month report
August 2008
Data as of Jun 11, 2026, 06:04 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
August 2008 closed with 374 published CVEs — -29.8% YoY . 62 criticals, microsoft led volume, mostly via office. Biggest breakout: microworld technologies at ×4.0 their 12-month median. Top weakness class — CWE-89 (73 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
374
— MoM-29.8% YoY
Severity mix
62 / 137
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
0.3%
1 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
6400.2
n=1
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
4958
n=1
Weakness × Vendor
What's spreading where in August 2008
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
89SQL Injection79XSS264CWE-264119Memory Buffer Bounds20Improper Input Validation399CWE-39994Code Injection22Path Traversal200Information Exposure189CWE-189microsoft21271222sun21111сообщество свободного программного обеспечения112213apple111311ibm1522redhat11121yourfreeworld10linux122canonical11debian1drupal32apache22
Most discussed CVEs — August 2008
No CVE mentions in the news this month yet.
Breakout vendors
CVE count ≥3× their own 12-period median.
- 4.0×microworld technologies4 CVE
- 4.0×canonical8 CVE
- 3.0×hotscripts3 CVE
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #7yourfreeworld10 CVE
- #15python5 CVE
- #16ruby-lang5 CVE
- #17lussumo4 CVE
- #19openfreeway4 CVE
- #20pozscripts4 CVE
- #21spacetag4 CVE
- #22turnkeywebtools4 CVE
- #24fedora3 CVE
- #25harmoni3 CVE
Top vendors
Ranked by distinct CVE count this period.
- 28 CVE22 critCVSS 8.8PoC 3office (10) · internet explorer (6) · office converter pack (5)
- 14 CVE3 critCVSS 5.1PoC 2red hat enterprise linux (5) · directory server (4) · enterprise linux desktop (3)
- 13 CVE4 critCVSS 7.3PoC 1opensolaris (6) · solaris (6) · sunos (4)
- 12 CVE1 critCVSS 6.3PoC 10debian gnu/linux (12)
- 10 CVE4 critCVSS 7.2mac os x (3) · coregraphics (2) · iphone os (1)
- 10 CVE1 critCVSS 6.1db2 universal database (7) · lotus quickr (1) · rational clearquest (1)
- 10 CVECVSS 7.5NEWPoC 10ad board script (1) · ad-exchange script (1) · banner management script (1)
- 9 CVE1 critCVSS 5.7PoC 4linux kernel (8) · ipsec tools racoon daemon (1)
- 8 CVECVSS 4.7×4.0PoC 4ubuntu linux (8)
- 7 CVECVSS 4.8PoC 4debian linux (7)
- 7 CVECVSS 5.2drupal (6) · suggested terms module (1) · upload module (1)
- 5 CVECVSS 5.1PoC 2tomcat (3) · http server (1) · openoffice (1)
- 5 CVE1 critCVSS 6.6PoC 2gentoo linux (5)
- 5 CVE2 critCVSS 8.3hp-ux (3) · linux imaging and printing project (2) · system administration manager (1)
- 5 CVECVSS 7.0NEWPoC 3python (5)
- 5 CVECVSS 6.6NEWPoC 5ruby (5)
- 4 CVECVSS 4.9NEWvanilla (4)
- 4 CVECVSS 5.5×4.0PoC 1mailscan (4)
- 4 CVECVSS 6.2NEWPoC 1freeway (4)
- 4 CVECVSS 7.5NEWPoC 3classified ads (2) · greencart php shopping cart (1) · tubeguru video sharing script (1)
- 4 CVE2 critCVSS 7.3NEWlacoodast (4)
- 4 CVECVSS 7.3NEWPoC 4php live helper (3) · sunshop shopping cart (1)
- 3 CVECVSS 4.3presenter (2) · flash player (1)
- 3 CVECVSS 6.4NEWdirectory server (3)
