CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CVSS Score Distribution For Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities

Vendor Name Number of Total Vulnerabilities # Of Vulnerabilities Weighted Average % Of Total
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+ 0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+
1 Microsoft 3679 2 6 144 17 411 655 189 838 21 1396 7.80 0 0 4 0 11 18 5 23 1 38
2 Oracle 2580 2 45 126 212 744 528 249 238 9 427 6.30 0 2 5 8 29 20 10 9 0 17
3 Apple 2430 1 40 147 28 368 329 518 414 9 576 7.10 0 2 6 1 15 14 21 17 0 24
4 IBM 2321 2 35 102 209 602 423 226 387 17 318 6.40 0 2 4 9 26 18 10 17 1 14
5 Cisco 1974 1 2 28 21 304 446 232 673 26 241 7.10 0 0 1 1 15 23 12 34 1 12
6 SUN 1616 3 26 107 36 309 280 119 422 3 311 6.90 0 2 7 2 19 17 7 26 0 19
7 Mozilla 1391 4 68 6 253 263 122 176 1 498 7.40 0 0 5 0 18 19 9 13 0 36
8 Linux 1278 1 79 209 36 431 111 124 257 3 27 5.50 0 6 16 3 34 9 10 20 0 2
9 Google 1188 3 8 2 123 233 131 479 1 208 7.50 0 0 1 0 10 20 11 40 0 18
10 HP 1173 1 9 46 19 224 155 88 297 19 315 7.30 0 1 4 2 19 13 8 25 2 27
11 Adobe 1115 18 2 105 69 39 66 1 815 8.90 0 0 2 0 9 6 3 6 0 73
12 Redhat 950 38 115 40 187 182 110 204 4 70 6.00 0 4 12 4 20 19 12 21 0 7
13 Apache 584 5 31 14 162 206 56 78 32 6.10 0 1 5 2 28 35 10 13 0 5
14 Novell 554 1 10 24 7 98 134 43 112 125 7.00 0 2 4 1 18 24 8 20 0 23
15 PHP 406 21 6 56 124 58 110 31 6.70 0 0 5 1 14 31 14 27 0 8
16 Symantec 381 3 16 10 71 70 40 95 3 73 7.00 0 1 4 3 19 18 10 25 1 19
17 GNU 362 1 8 34 24 55 91 41 81 27 6.20 0 2 9 7 15 25 11 22 0 7
18 Freebsd 321 7 41 9 53 60 24 102 25 6.30 0 2 13 3 17 19 7 32 0 8
19 Debian 313 7 43 12 44 50 40 86 1 30 6.40 0 2 14 4 14 16 13 27 0 10
20 Joomla 307 1 2 45 42 39 168 10 7.20 0 0 0 1 15 14 13 55 0 3
21 Wireshark 296 24 32 66 131 7 14 3 19 5.70 0 0 8 11 22 44 2 5 1 6
22 Drupal 281 13 49 83 51 38 40 2 5 5.70 0 0 5 17 30 18 14 14 1 2
23 Mysql 259 3 20 25 114 34 24 25 3 11 5.60 0 1 8 10 44 13 9 10 1 4
24 Moodle 256 5 15 112 63 37 17 7 5.80 0 0 2 6 44 25 14 7 0 3
25 SGI 252 2 25 4 20 54 11 96 40 7.00 0 1 10 2 8 21 4 38 0 16
26 Wordpress 242 10 6 90 48 34 42 1 11 6.10 0 0 4 2 37 20 14 17 0 5
27 Opera 232 5 70 83 21 8 45 6.60 0 0 2 0 30 36 9 3 0 19
28 Suse 226 2 30 23 38 15 86 32 6.90 0 1 13 0 10 17 7 38 0 14
29 Openbsd 225 3 18 6 30 62 12 63 1 30 6.70 0 1 8 3 13 28 5 28 0 13
30 SAP 223 1 3 43 74 17 53 32 6.90 0 0 0 1 19 33 8 24 0 14
31 EMC 218 1 10 8 42 37 27 38 12 43 7.00 0 0 5 4 19 17 12 17 6 20
32 Vmware 211 3 10 6 37 30 34 47 5 39 7.00 0 1 5 3 18 14 16 22 2 18
33 Realnetworks 205 1 5 10 31 6 29 123 8.60 0 0 2 0 5 15 3 14 0 60
34 CA 200 1 7 34 32 10 49 1 66 7.60 0 1 4 0 17 16 5 25 1 33
35 Ffmpeg 188 1 2 23 11 46 27 78 8.00 0 1 1 0 12 6 24 14 0 41
36 Typo3 176 3 13 55 26 13 60 1 5 6.40 0 0 2 7 31 15 7 34 1 3
37 BEA 172 2 14 2 30 61 18 38 7 6.20 0 1 8 1 17 35 10 22 0 4
38 Gentoo 166 5 22 2 9 33 18 45 32 6.80 0 3 13 1 5 20 11 27 0 19
39 Canonical 165 8 9 4 57 32 31 17 1 6 5.80 0 5 5 2 35 19 19 10 1 4
40 Mcafee 163 2 13 7 45 25 19 37 3 12 6.30 0 1 8 4 28 15 12 23 2 7
41 Netbsd 155 4 28 3 27 24 10 43 16 6.20 0 3 18 2 17 15 6 28 0 10
42 Phpmyadmin 151 7 23 49 31 17 20 1 3 5.70 0 0 5 15 32 21 11 13 1 2
43 KDE 146 1 10 29 30 18 48 10 6.60 0 1 7 0 20 21 12 33 0 7
44 Mandrakesoft 140 13 23 1 9 25 3 54 1 11 6.20 0 9 16 1 6 18 2 39 1 8
45 Siemens 138 3 2 3 28 26 14 34 8 20 7.00 0 2 1 2 20 19 10 25 6 14
46 Citrix 135 4 8 1 19 34 16 26 27 6.90 0 3 6 1 14 25 12 19 0 20
47 XEN 129 13 10 5 46 24 17 12 2 5.30 0 10 8 4 36 19 13 9 2 0
48 SCO 127 3 10 3 20 21 3 53 14 6.80 0 2 8 2 16 17 2 42 0 11
49 Gnome 126 3 13 7 21 21 24 28 9 6.20 0 2 10 6 17 17 19 22 0 7
50 Openstack 125 3 16 14 46 31 8 6 1 5.10 0 2 13 11 37 25 6 5 0 1

Vendor(s) with highest weighted average (8.90): Adobe  

Weighted average = SUM((Cvss Range (e.g: 2 for range 1-2 )) * (Number of vulnerabilities in that range)) / (Total number of vulnerabilities)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.