month report
October 2007
Data as of Jun 11, 2026, 06:04 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
October 2007 closed with 984 published CVEs. 129 criticals, oracle led volume, mostly via database server. Top weakness class — CWE-119 (150 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
984
— MoM— YoY
Severity mix
129 / 238
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
0.3%
3 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
6702.1
n=3
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
—
n=0
Weakness × Vendor
What's spreading where in October 2007
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
119Memory Buffer Bounds79XSS94Code Injection264CWE-26420Improper Input Validation22Path Traversal89SQL Injection200Information Exposure16CWE-16189CWE-189oracle11122microsoft513722sun116221hp816112cisco313431ibm11111broadcom711211111сообщество свободного программного обеспечения312123mozilla51522joomla28opera112drupal3111
Most discussed CVEs — October 2007
No CVE mentions in the news this month yet.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #15phrozensmoke7 CVE
- #16realnetworks7 CVE
- #19netscape6 CVE
- #21phorum6 CVE
- #22phpbb6 CVE
- #23sitebar6 CVE
- #25mambo5 CVE
- #283com4 CVE
- #30atthat.com4 CVE
- #31axis4 CVE
Top vendors
Ranked by distinct CVE count this period.
- 37 CVE6 critCVSS 7.6PoC 2database server (16) · application server (14) · collaboration suite (7)
- 30 CVE3 critCVSS 6.0PoC 4internet explorer (9) · windows xp (4) · windows 2000 (3)
- 30 CVE3 critCVSS 5.5PoC 3jre (9) · jdk (9) · solaris (8)
- 25 CVE4 critCVSS 7.0PoC 1hp-ux (13) · openvms (2) · openview network node manager (2)
- 22 CVE6 critCVSS 7.6PoC 2ios (11) · firewall services module (3) · adaptive security appliance software (2)
- 22 CVE6 critCVSS 6.6PoC 1db2 universal database (6) · lotus domino (4) · db2 (4)
- 21 CVE14 critCVSS 9.1PoC 1brightstor arcserve backup (8) · brightstor enterprise backup (8) · brightstor arcserve backup laptops desktops (4)
- 17 CVE2 critCVSS 6.1PoC 7debian gnu/linux (17)
- 15 CVE1 critCVSS 4.8PoC 2firefox (11) · seamonkey (5) · mozilla (3)
- 10 CVECVSS 6.1PoC 6joomla (9) · com search component (1) · joomla\! (1)
- 9 CVE3 critCVSS 7.0opera browser (9)
- 8 CVECVSS 4.1PoC 1drupal (7) · asin field module (1) · drupal project issue tracking (1)
- 8 CVE3 critCVSS 8.6PoC 1norton personal firewall (3) · norton antivirus (3) · mail security 8820 appliance (2)
- 7 CVE7 critCVSS 9.9protection suites (4) · brightstor arcserve backup (3) · business protection suite (3)
- 7 CVECVSS 6.4NEWgyach enhanced (7)
- 7 CVE7 critCVSS 9.4NEWrealone player (6) · realplayer (6) · realplayer enterprise (4)
- 6 CVE2 critCVSS 6.0PoC 1darwin streaming server (2) · quicktime streaming server (2) · tcp ip configuration utility (1)
- 6 CVECVSS 6.5PoC 1debian linux (5) · guilt (1)
- 6 CVE1 critCVSS 5.8NEWPoC 2communicator (4) · navigator (3)
- 6 CVECVSS 5.8PoC 1meridian option 51c (4) · meridian option 11c (4) · meridian option 61c (4)
- 6 CVE1 critCVSS 6.0NEWPoC 2phorum (6)
- 6 CVECVSS 6.0NEWPoC 3phpbb (4) · advanced quick reply hack (1) · phpbbmod (1)
- 6 CVE1 critCVSS 6.2NEWPoC 4sitebar (6)
- 5 CVE1 critCVSS 6.1gentoo linux (5)
- 5 CVE1 critCVSS 6.9NEWPoC 4mambo (2) · mambo site server (2) · site server (1)
- 5 CVECVSS 4.7PoC 1openbsd (3) · openssh (2)
