CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CVSS Score Distribution For Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities

Vendor Name Number of Total Vulnerabilities # Of Vulnerabilities Weighted Average % Of Total
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+ 0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+
1 Microsoft 3101 2 5 142 15 357 626 157 784 19 994 7.60 0 0 5 0 12 20 5 25 1 32
2 Apple 2003 1 21 115 16 302 282 373 387 8 498 7.20 0 1 6 1 15 14 19 19 0 25
3 Oracle 1819 2 36 92 139 472 358 180 191 7 342 6.40 0 2 5 8 26 20 10 11 0 19
4 IBM 1592 2 26 69 57 369 293 146 339 9 282 6.70 0 2 4 4 23 18 9 21 1 18
5 SUN 1478 3 25 98 31 274 248 105 405 3 286 6.90 0 2 7 2 19 17 7 27 0 19
6 Cisco 1273 1 2 27 17 107 266 99 538 15 201 7.40 0 0 2 1 8 21 8 42 1 16
7 Mozilla 1174 3 65 6 210 230 93 153 414 7.40 0 0 6 1 18 20 8 13 0 35
8 Linux 1053 1 74 186 29 334 88 88 227 3 23 5.40 0 7 18 3 32 8 8 22 0 2
9 HP 973 1 7 39 13 186 133 74 251 14 255 7.30 0 1 4 1 19 14 8 26 1 26
10 Adobe 932 18 1 96 57 34 46 680 8.90 0 0 2 0 10 6 4 5 0 73
11 Google 906 3 8 1 101 185 95 320 193 7.50 0 0 1 0 11 20 10 35 0 21
12 Redhat 674 28 93 21 114 116 65 172 2 63 6.20 0 4 14 3 17 17 10 26 0 9
13 Novell 439 1 3 14 5 68 116 28 88 116 7.20 0 1 3 1 15 26 6 20 0 26
14 Apache 434 5 23 9 117 160 40 59 21 6.00 0 1 5 2 27 37 9 14 0 5
15 PHP 360 20 4 44 111 49 101 31 6.70 0 0 6 1 12 31 14 28 0 9
16 Symantec 329 3 11 9 55 65 32 80 2 72 7.10 0 1 3 3 17 20 10 24 1 22
17 GNU 299 1 7 30 18 48 71 32 72 20 6.20 0 2 10 6 16 24 11 24 0 7
18 Joomla 295 1 2 39 41 38 164 10 7.20 0 0 0 1 13 14 13 56 0 3
19 Freebsd 292 7 39 8 44 52 21 97 24 6.40 0 2 13 3 15 18 7 33 0 8
20 Debian 265 6 39 7 37 45 20 80 1 30 6.40 0 2 15 3 14 17 8 30 0 11
21 SGI 252 2 25 4 20 54 11 96 40 7.00 0 1 10 2 8 21 4 38 0 16
22 Drupal 235 9 32 72 45 32 38 2 5 5.90 0 0 4 14 31 19 14 16 1 2
23 Opera 229 5 67 82 22 8 45 6.60 0 0 2 0 29 36 10 3 0 20
24 Suse 215 2 30 21 38 13 81 30 6.80 0 1 14 0 10 18 6 38 0 14
25 Wireshark 212 23 32 51 69 8 9 3 17 5.60 0 0 11 15 24 33 4 4 1 8
26 Mysql 210 3 14 19 89 30 20 22 2 11 5.70 0 1 7 9 42 14 10 10 1 5
27 Openbsd 207 3 16 6 28 55 9 59 1 30 6.70 0 1 8 3 14 27 4 29 0 14
28 Realnetworks 196 1 5 9 31 6 27 117 8.60 0 1 3 0 5 16 3 14 0 60
29 Wordpress 194 8 4 66 43 24 37 1 11 6.20 0 0 4 2 34 22 12 19 1 6
30 CA 188 1 7 30 30 6 47 1 66 7.70 0 1 4 0 16 16 3 25 1 35
31 Vmware 185 3 10 5 29 27 29 42 5 35 7.00 0 2 5 3 16 15 16 23 3 19
32 Moodle 184 4 9 72 49 30 13 7 5.90 0 0 2 5 39 27 16 7 0 4
33 BEA 172 2 14 2 30 61 18 38 7 6.20 0 1 8 1 17 35 10 22 0 4
34 Gentoo 157 5 21 2 8 31 15 45 30 6.80 0 3 13 1 5 20 10 29 0 19
35 Typo3 150 2 8 46 20 9 59 1 5 6.50 0 0 1 5 31 13 6 39 1 3
36 Netbsd 149 4 28 3 27 20 10 41 16 6.20 0 3 19 2 18 13 7 28 0 11
37 Mandrakesoft 140 13 23 1 9 25 3 54 1 11 6.20 0 9 16 1 6 18 2 39 1 8
38 KDE 136 1 10 25 27 16 47 10 6.70 0 1 7 0 18 20 12 35 0 7
39 SCO 127 3 10 3 20 21 3 53 14 6.80 0 2 8 2 16 17 2 42 0 11
40 EMC 122 6 4 20 11 14 29 4 34 7.40 0 0 5 3 16 9 11 24 3 28
41 Mcafee 122 2 5 4 34 20 11 34 2 10 6.50 0 2 4 3 28 16 9 28 2 8
42 Netscape 119 11 3 8 47 4 32 14 6.60 0 0 9 3 7 39 3 27 0 12
43 Phpmyadmin 119 7 6 41 26 15 20 1 3 6.00 0 0 6 5 34 22 13 17 1 3
44 Macromedia 118 5 1 7 42 3 26 34 7.40 0 0 4 1 6 36 3 22 0 29
45 Gnome 117 3 12 6 17 21 23 26 9 6.30 0 3 10 5 15 18 20 22 0 8
46 ISC 113 4 2 15 35 7 31 1 18 7.00 0 0 4 2 13 31 6 27 1 16
47 SAP 113 25 28 9 27 24 7.20 0 0 0 0 22 25 8 24 0 21
48 Mambo 109 2 8 5 20 67 7 7.50 0 0 2 0 7 5 18 61 0 6
49 Ethereal Group 109 1 72 1 27 8 6.80 0 0 0 0 1 66 1 25 0 7
50 Trend Micro 108 1 8 26 6 30 37 7.90 0 1 0 0 7 24 6 28 0 34

Vendor(s) with highest weighted average (8.90): Adobe  

Weighted average = SUM((Cvss Range (e.g: 2 for range 1-2 )) * (Number of vulnerabilities in that range)) / (Total number of vulnerabilities)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.