month report
March 2011
Data as of Jun 11, 2026, 06:04 UTCSnapshot v1 Sources CVEList V5+NVD+GHSA+CSAF+FSTEC BDU+CISA KEV+EPSS+Nuclei templates Methodology →
March 2011 closed with 356 published CVEs. 26 criticals, apple led volume, mostly via itunes. Top weakness class — CWE-119 (80 CVE). 10 vendors cracked the top-100 for the first time.
Total CVEs
356
— MoM— YoY
Severity mix
26 / 112
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
2.0%
7 CVEs with templates
Time to exploit
How fast the community ships detection after a CVE drops.
Days → Nuclei (median)
5471.1
n=7
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
4103
n=1
Detection gap
KEV pressure, no Nuclei coverage
March 2011 · vendors with active exploitation listed by CISA but no public detection template.
- KEV 1google52 CVE
Weakness × Vendor
What's spreading where in March 2011
Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.
119Memory Buffer Bounds20Improper Input Validation399CWE-399264CWE-26479XSS189CWE-189200Information Exposure89SQL Injection287Improper Authentication22Path Traversalapple581243173google2103ibm131042112otrs6922сообщество свободного программного обеспечения5221311php2123red hat inc.24311mozilla4121gentoo foundation inc.2231canonical ltd.2112php group2112wireshark231
Most discussed CVEs — March 2011
No CVE mentions in the news this month yet.
First time in top-100
Vendors never in top-100 in the prior 24 periods.
- #4otrs25 CVE
- #11php group8 CVE
- #13gentoo6 CVE
- #22gplhost4 CVE
- #23t1lib4 CVE
- #25digium3 CVE
- #30openldap3 CVE
- #31ruby-lang3 CVE
- #33alcatel-lucent2 CVE
- #34balbir singh2 CVE
Top vendors
Ranked by distinct CVE count this period.
- 100 CVE4 critCVSS 6.8PoC 5itunes (62) · webkit (56) · iphone os (23)
- 52 CVE1 critCVSS 6.9KEV 1PoC 15chrome (50) · chrome os (1) · picasa (1)
- 30 CVE2 critCVSS 5.2PoC 1websphere application server (16) · lotus quickr (9) · lotus domino (2)
- 25 CVECVSS 4.7NEWPoC 4otrs (25)
- 21 CVE1 critCVSS 5.3Nuclei 1PoC 6debian gnu/linux (21)
- 20 CVECVSS 4.7PoC 6red hat enterprise linux (17) · enterprise linux workstation (2) · enterprise linux server (2)
- 15 CVECVSS 5.0PoC 6php (13) · pear (2)
- 13 CVECVSS 5.2Nuclei 1PoC 8ubuntu (8) · ubuntu linux (5)
- 12 CVE8 critCVSS 8.7firefox (12) · seamonkey (10) · thunderbird (4)
- 8 CVE1 critCVSS 6.0PoC 1gentoo linux (8)
- 8 CVECVSS 4.9NEWPoC 5php (8)
- 8 CVE1 critCVSS 5.6PoC 3wireshark (8)
- 6 CVECVSS 4.9NEWlogrotate (6)
- 6 CVE1 critCVSS 5.0client automation enterprise (1) · diagnostics (1) · discovery\&dependency mapping inventory (1)
- 6 CVE3 critCVSS 8.2internet explorer (3) · windows vista (3) · windows 7 (3)
- 5 CVECVSS 6.2Nuclei 1PoC 2debian linux (5) · tex-common (1)
- 5 CVECVSS 5.0PoC 2linux kernel (5)
- 5 CVECVSS 5.7PoC 4opensuse leap (4) · suse linux enterprise (1)