- 3 CVECVSS 5.1NEWPoC 1harmoni (3)
- 3 CVECVSS 5.6NEW×3.0PoC 1cyboards php lite (3)
- 3 CVECVSS 4.3NEWopenfire (3)
- 3 CVECVSS 4.5PoC 2org.apache.tomcat:tomcat (3)
- 3 CVECVSS 7.6opensuse (3)
- 3 CVE1 critCVSS 7.9openssh (3)
- 3 CVECVSS 6.3php (3)
- 3 CVE1 critCVSS 8.1NEWPoC 1download accelerator plus (2) · speedbit video accelerator (1)
- 3 CVE1 critCVSS 6.8NEWla cooda wiz (3)
- 3 CVECVSS 5.5PoC 1esx (1) · virtualcenter (1) · vmware workstation (1)
- 2 CVECVSS 8.0NEWPoC 2symphony (2)
- 2 CVECVSS 6.8NEWPoC 2article friendly (2)
- 2 CVECVSS 4.8communication manager (2) · sip enablement services (2)
- 2 CVE1 critCVSS 9.1brightstor arcserve backup (1) · desktop management suite (1) · internet security suite (1)
- 2 CVE1 critCVSS 8.4arcserve backup for laptops and desktops (1) · brightstor arcserve backup (1) · host based intrusion prevention system (1)
- 2 CVECVSS 7.5NEWPoC 2coppermine photo gallery (2)
- 2 CVECVSS 6.3NEWPoC 1crafty syntax live help (2)
- 2 CVECVSS 7.5NEWPoC 2dmcms (2)
- 2 CVECVSS 5.5NEWPoC 1acg ptp (1) · quick poll script (1)
- 2 CVECVSS 7.2fedora (2)
- 2 CVECVSS 4.6ingres (2)
- 2 CVE2 critCVSS 9.5PoC 2ws ftp home (2) · ws ftp pro (1)
- 2 CVE1 critCVSS 8.8NEWPoC 2php hosting directory (2)
- 2 CVECVSS 7.5PoC 2com ezstore (1) · com user (1)
- 2 CVECVSS 5.4NEWsupportsuite (2)
- 2 CVECVSS 5.9groupwise (1) · imanager (1)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | microsoft | 28 | 22 | · | · | PoC 3 | office (10) · internet explorer (6) · office converter pack (5) | — | |
| 2 | redhat | 14 | 3 | · | · | PoC 2 | red hat enterprise linux (5) · directory server (4) · enterprise linux desktop (3) | — | |
| 3 | sun | 13 | 4 | · | · | PoC 1 | opensolaris (6) · solaris (6) · sunos (4) | — | |
| 4 | сообщество свободного программного обеспечения | 12 | 1 | · | · | PoC 10 | debian gnu/linux (12) | — | |
| 5 | apple | 10 | 4 | · | · | mac os x (3) · coregraphics (2) · iphone os (1) | — | ||
| 6 | ibm | 10 | 1 | · | · | db2 universal database (7) · lotus quickr (1) · rational clearquest (1) | — | ||
| 7 | yourfreeworld | 10 | · | · | · | NEWPoC 10 | ad board script (1) · ad-exchange script (1) · banner management script (1) | — | |
| 8 | linux | 9 | 1 | · | · | PoC 4 | linux kernel (8) · ipsec tools racoon daemon (1) | — | |
| 9 | canonical | 8 | · | · | · | ×4.0PoC 4 | ubuntu linux (8) | — | |
| 10 | debian | 7 | · | · | · | PoC 4 | debian linux (7) | — | |
| 11 | drupal | 7 | · | · | · | drupal (6) · suggested terms module (1) · upload module (1) | — | ||
| 12 | apache | 5 | · | · | · | PoC 2 | tomcat (3) · http server (1) · openoffice (1) | — | |
| 13 | gentoo foundation inc. | 5 | 1 | · | · | PoC 2 | gentoo linux (5) | — | |
| 14 | hp | 5 | 2 | · | · | hp-ux (3) · linux imaging and printing project (2) · system administration manager (1) | — | ||
| 15 | python | 5 | · | · | · | NEWPoC 3 | python (5) | — | |
| 16 | ruby-lang | 5 | · | · | · | NEWPoC 5 | ruby (5) | — | |
| 17 | lussumo | 4 | · | · | · | NEW | vanilla (4) | — | |
| 18 | microworld technologies | 4 | · | · | · | ×4.0PoC 1 | mailscan (4) | — | |
