CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CVSS Score Distribution For Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities

Vendor Name Number of Total Vulnerabilities # Of Vulnerabilities Weighted Average % Of Total
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+ 0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+
1 Microsoft 3741 2 7 144 18 421 656 192 844 22 1435 7.80 0 0 4 0 11 18 5 23 1 38
2 Oracle 2581 2 45 126 212 744 527 250 239 9 427 6.30 0 2 5 8 29 20 10 9 0 17
3 Apple 2485 1 40 151 28 373 335 528 429 9 591 7.10 0 2 6 1 15 13 21 17 0 24
4 IBM 2351 2 36 105 215 611 429 227 390 18 318 6.40 0 2 4 9 26 18 10 17 1 14
5 Cisco 2021 1 2 28 21 322 456 239 684 26 242 7.10 0 0 1 1 16 23 12 34 1 12
6 SUN 1616 3 26 107 36 309 280 119 422 3 311 6.90 0 2 7 2 19 17 7 26 0 19
7 Mozilla 1410 4 69 6 258 266 129 179 1 498 7.40 0 0 5 0 18 19 9 13 0 35
8 Linux 1285 1 79 209 36 431 112 125 261 3 28 5.50 0 6 16 3 34 9 10 20 0 2
9 Google 1195 3 8 2 124 235 131 482 1 209 7.50 0 0 1 0 10 20 11 40 0 17
10 HP 1176 1 9 46 19 224 157 88 298 19 315 7.30 0 1 4 2 19 13 7 25 2 27
11 Adobe 1136 18 2 105 69 39 66 1 836 9.00 0 0 2 0 9 6 3 6 0 74
12 Redhat 959 38 115 43 189 182 112 205 4 71 6.00 0 4 12 4 20 19 12 21 0 7
13 Apache 588 5 31 14 163 208 57 78 32 6.10 0 1 5 2 28 35 10 13 0 5
14 Novell 571 1 10 25 7 101 139 46 116 126 7.00 0 2 4 1 18 24 8 20 0 22
15 PHP 406 21 6 56 124 58 110 31 6.70 0 0 5 1 14 31 14 27 0 8
16 Symantec 383 3 16 10 71 71 40 95 3 74 7.00 0 1 4 3 19 19 10 25 1 19
17 GNU 367 1 9 35 24 55 92 41 82 28 6.20 0 2 10 7 15 25 11 22 0 8
18 Freebsd 325 7 41 9 54 60 24 105 25 6.30 0 2 13 3 17 18 7 32 0 8
19 Debian 325 7 44 12 49 53 41 88 1 30 6.30 0 2 14 4 15 16 13 27 0 9
20 Joomla 307 1 2 45 42 39 168 10 7.20 0 0 0 1 15 14 13 55 0 3
21 Wireshark 296 24 32 66 131 7 14 3 19 5.70 0 0 8 11 22 44 2 5 1 6
22 Drupal 281 13 49 83 51 38 40 2 5 5.70 0 0 5 17 30 18 14 14 1 2
23 Mysql 259 3 20 25 114 34 24 25 3 11 5.60 0 1 8 10 44 13 9 10 1 4
24 Moodle 256 5 15 112 63 37 17 7 5.80 0 0 2 6 44 25 14 7 0 3
25 SGI 252 2 25 4 20 54 11 96 40 7.00 0 1 10 2 8 21 4 38 0 16
26 Wordpress 242 10 6 90 48 34 42 1 11 6.10 0 0 4 2 37 20 14 17 0 5
27 Opera 232 5 70 83 21 8 45 6.60 0 0 2 0 30 36 9 3 0 19
28 SAP 226 1 3 44 76 17 53 32 6.90 0 0 0 1 19 34 8 23 0 14
29 Openbsd 225 3 18 6 30 62 12 63 1 30 6.70 0 1 8 3 13 28 5 28 0 13
30 Suse 225 2 30 23 38 14 86 32 6.90 0 1 13 0 10 17 6 38 0 14
31 EMC 222 1 11 8 43 38 27 38 12 44 7.00 0 0 5 4 19 17 12 17 5 20
32 Vmware 215 3 10 8 38 30 35 47 5 39 6.90 0 1 5 4 18 14 16 22 2 18
33 Realnetworks 205 1 5 10 31 6 29 123 8.60 0 0 2 0 5 15 3 14 0 60
34 CA 200 1 7 34 32 10 49 1 66 7.60 0 1 4 0 17 16 5 25 1 33
35 Canonical 191 8 9 4 60 36 32 34 1 7 6.00 0 4 5 2 31 19 17 18 1 4
36 Ffmpeg 189 1 2 23 11 47 27 78 8.00 0 1 1 0 12 6 25 14 0 41
37 Typo3 177 4 13 55 26 13 60 1 5 6.40 0 0 2 7 31 15 7 34 1 3
38 BEA 172 2 14 2 30 61 18 38 7 6.20 0 1 8 1 17 35 10 22 0 4
39 Mcafee 169 2 13 9 47 25 21 37 3 12 6.20 0 1 8 5 28 15 12 22 2 7
40 Gentoo 166 5 22 2 9 33 18 45 32 6.80 0 3 13 1 5 20 11 27 0 19
41 Netbsd 155 4 28 3 27 24 10 43 16 6.20 0 3 18 2 17 15 6 28 0 10
42 Phpmyadmin 151 7 23 49 31 17 20 1 3 5.70 0 0 5 15 32 21 11 13 1 2
43 KDE 146 1 10 29 30 18 48 10 6.60 0 1 7 0 20 21 12 33 0 7
44 Siemens 145 3 3 3 29 28 15 34 8 22 7.00 0 2 2 2 20 19 10 23 6 15
45 Mandrakesoft 140 13 23 1 9 25 3 54 1 11 6.20 0 9 16 1 6 18 2 39 1 8
46 Citrix 135 4 8 1 19 34 16 26 27 6.90 0 3 6 1 14 25 12 19 0 20
47 XEN 131 13 11 5 47 24 17 12 2 5.30 0 10 8 4 36 18 13 9 2 0
48 Gnome 127 3 13 7 21 21 25 28 9 6.20 0 2 10 6 17 17 20 22 0 7
49 Openstack 127 3 16 14 48 31 8 6 1 5.10 0 2 13 11 38 24 6 5 0 1
50 SCO 127 3 10 3 20 21 3 53 14 6.80 0 2 8 2 16 17 2 42 0 11

Vendor(s) with highest weighted average (9.00): Adobe  

Weighted average = SUM((Cvss Range (e.g: 2 for range 1-2 )) * (Number of vulnerabilities in that range)) / (Total number of vulnerabilities)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.