffer Bounds264CWE-264399CWE-39979XSS17CWE-1720Improper Input Validation77Command Injection89SQL Injection94Code Injection189CWE-189Web & CMS Plugins1111Operating Systems22111Consumer Software31OSS Libraries1Networking InfrastructureEnterprise Software11Security Products11CommunicationsDevTools & CI11ICS / OT / IoT