- 5 CVECVSS 6.5PoC 2virus control system (2) · pc-cillin internet security 2007 (1) · scan engine (1)
- 4 CVE1 critCVSS 6.9NEWPoC 13crwe554g72t (2) · 3c17210-us (1) · superstack 3 switch (1)
- 4 CVECVSS 5.4PoC 3tomcat (2) · http server (2) · jakarta slide (1)
- 4 CVECVSS 7.0NEWPoC 1thatware (4)
- 4 CVE1 critCVSS 6.3NEWPoC 22100 network camera (3) · 2100 network camera firmware (2) · 2400 video server (1)
- 4 CVECVSS 5.6weblogic server (4) · tuxedo (1) · weblogic integration (1)
- 4 CVECVSS 4.8NEWcms made simple (4)
- 4 CVE1 critCVSS 7.3NEWPoC 1unreal engine (4) · unreal tournament 2003 (1)
- 4 CVECVSS 6.5NEWfedora (4) · fedora core (1)
- 4 CVECVSS 5.3php-nuke (4)
- 4 CVE1 critCVSS 5.8NEWPoC 1kaspersky anti-virus (2) · kaspersky anti-hacker (1) · online scanner (1)
- 4 CVECVSS 4.5NEWlibpng (4)
- 4 CVECVSS 3.3PoC 1linux kernel (4)
- 4 CVECVSS 6.4NEWPoC 1fm114p (3) · ssl312 (1)
- 4 CVECVSS 5.4NEWPoC 1opera web browser (3) · opera (1)
- 4 CVE1 critCVSS 7.2PoC 2php (4)
- 4 CVECVSS 5.5NEWPoC 1phpmychat (4)
- 4 CVECVSS 7.3NEWcryptobuddy (4)
- 4 CVECVSS 6.7NEWPoC 1tikiwiki cms\/groupware (4)
- 4 CVE1 critCVSS 5.6NEWworkstation (2) · player (2) · server (2)
- 4 CVECVSS 5.9NEWPoC 1xoops (4)
- 4 CVECVSS 6.1NEWPoC 1else if cms (4)
- 3 CVE2 critCVSS 8.1flash player (1) · pagemaker (1) · shockwave player (1)
- 3 CVECVSS 3.1NEWakfingerd (3)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | oracle | 37 | 6 | · | · | PoC 2 | database server (16) · application server (14) · collaboration suite (7) | — | |
| 2 | microsoft | 30 | 3 | · | · | PoC 4 | internet explorer (9) · windows xp (4) · windows 2000 (3) | — | |
| 3 | sun | 30 | 3 | · | · | PoC 3 | jre (9) · jdk (9) · solaris (8) | — | |
| 4 | hp | 25 | 4 | · | · | PoC 1 | hp-ux (13) · openvms (2) · openview network node manager (2) | — | |
| 5 | cisco | 22 | 6 | · | · | PoC 2 | ios (11) · firewall services module (3) · adaptive security appliance software (2) | — | |
| 6 | ibm | 22 | 6 | · | · | PoC 1 | db2 universal database (6) · lotus domino (4) · db2 (4) | — | |
| 7 | broadcom | 21 | 14 | · | · | PoC 1 | brightstor arcserve backup (8) · brightstor enterprise backup (8) · brightstor arcserve backup laptops desktops (4) | — | |
| 8 | сообщество свободного программного обеспечения | 17 | 2 | · | · | PoC 7 | debian gnu/linux (17) | — | |
| 9 | mozilla | 15 | 1 | · | · | PoC 2 | firefox (11) · seamonkey (5) · mozilla (3) | — | |
| 10 | joomla | 10 | · | · | · | PoC 6 | joomla (9) · com search component (1) · joomla\! (1) | — | |
| 11 | opera | 9 | 3 | · | · | opera browser (9) | — | ||
| 12 | drupal | 8 | · | · | · | PoC 1 | drupal (7) · asin field module (1) · drupal project issue tracking (1) | — | |
| 13 | symantec | 8 | 3 | · | · | PoC 1 | norton personal firewall (3) · norton antivirus (3) · mail security 8820 appliance (2) | — | |
| 14 | ca | 7 | 7 | · | · | protection suites (4) · brightstor arcserve backup (3) · business protection suite (3) | — | ||
| 15 | phrozensmoke | 7 | · | · | · | NEW | gyach enhanced (7) | — | |
| 16 | realnetworks | 7 | 7 | · | · | NEW | realone player (6) · realplayer (6) · realplayer enterprise (4) | — | |
| 17 | apple | 6 | 2 | · | · | PoC 1 | darwin streaming server (2) · quicktime streaming server (2) · tcp ip configuration utility (1) | — | |
| 18 | debian | 6 | · | · | · | PoC 1 | debian linux (5) · guilt (1) | — | |