- 4 CVECVSS 4.9xpdf (4)
- 4 CVECVSS 3.0PoC 1freebsd (4)
- 4 CVECVSS 4.9xpdfreader (4)
- 4 CVECVSS 5.4NEWdomain technologie control (4)
- 4 CVECVSS 4.9NEWt1lib (4)
- 3 CVECVSS 5.3tomcat (2) · subversion (1)
- 3 CVECVSS 6.1NEWasterisk (3) · asterisknow (1) · s800i (1)
- 3 CVECVSS 6.4avamar (2) · data protection advisor collector (1)
- 3 CVECVSS 5.6PoC 1glibc (2) · gnu patch (1)
- 3 CVECVSS 5.7lightneasy (3)
- 3 CVE2 critCVSS 8.6PoC 1netware (1) · opensuse factory (1) · vibe onprem (1)
- 3 CVECVSS 5.5NEWPoC 1openldap (3)
- 3 CVECVSS 6.0NEWruby (3)
- 3 CVECVSS 6.3PoC 2liveupdate administrator (2) · altiris notification server (1) · altiris deployment solution (1)
- 2 CVECVSS 4.5NEWomnipcx (1) · omnivista (1)
- 2 CVECVSS 4.7NEWlibcgroup (2)
- 2 CVECVSS 5.5NEWPoC 2blog\ (2)
- 2 CVECVSS 4.3NEWe107 (2)
- 2 CVECVSS 4.5Nuclei 1PoC 2fedora (2)
- 2 CVECVSS 6.8NEWgdm (1) · pango (1)
- 2 CVECVSS 5.0NEWmahara (2)
- 2 CVECVSS 5.9NEWPoC 2s-cms (2)
- 2 CVECVSS 5.8org.apache.tomcat:tomcat (2)
- 2 CVECVSS 4.0PoC 1netbsd (2)
- 2 CVECVSS 4.0NEWPoC 1openbsd (2) · openssh (1)
- 2 CVECVSS 5.9KEV 1Nuclei 1PoC 1opensuse (2)
- 2 CVECVSS 5.5loggerhead (1) · pywebdav (1)
- 2 CVECVSS 5.0NEWquagga (2)
- 2 CVE1 critCVSS 7.5blackberry torch 9800 (2) · blackberry torch 9800 firmware (2)
- 2 CVECVSS 5.0NEWrsync (1) · samba (1)
- 2 CVECVSS 5.9KEV 1Nuclei 1PoC 1linux enterprise (1) · linux enterprise server (1)
- 2 CVE2 critCVSS 9.3NEWPoC 1vlc media player (2)
| # | Vendor | CVEs | Crit | KEV | Nuclei | Signals | Top products | Δ | |
|---|---|---|---|---|---|---|---|---|---|
| 1 | apple | 100 | 4 | · | · | PoC 5 | itunes (62) · webkit (56) · iphone os (23) | — | |
| 2 | 52 | 1 | 1 | · | KEV 1PoC 15 | chrome (50) · chrome os (1) · picasa (1) | — | ||
| 3 | ibm | 30 | 2 | · | · | PoC 1 | websphere application server (16) · lotus quickr (9) · lotus domino (2) | — | |
| 4 | otrs | 25 | · | · | · | NEWPoC 4 | otrs (25) | — | |
| 5 | сообщество свободного программного обеспечения | 21 | 1 | · | 1 | Nuclei 1PoC 6 | debian gnu/linux (21) | — | |
| 6 | redhat | 20 | · | · | · | PoC 6 | red hat enterprise linux (17) · enterprise linux workstation (2) · enterprise linux server (2) | — | |
| 7 | php | 15 | · | · | · | PoC 6 | php (13) · pear (2) | — | |
| 8 | canonical | 13 | · | · | 1 | Nuclei 1PoC 8 | ubuntu (8) · ubuntu linux (5) | — | |
| 9 | mozilla | 12 | 8 | · | · | firefox (12) · seamonkey (10) · thunderbird (4) | — | ||
| 10 | gentoo foundation inc. | 8 | 1 | · | · | PoC 1 | gentoo linux (8) | — | |
| 11 | php group | 8 | · | · | · | NEWPoC 5 | php (8) | — | |
| 12 | wireshark | 8 | 1 | · | · | PoC 3 | wireshark (8) | — | |
| 13 | gentoo | 6 | · | · | · | NEW | logrotate (6) | — | |
| 14 | hp | 6 | 1 | · | · | client automation enterprise (1) · diagnostics (1) · discovery\&dependency mapping inventory (1) | — | ||