| 19 | openfreeway | 4 | · | · | · | NEWPoC 1 | freeway (4) | — | |
| 20 | pozscripts | 4 | · | · | · | NEWPoC 3 | classified ads (2) · greencart php shopping cart (1) · tubeguru video sharing script (1) | — | |
| 21 | spacetag | 4 | 2 | · | · | NEW | lacoodast (4) | — | |
| 22 | turnkeywebtools | 4 | · | · | · | NEWPoC 4 | php live helper (3) · sunshop shopping cart (1) | — | |
| 23 | adobe | 3 | · | · | · | presenter (2) · flash player (1) | — | ||
| 24 | fedora | 3 | · | · | · | NEW | directory server (3) | — | |
| 25 | harmoni | 3 | · | · | · | NEWPoC 1 | harmoni (3) | — | |
| 26 | hotscripts | 3 | · | · | · | NEW×3.0PoC 1 | cyboards php lite (3) | — | |
| 27 | ignite realtime | 3 | · | · | · | NEW | openfire (3) | — | |
| 28 | maven | 3 | · | · | · | PoC 2 | org.apache.tomcat:tomcat (3) | — | |
| 29 | novell inc. | 3 | · | · | · | opensuse (3) | — | ||
| 30 | openbsd | 3 | 1 | · | · | openssh (3) | — | ||
| 31 | php | 3 | · | · | · | php (3) | — | ||
| 32 | speedbit | 3 | 1 | · | · | NEWPoC 1 | download accelerator plus (2) · speedbit video accelerator (1) | — | |
| 33 | system consultants | 3 | 1 | · | · | NEW | la cooda wiz (3) | — | |
| 34 | vmware | 3 | · | · | · | PoC 1 | esx (1) · virtualcenter (1) · vmware workstation (1) | — | |
| 35 | 21degrees | 2 | · | · | · | NEWPoC 2 | symphony (2) | — | |
| 36 | articlefriendly | 2 | · | · | · | NEWPoC 2 | article friendly (2) | — | |
| 37 | avaya | 2 | · | · | · | communication manager (2) · sip enablement services (2) | — | ||
| 38 | broadcom | 2 | 1 | · | · | brightstor arcserve backup (1) · desktop management suite (1) · internet security suite (1) | — | ||
| 39 | ca | 2 | 1 | · | · | arcserve backup for laptops and desktops (1) · brightstor arcserve backup (1) · host based intrusion prevention system (1) | — | ||
| 40 | coppermine-gallery | 2 | · | · | · | NEWPoC 2 | coppermine photo gallery (2) | — | |
| 41 | craftysyntax | 2 | · | · | · | NEWPoC 1 | crafty syntax live help (2) | — | |
| 42 | deeemm | 2 | · | · | · | NEWPoC 2 | dmcms (2) | — | |
| 43 | discountedscripts | 2 | · | · | · | NEWPoC 1 | acg ptp (1) · quick poll script (1) | — | |
| 44 | fedoraproject | 2 | · | · | · | fedora (2) | — | ||
| 45 | ingres | 2 | · | · | · | ingres (2) | — | ||
| 46 | ipswitch | 2 | 2 | · | · | PoC 2 | ws ftp home (2) · ws ftp pro (1) | — | |
| 47 | jnshosts | 2 | 1 | · | · | NEWPoC 2 | php hosting directory (2) | — | |
| 48 | joomla | 2 | · | · | · | PoC 2 | com ezstore (1) · com user (1) | — | |
| 49 | kayako | 2 | · | · | · | NEW | supportsuite (2) | — | |
| 50 | novell | 2 | · | · | · | groupwise (1) · imanager (1) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- Web & CMS Plugins121 CVE7 crit74 vendorsCVSS 8.0drupal (6) · la cooda wiz (3) · tomcat (3)
- Operating Systems85 CVE66 crit19 vendorsCVSS 8.8debian gnu/linux (12) · linux kernel (8) · ubuntu linux (8)
- Enterprise Software32 CVE14 crit16 vendorsCVSS 8.9db2 universal database (7) · hp-ux (3) · host based intrusion prevention system (2)