| 19 | netscape | 6 | 1 | · | · | NEWPoC 2 | communicator (4) · navigator (3) | — | |
| 20 | nortel | 6 | · | · | · | PoC 1 | meridian option 51c (4) · meridian option 11c (4) · meridian option 61c (4) | — | |
| 21 | phorum | 6 | 1 | · | · | NEWPoC 2 | phorum (6) | — | |
| 22 | phpbb | 6 | · | · | · | NEWPoC 3 | phpbb (4) · advanced quick reply hack (1) · phpbbmod (1) | — | |
| 23 | sitebar | 6 | 1 | · | · | NEWPoC 4 | sitebar (6) | — | |
| 24 | gentoo foundation inc. | 5 | 1 | · | · | gentoo linux (5) | — | ||
| 25 | mambo | 5 | 1 | · | · | NEWPoC 4 | mambo (2) · mambo site server (2) · site server (1) | — | |
| 26 | openbsd | 5 | · | · | · | PoC 1 | openbsd (3) · openssh (2) | — | |
| 27 | trendmicro | 5 | · | · | · | PoC 2 | virus control system (2) · pc-cillin internet security 2007 (1) · scan engine (1) | — | |
| 28 | 3com | 4 | 1 | · | · | NEWPoC 1 | 3crwe554g72t (2) · 3c17210-us (1) · superstack 3 switch (1) | — | |
| 29 | apache | 4 | · | · | · | PoC 3 | tomcat (2) · http server (2) · jakarta slide (1) | — | |
| 30 | atthat.com | 4 | · | · | · | NEWPoC 1 | thatware (4) | — | |
| 31 | axis | 4 | 1 | · | · | NEWPoC 2 | 2100 network camera (3) · 2100 network camera firmware (2) · 2400 video server (1) | — | |
| 32 | bea | 4 | · | · | · | weblogic server (4) · tuxedo (1) · weblogic integration (1) | — | ||
| 33 | cmsmadesimple | 4 | · | · | · | NEW | cms made simple (4) | — | |
| 34 | epic games | 4 | 1 | · | · | NEWPoC 1 | unreal engine (4) · unreal tournament 2003 (1) | — | |
| 35 | fedoraproject | 4 | · | · | · | NEW | fedora (4) · fedora core (1) | — | |
| 36 | francisco burzi | 4 | · | · | · | php-nuke (4) | — | ||
| 37 | kaspersky lab | 4 | 1 | · | · | NEWPoC 1 | kaspersky anti-virus (2) · kaspersky anti-hacker (1) · online scanner (1) | — | |
| 38 | libpng | 4 | · | · | · | NEW | libpng (4) | — | |
| 39 | linux | 4 | · | · | · | PoC 1 | linux kernel (4) | — | |
| 40 | netgear | 4 | · | · | · | NEWPoC 1 | fm114p (3) · ssl312 (1) | — | |
| 41 | opera software | 4 | · | · | · | NEWPoC 1 | opera web browser (3) · opera (1) | — | |
| 42 | php | 4 | 1 | · | · | PoC 2 | php (4) | — | |
| 43 | php heaven | 4 | · | · | · | NEWPoC 1 | phpmychat (4) | — | |
| 44 | research triangle software | 4 | · | · | · | NEW | cryptobuddy (4) | — | |
| 45 | tiki | 4 | · | · | · | NEWPoC 1 | tikiwiki cms\/groupware (4) | — | |
| 46 | vmware | 4 | 1 | · | · | NEW | workstation (2) · player (2) · server (2) | — | |
| 47 | xoops | 4 | · | · | · | NEWPoC 1 | xoops (4) | — | |
| 48 | yannick tanguy | 4 | · | · | · | NEWPoC 1 | else if cms (4) | — | |
| 49 | adobe | 3 | 2 | · | · | flash player (1) · pagemaker (1) · shockwave player (1) | — | ||
| 50 | akfingerd | 3 | · | · | · | NEW | akfingerd (3) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- Web & CMS Plugins211 CVE10 crit120 vendorsCVSS 6.9joomla (9) · drupal (7) · php-nuke (5)
- Operating Systems117 CVE16 crit26 vendorsCVSS 6.1debian gnu/linux (17) · debian linux (5) · gentoo linux (5)
- Enterprise Software102 CVE29 crit37 vendorsCVSS 7.3hp-ux (13) · db2 universal database (6) · db2 (4)
- Consumer Software81 CVE34 crit37 vendorsCVSS 8.6firefox (11) · opera browser (9) · seamonkey (5)
- 17 crit27 vendorsCVSS 7.4ios (11) · firewall services module (3) · fm114p (3)
- Communications51 CVE5 crit40 vendorsCVSS 6.8mailenable (3) · communigate pro (2) · mdaemon (2)