| 15 | microsoft | 6 | 3 | · | · | internet explorer (3) · windows vista (3) · windows 7 (3) | — | ||
| 16 | debian | 5 | · | · | 1 | Nuclei 1PoC 2 | debian linux (5) · tex-common (1) | — | |
| 17 | linux | 5 | · | · | · | PoC 2 | linux kernel (5) | — | |
| 18 | novell inc. | 5 | · | · | · | PoC 4 | opensuse leap (4) · suse linux enterprise (1) | — | |
| 19 | foolabs | 4 | · | · | · | xpdf (4) | — | ||
| 20 | freebsd | 4 | · | · | · | PoC 1 | freebsd (4) | — | |
| 21 | glyphandcog | 4 | · | · | · | xpdfreader (4) | — | ||
| 22 | gplhost | 4 | · | · | · | NEW | domain technologie control (4) | — | |
| 23 | t1lib | 4 | · | · | · | NEW | t1lib (4) | — | |
| 24 | apache | 3 | · | · | · | tomcat (2) · subversion (1) | — | ||
| 25 | digium | 3 | · | · | · | NEW | asterisk (3) · asterisknow (1) · s800i (1) | — | |
| 26 | emc | 3 | · | · | · | avamar (2) · data protection advisor collector (1) | — | ||
| 27 | gnu | 3 | · | · | · | PoC 1 | glibc (2) · gnu patch (1) | — | |
| 28 | lightneasy | 3 | · | · | · | lightneasy (3) | — | ||
| 29 | novell | 3 | 2 | · | · | PoC 1 | netware (1) · opensuse factory (1) · vibe onprem (1) | — | |
| 30 | openldap | 3 | · | · | · | NEWPoC 1 | openldap (3) | — | |
| 31 | ruby-lang | 3 | · | · | · | NEW | ruby (3) | — | |
| 32 | symantec | 3 | · | · | · | PoC 2 | liveupdate administrator (2) · altiris notification server (1) · altiris deployment solution (1) | — | |
| 33 | alcatel-lucent | 2 | · | · | · | NEW | omnipcx (1) · omnivista (1) | — | |
| 34 | balbir singh | 2 | · | · | · | NEW | libcgroup (2) | — | |
| 35 | blogcms | 2 | · | · | · | NEWPoC 2 | blog\ (2) | — | |
| 36 | e107 | 2 | · | · | · | NEW | e107 (2) | — | |
| 37 | fedoraproject | 2 | · | · | 1 | Nuclei 1PoC 2 | fedora (2) | — | |
| 38 | gnome | 2 | · | · | · | NEW | gdm (1) · pango (1) | — | |
| 39 | mahara | 2 | · | · | · | NEW | mahara (2) | — | |
| 40 | matteoiammarrone | 2 | · | · | · | NEWPoC 2 | s-cms (2) | — | |
| 41 | maven | 2 | · | · | · | org.apache.tomcat:tomcat (2) | — | ||
| 42 | netbsd | 2 | · | · | · | PoC 1 | netbsd (2) | — | |
| 43 | openbsd | 2 | · | · | · | NEWPoC 1 | openbsd (2) · openssh (1) | — | |
| 44 | opensuse | 2 | · | 1 | 1 | KEV 1Nuclei 1PoC 1 | opensuse (2) | — | |
| 45 | pypi | 2 | · | · | · | loggerhead (1) · pywebdav (1) | — | ||
| 46 | quagga | 2 | · | · | · | NEW | quagga (2) | — | |
| 47 | rim | 2 | 1 | · | · | blackberry torch 9800 (2) · blackberry torch 9800 firmware (2) | — | ||
| 48 | samba | 2 | · | · | · | NEW | rsync (1) · samba (1) | — | |
| 49 | suse | 2 | · | 1 | 1 | KEV 1Nuclei 1PoC 1 | linux enterprise (1) · linux enterprise server (1) | — | |
| 50 | videolan | 2 | 2 | · | · | NEWPoC 1 | vlc media player (2) | — |
Sectors
Solution categories ranked by distinct CVE count this period.
