CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CVSS Score Distribution For Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities

Vendor Name Number of Total Vulnerabilities # Of Vulnerabilities Weighted Average % Of Total
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+ 0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+
1 Microsoft 3671 2 5 144 17 410 655 188 836 21 1393 7.80 0 0 4 0 11 18 5 23 1 38
2 Oracle 2466 2 44 123 194 695 512 236 231 9 420 6.30 0 2 5 8 28 21 10 9 0 17
3 Apple 2430 1 40 147 28 368 329 518 415 9 575 7.10 0 2 6 1 15 14 21 17 0 24
4 IBM 2264 2 35 99 195 583 409 223 385 17 316 6.40 0 2 4 9 26 18 10 17 1 14
5 Cisco 1936 1 2 28 20 292 428 227 671 26 241 7.10 0 0 1 1 15 22 12 35 1 12
6 SUN 1601 3 25 105 35 304 278 118 419 3 311 6.90 0 2 7 2 19 17 7 26 0 19
7 Mozilla 1381 4 68 6 252 261 120 171 1 498 7.40 0 0 5 0 18 19 9 12 0 36
8 Linux 1271 1 79 206 36 430 111 124 255 3 26 5.50 0 6 16 3 34 9 10 20 0 2
9 HP 1171 1 9 46 19 223 154 88 297 19 315 7.30 0 1 4 2 19 13 8 25 2 27
10 Google 1149 3 8 2 119 226 127 455 1 208 7.50 0 0 1 0 10 20 11 40 0 18
11 Adobe 1104 18 2 105 68 39 67 805 8.90 0 0 2 0 10 6 4 6 0 73
12 Redhat 934 38 113 38 185 179 107 201 4 69 6.00 0 4 12 4 20 19 11 22 0 7
13 Apache 576 5 31 14 160 200 56 78 32 6.10 0 1 5 2 28 35 10 14 0 6
14 Novell 546 1 10 24 7 97 132 42 109 124 7.00 0 2 4 1 18 24 8 20 0 23
15 PHP 400 21 6 56 124 57 105 31 6.70 0 0 5 2 14 31 14 26 0 8
16 Symantec 374 3 16 9 70 70 38 93 3 72 7.00 0 1 4 2 19 19 10 25 1 19
17 GNU 359 1 8 34 24 54 90 41 80 27 6.20 0 2 9 7 15 25 11 22 0 8
18 Freebsd 319 7 41 9 53 58 24 102 25 6.30 0 2 13 3 17 18 8 32 0 8
19 Debian 308 7 42 12 42 50 39 85 1 30 6.40 0 2 14 4 14 16 13 28 0 10
20 Joomla 308 1 2 46 42 39 168 10 7.20 0 0 0 1 15 14 13 55 0 3
21 Wireshark 290 24 32 66 125 7 14 3 19 5.70 0 0 8 11 23 43 2 5 1 7
22 Drupal 282 13 50 83 51 38 40 2 5 5.70 0 0 5 18 29 18 13 14 1 2
23 Mysql 259 3 20 25 114 34 24 25 3 11 5.60 0 1 8 10 44 13 9 10 1 4
24 Moodle 256 5 15 112 63 37 17 7 5.80 0 0 2 6 44 25 14 7 0 3
25 SGI 252 2 25 4 20 54 11 96 40 7.00 0 1 10 2 8 21 4 38 0 16
26 Wordpress 242 10 6 90 48 34 42 1 11 6.10 0 0 4 2 37 20 14 17 0 5
27 Opera 232 5 70 83 21 8 45 6.60 0 0 2 0 30 36 9 3 0 19
28 Openbsd 224 3 18 6 30 62 12 62 1 30 6.70 0 1 8 3 13 28 5 28 0 13
29 Suse 222 2 30 23 38 13 85 31 6.80 0 1 14 0 10 17 6 38 0 14
30 SAP 216 1 3 42 73 15 52 30 6.90 0 0 0 1 19 34 7 24 0 14
31 Vmware 211 3 10 6 37 30 34 47 5 39 7.00 0 1 5 3 18 14 16 22 2 18
32 EMC 207 1 10 7 38 34 24 38 12 43 7.10 0 0 5 3 18 16 12 18 6 21
33 Realnetworks 203 1 5 10 31 6 28 122 8.60 0 0 2 0 5 15 3 14 0 60
34 CA 200 1 7 34 32 10 49 1 66 7.60 0 1 4 0 17 16 5 25 1 33
35 Ffmpeg 183 1 2 23 11 46 22 78 8.00 0 1 1 0 13 6 25 12 0 43
36 Typo3 174 3 13 54 26 13 59 1 5 6.40 0 0 2 7 31 15 7 34 1 3
37 BEA 172 2 14 2 30 61 18 38 7 6.20 0 1 8 1 17 35 10 22 0 4
38 Gentoo 164 5 22 2 9 33 17 45 31 6.80 0 3 13 1 5 20 10 27 0 19
39 Mcafee 161 2 13 7 44 24 19 37 3 12 6.30 0 1 8 4 27 15 12 23 2 7
40 Canonical 155 8 8 3 55 28 30 16 1 6 5.80 0 5 5 2 35 18 19 10 1 4
41 Netbsd 155 4 28 3 27 24 10 43 16 6.20 0 3 18 2 17 15 6 28 0 10
42 Phpmyadmin 149 7 21 49 31 17 20 1 3 5.70 0 0 5 14 33 21 11 13 1 2
43 KDE 143 1 10 27 29 18 48 10 6.70 0 1 7 0 19 20 13 34 0 7
44 Mandrakesoft 140 13 23 1 9 25 3 54 1 11 6.20 0 9 16 1 6 18 2 39 1 8
45 Citrix 135 4 8 1 19 34 16 26 27 6.90 0 3 6 1 14 25 12 19 0 20
46 Siemens 132 1 1 3 27 26 13 33 8 20 7.10 0 1 1 2 20 20 10 25 6 15
47 SCO 127 3 10 3 20 21 3 53 14 6.80 0 2 8 2 16 17 2 42 0 11
48 XEN 125 13 10 5 43 24 17 11 2 5.30 0 10 8 4 34 19 14 9 2 0
49 Gnome 124 3 13 7 21 21 24 26 9 6.20 0 2 10 6 17 17 19 21 0 7
50 Openstack 121 3 16 14 44 30 7 6 1 5.10 0 2 13 12 36 25 6 5 0 1

Vendor(s) with highest weighted average (8.90): Adobe  

Weighted average = SUM((Cvss Range (e.g: 2 for range 1-2 )) * (Number of vulnerabilities in that range)) / (Total number of vulnerabilities)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.