- Databases50 CVE16 crit11 vendorsCVSS 8.5database server (16) · application server (14) · collaboration suite (7)
- Security Products48 CVE30 crit28 vendorsCVSS 7.8norton antivirus (3) · norton personal firewall (3) · antivirus scan engine (2)
- OSS Libraries38 CVE5 crit27 vendorsCVSS 6.0libpng (4) · php (4) · webster http server (2)
- Cloud & SaaS35 CVE37 crit9 vendorsCVSS 10.0brightstor arcserve backup (8) · brightstor enterprise backup (8) · brightstor arcserve backup laptops desktops (4)
- DevTools & CI10 CVE3 crit7 vendorsCVSS 7.5unreal engine (4) · hm220dp adsl modem (1) · safedisc (1)
- Mobile Apps7 CVE2 crit2 vendorsCVSS 6.0darwin streaming server (2) · quicktime streaming server (2) · mac os x (1)
- ICS / OT / IoT6 CVE2 crit3 vendorsCVSS 6.12100 network camera (3) · 2100 network camera firmware (2) · 2400 video server (1)
- Hardware Firmware5 CVE2 crit3 vendorsCVSS 7.8eudora (2) · qpopper (1) · wgsd-1020 (1)
- Unclassified117 CVE9 crit92 vendorsCVSS 6.1gyach enhanced (7) · thatware (4) · akfingerd (3)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Web & CMS Plugins▸ 5 | 211 | 10 | · | 120 | 142 | 6.9 | joomla (9) · drupal (7) · php-nuke (5) |
| Operating Systems▸ 3 | 117 | 16 | · | 26 | 76 | 6.1 | debian gnu/linux (17) · debian linux (5) · gentoo linux (5) |
| Enterprise Software▸ 6 | 102 | 29 | · | 37 | 81 | 7.3 | hp-ux (13) · db2 universal database (6) · db2 (4) |
| Consumer Software▸ 5 | 81 | 34 | · | 37 | 54 | 8.6 | firefox (11) · opera browser (9) · seamonkey (5) |
| Networking Infrastructure▸ 6 | 67 | 17 | · | 27 | 64 | 7.4 | ios (11) · firewall services module (3) · fm114p (3) |
| Communications▸ 4 | 51 | 5 | · | 40 | 44 | 6.8 | mailenable (3) · communigate pro (2) · mdaemon (2) |
| Databases▸ 3 | 50 | 16 | · | 11 | 19 | 8.5 | database server (16) · application server (14) · collaboration suite (7) |
| Security Products▸ 6 | 48 | 30 | · | 28 | 58 | 7.8 | norton antivirus (3) · norton personal firewall (3) · antivirus scan engine (2) |
| OSS Libraries▸ 5 | 38 | 5 | · | 27 | 28 | 6.0 | libpng (4) · php (4) · webster http server (2) |
| Cloud & SaaS▸ 3 | 35 | 37 | · | 9 | 26 | 10.0 | brightstor arcserve backup (8) · brightstor enterprise backup (8) · brightstor arcserve backup laptops desktops (4) |
| DevTools & CI▸ 3 | 10 | 3 | · | 7 | 8 | 7.5 | unreal engine (4) · hm220dp adsl modem (1) · safedisc (1) |
| Mobile Apps▸ 2 | 7 | 2 | · | 2 | 7 | 6.0 | darwin streaming server (2) · quicktime streaming server (2) · mac os x (1) |
| ICS / OT / IoT▸ 2 | 6 | 2 | · | 3 | 6 | 6.1 | 2100 network camera (3) · 2100 network camera firmware (2) · 2400 video server (1) |
| Hardware Firmware▸ 1 | 5 | 2 | · | 3 | 7 | 7.8 | eudora (2) · qpopper (1) · wgsd-1020 (1) |
| Unclassified | 117 | 9 | · | 92 | 93 | 6.1 | gyach enhanced (7) · thatware (4) · akfingerd (3) |
Weakness × Sector
Which weaknesses hit which solution categories in October 2007
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
119Memory Buffer Bounds79XSS94Code Injection264CWE-26420Improper Input Validation22Path Traversal89SQL Injection200Information Exposure16CWE-16189CWE-189Web & CMS Plugins45559191021371722Consumer Software30121171231326Operating Systems17341544549Enterprise Software121158653422Networking Infrastructure1282710411054Communications241134112333OSS Libraries11447851414Security Products11533511261Databases1761121Cloud & SaaS922311112