- OSS Libraries26 CVE10 vendorsCVSS 6.6python (5) · ruby (5) · php (3)
- Consumer Software23 CVE7 crit17 vendorsCVSS 8.0vlc media player (4) · winamp (2) · amarok (1)
- Communications18 CVE1 crit13 vendorsCVSS 5.8k-links (2) · postfix (2) · atmail (1)
- Security Products17 CVE6 crit14 vendorsCVSS 9.3mailscan (4) · client server messaging suite (1) · encrypted usb manager (1)
- Mobile Apps10 CVE4 crit1 vendorsCVSS 7.2mac os x (3) · coregraphics (2) · carboncore (1)
- Cloud & SaaS8 CVE2 crit5 vendorsCVSS 7.3brightstor arcserve backup (1) · desktop management suite (1) · esx (1)
- 2 crit7 vendorsCVSS 9.3openwsman (2) · series 40 (1)
- Databases6 CVE1 KEV5 vendorsCVSS 6.5ingres (4) · virtualbox (1)
- Hardware Firmware3 CVE2 crit3 vendorsCVSS 8.8phaser (1) · print wizard (1) · web print object (1)
- DevTools & CI1 CVE1 vendorsCVSS 7.5git (1)
- ICS / OT / IoT1 CVE1 vendorsCVSS 4.3bb hcm511 (1) · bb hcm515 (1) · bb hcm527 (1)
- Unclassified33 CVE3 crit24 vendorsCVSS 6.5freeway (5) · lacoodast (4) · harmoni (3)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Web & CMS Plugins▸ 5 | 121 | 7 | · | 74 | 102 | 8.0 | drupal (6) · la cooda wiz (3) · tomcat (3) |
| Operating Systems▸ 3 | 85 | 66 | · | 19 | 58 | 8.8 | debian gnu/linux (12) · linux kernel (8) · ubuntu linux (8) |
| Enterprise Software▸ 6 | 32 | 14 | · | 16 | 33 | 8.9 | db2 universal database (7) · hp-ux (3) · host based intrusion prevention system (2) |
| OSS Libraries▸ 3 | 26 | · | · | 10 | 11 | 6.6 | python (5) · ruby (5) · php (3) |
| Consumer Software▸ 5 | 23 | 7 | · | 17 | 19 | 8.0 | vlc media player (4) · winamp (2) · amarok (1) |
| Communications▸ 3 | 18 | 1 | · | 13 | 14 | 5.8 | k-links (2) · postfix (2) · atmail (1) |
| Security Products▸ 4 | 17 | 6 | · | 14 | 18 | 9.3 | mailscan (4) · client server messaging suite (1) · encrypted usb manager (1) |
| Mobile Apps▸ 1 | 10 | 4 | · | 1 | 9 | 7.2 | mac os x (3) · coregraphics (2) · carboncore (1) |
| Cloud & SaaS▸ 2 | 8 | 2 | · | 5 | 11 | 7.3 | brightstor arcserve backup (1) · desktop management suite (1) · esx (1) |
| Networking Infrastructure▸ 4 | 7 | 2 | · | 7 | 7 | 9.3 | openwsman (2) · series 40 (1) |
| Databases▸ 2 | 6 | · | 1 | 5 | 3 | 6.5 | ingres (4) · virtualbox (1) |
| Hardware Firmware▸ 1 | 3 | 2 | · | 3 | 4 | 8.8 | phaser (1) · print wizard (1) · web print object (1) |
| DevTools & CI▸ 1 | 1 | · | · | 1 | 1 | 7.5 | git (1) |
| ICS / OT / IoT▸ 1 | 1 | · | · | 1 | 8 | 4.3 | bb hcm511 (1) · bb hcm515 (1) · bb hcm527 (1) |
| Unclassified | 33 | 3 | · | 24 | 24 | 6.5 | freeway (5) · lacoodast (4) · harmoni (3) |
Weakness × Sector
Which weaknesses hit which solution categories in August 2008
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
89SQL Injection79XSS264CWE-264119Memory Buffer Bounds20Improper Input Validation399CWE-39994Code Injection22Path Traversal200Information Exposure189CWE-189Web & CMS Plugins6027822101511Operating Systems378613245Consumer Software152491082OSS Libraries174652231Enterprise Software3512121Communications252312Security Products222221Databases16311Networking Infrastructure213112Cloud & SaaS11211