CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CVSS Score Distribution For Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities

Vendor Name Number of Total Vulnerabilities # Of Vulnerabilities Weighted Average % Of Total
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+ 0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+
1 Microsoft 3785 2 8 146 20 432 660 192 848 22 1455 7.80 0 0 4 1 11 17 5 22 1 38
2 Oracle 2581 2 45 125 212 745 527 250 239 9 427 6.30 0 2 5 8 29 20 10 9 0 17
3 Apple 2509 1 41 150 28 375 338 544 430 9 593 7.10 0 2 6 1 15 13 22 17 0 24
4 IBM 2384 2 38 106 225 621 432 229 393 18 320 6.30 0 2 4 9 26 18 10 16 1 13
5 Cisco 2061 1 2 28 21 329 460 246 704 26 244 7.10 0 0 1 1 16 22 12 34 1 12
6 SUN 1616 3 26 106 36 310 280 119 422 3 311 6.90 0 2 7 2 19 17 7 26 0 19
7 Mozilla 1412 4 68 6 259 266 130 180 1 498 7.40 0 0 5 0 18 19 9 13 0 35
8 Linux 1298 1 79 212 37 433 114 126 264 3 29 5.50 0 6 16 3 33 9 10 20 0 2
9 Google 1219 3 7 2 126 241 132 498 1 209 7.50 0 0 1 0 10 20 11 41 0 17
10 HP 1190 1 9 46 19 225 157 89 298 19 327 7.40 0 1 4 2 19 13 7 25 2 27
11 Adobe 1147 18 2 105 71 39 66 1 845 9.00 0 0 2 0 9 6 3 6 0 74
12 Redhat 964 38 115 43 190 183 115 205 4 71 6.00 0 4 12 4 20 19 12 21 0 7
13 Apache 593 5 31 14 163 211 58 79 32 6.10 0 1 5 2 27 36 10 13 0 5
14 Novell 585 1 11 26 7 103 148 46 117 126 6.90 0 2 4 1 18 25 8 20 0 22
15 PHP 419 21 6 57 128 58 118 31 6.70 0 0 5 1 14 31 14 28 0 7
16 Symantec 384 3 16 10 71 71 40 96 3 74 7.00 0 1 4 3 18 18 10 25 1 19
17 GNU 369 1 9 35 24 55 94 41 82 28 6.20 0 2 9 7 15 25 11 22 0 8
18 Debian 333 7 46 13 50 54 42 89 2 30 6.30 0 2 14 4 15 16 13 27 1 9
19 Freebsd 325 7 41 9 54 60 24 105 25 6.30 0 2 13 3 17 18 7 32 0 8
20 Joomla 307 1 2 45 42 39 168 10 7.20 0 0 0 1 15 14 13 55 0 3
21 Wireshark 302 24 32 66 137 7 14 3 19 5.70 0 0 8 11 22 45 2 5 1 6
22 Drupal 282 13 50 83 51 38 40 2 5 5.70 0 0 5 18 29 18 13 14 1 2
23 Mysql 259 3 20 25 114 34 24 25 3 11 5.60 0 1 8 10 44 13 9 10 1 4
24 Moodle 256 5 15 112 63 37 17 7 5.80 0 0 2 6 44 25 14 7 0 3
25 SGI 252 2 25 4 20 54 11 96 40 7.00 0 1 10 2 8 21 4 38 0 16
26 Wordpress 242 10 6 90 48 34 42 1 11 6.10 0 0 4 2 37 20 14 17 0 5
27 Opera 232 4 71 83 21 8 45 6.60 0 0 2 0 31 36 9 3 0 19
28 EMC 229 1 12 9 44 38 27 42 12 44 7.00 0 0 5 4 19 17 12 18 5 19
29 Suse 226 2 30 23 38 14 87 32 6.90 0 1 13 0 10 17 6 38 0 14
30 SAP 226 1 3 44 76 17 53 32 6.90 0 0 0 1 19 34 8 23 0 14
31 Openbsd 225 3 18 6 30 62 12 63 1 30 6.70 0 1 8 3 13 28 5 28 0 13
32 Vmware 215 3 10 8 38 30 35 47 5 39 6.90 0 1 5 4 18 14 16 22 2 18
33 Realnetworks 205 1 5 10 31 6 29 123 8.60 0 0 2 0 5 15 3 14 0 60
34 CA 200 1 7 34 32 10 49 1 66 7.60 0 1 4 0 17 16 5 25 1 33
35 Canonical 198 8 9 5 64 35 36 32 2 7 6.00 0 4 5 3 32 18 18 16 1 4
36 Ffmpeg 189 1 2 23 11 47 27 78 8.00 0 1 1 0 12 6 25 14 0 41
37 Typo3 177 4 13 55 26 13 60 1 5 6.40 0 0 2 7 31 15 7 34 1 3
38 Mcafee 173 2 13 10 48 25 23 37 3 12 6.20 0 1 8 6 28 14 13 21 2 7
39 BEA 172 2 14 2 30 61 18 38 7 6.20 0 1 8 1 17 35 10 22 0 4
40 Gentoo 166 5 22 2 9 33 18 45 32 6.80 0 3 13 1 5 20 11 27 0 19
41 Netbsd 155 4 28 3 27 24 10 43 16 6.20 0 3 18 2 17 15 6 28 0 10
42 Siemens 153 3 5 3 30 29 17 36 8 22 6.90 0 2 3 2 20 19 11 24 5 14
43 Phpmyadmin 152 7 23 49 32 17 20 1 3 5.70 0 0 5 15 32 21 11 13 1 2
44 KDE 146 1 10 29 30 18 48 10 6.60 0 1 7 0 20 21 12 33 0 7
45 Mandrakesoft 140 13 23 1 9 25 3 54 1 11 6.20 0 9 16 1 6 18 2 39 1 8
46 Citrix 137 4 8 1 19 35 16 27 27 6.90 0 3 6 1 14 26 12 20 0 20
47 XEN 136 14 13 5 48 24 17 13 2 5.20 0 10 10 4 35 18 13 10 1 0
48 Gnome 128 3 13 7 21 21 25 29 9 6.30 0 2 10 5 16 16 20 23 0 7
49 SCO 127 3 10 3 20 21 3 53 14 6.80 0 2 8 2 16 17 2 42 0 11
50 Openstack 127 3 16 14 48 31 8 6 1 5.10 0 2 13 11 38 24 6 5 0 1

Vendor(s) with highest weighted average (9.00): Adobe  

Weighted average = SUM((Cvss Range (e.g: 2 for range 1-2 )) * (Number of vulnerabilities in that range)) / (Total number of vulnerabilities)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.