- Mobile Apps152 CVE5 crit1 KEV2 vendorsCVSS 6.9itunes (62) · webkit (56) · iphone os (23)
- Operating Systems72 CVE12 crit2 KEV27 vendorsCVSS 8.2debian gnu/linux (21) · red hat enterprise linux (17) · gentoo linux (8)
- Enterprise Software70 CVE8 crit10 vendorsCVSS 6.7otrs (25) · websphere application server (16) · lotus quickr (9)
- OSS Libraries33 CVE11 vendorsCVSS 5.8php (21) · t1lib (4) · xpdf (4)
- Consumer Software21 CVE21 crit5 KEV7 vendorsCVSS 9.3firefox (13) · seamonkey (10) · thunderbird (4)
- Web & CMS Plugins20 CVE15 vendorsCVSS 7.5e107 (2) · s-cms (2) · tomcat (2)
- Security Products18 CVE1 crit5 vendorsCVSS 6.3wireshark (8)
- Communications10 CVE7 vendorsCVSS 6.8asterisk (3) · asterisknow (1) · omnipcx (1)
- 7 vendorsCVSS 6.8quagga (2) · nac guest server (1) · nac guest server software (1)
- Cloud & SaaS4 CVE2 vendorsCVSS 5.7lightneasy (3)
- DevTools & CI1 CVE1 vendorsCVSS 5.0cgit (1)
- Databases1 CVE1 vendorsCVSS 7.2solaris sparc (1)
- ICS / OT / IoT1 CVE1 crit1 vendorsCVSS 9.3scanserver activex control (1)
- Unclassified10 CVE6 vendorsCVSS 5.5domain technologie control (4) · blog\ (2) · insite (1)
| Sector | CVEs | Crit | KEV | Vendors | Products | Avg CVSS | Top products |
|---|---|---|---|---|---|---|---|
| Mobile Apps▸ 2 | 152 | 5 | 1 | 2 | 17 | 6.9 | itunes (62) · webkit (56) · iphone os (23) |
| Operating Systems▸ 3 | 72 | 12 | 2 | 27 | 49 | 8.2 | debian gnu/linux (21) · red hat enterprise linux (17) · gentoo linux (8) |
| Enterprise Software▸ 4 | 70 | 8 | · | 10 | 37 | 6.7 | otrs (25) · websphere application server (16) · lotus quickr (9) |
| OSS Libraries▸ 3 | 33 | · | · | 11 | 13 | 5.8 | php (21) · t1lib (4) · xpdf (4) |
| Consumer Software▸ 4 | 21 | 21 | 5 | 7 | 11 | 9.3 | firefox (13) · seamonkey (10) · thunderbird (4) |
| Web & CMS Plugins▸ 5 | 20 | · | · | 15 | 17 | 7.5 | e107 (2) · s-cms (2) · tomcat (2) |
| Security Products▸ 3 | 18 | 1 | · | 5 | 9 | 6.3 | wireshark (8) |
| Communications▸ 3 | 10 | · | · | 7 | 11 | 6.8 | asterisk (3) · asterisknow (1) · omnipcx (1) |
| Networking Infrastructure▸ 4 | 8 | · | · | 7 | 10 | 6.8 | quagga (2) · nac guest server (1) · nac guest server software (1) |
| Cloud & SaaS▸ 1 | 4 | · | · | 2 | 3 | 5.7 | lightneasy (3) |
| DevTools & CI▸ 1 | 1 | · | · | 1 | 1 | 5.0 | cgit (1) |
| Databases▸ 1 | 1 | · | · | 1 | 1 | 7.2 | solaris sparc (1) |
| ICS / OT / IoT▸ 1 | 1 | 1 | · | 1 | 1 | 9.3 | scanserver activex control (1) |
| Unclassified | 10 | · | · | 6 | 6 | 5.5 | domain technologie control (4) · blog\ (2) · insite (1) |
Weakness × Sector
Which weaknesses hit which solution categories in March 2011
Cells shaded by share of the sector's hottest weakness. Click a row to open the sector history.
119Memory Buffer Bounds20Improper Input Validation399CWE-399264CWE-26479XSS189CWE-189200Information Exposure89SQL Injection287Improper Authentication22Path TraversalOperating Systems64171213110513Consumer Software591663213Enterprise Software210101581524OSS Libraries635315111Web & CMS Plugins8143Networking Infrastructure215121Communications3211111Security Products1111Cloud & SaaS12DevTools & CI1