CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CVSS Score Distribution For Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities

Vendor Name Number of Total Vulnerabilities # Of Vulnerabilities Weighted Average % Of Total
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+ 0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+
1 Microsoft 3625 2 5 143 16 406 648 187 835 21 1362 7.80 0 0 4 0 11 18 5 23 1 38
2 Oracle 2466 2 44 123 194 695 512 236 231 9 420 6.30 0 2 5 8 28 21 10 9 0 17
3 Apple 2400 1 40 147 28 368 324 510 413 9 560 7.10 0 2 6 1 15 14 21 17 0 23
4 IBM 2241 2 35 97 191 574 405 220 385 17 315 6.40 0 2 4 9 26 18 10 17 1 14
5 Cisco 1926 1 2 28 20 289 424 227 668 26 241 7.10 0 0 1 1 15 22 12 35 1 13
6 SUN 1601 3 25 105 35 304 278 118 419 3 311 6.90 0 2 7 2 19 17 7 26 0 19
7 Mozilla 1369 4 67 6 248 261 114 170 1 498 7.40 0 0 5 0 18 19 8 12 0 36
8 Linux 1257 1 79 203 36 425 109 123 252 3 26 5.50 0 6 16 3 34 9 10 20 0 2
9 HP 1169 1 9 45 19 223 154 88 297 18 315 7.30 0 1 4 2 19 13 8 25 2 27
10 Google 1145 3 8 1 119 226 127 452 1 208 7.50 0 0 1 0 10 20 11 39 0 18
11 Adobe 1076 18 2 105 62 38 66 785 8.90 0 0 2 0 10 6 4 6 0 73
12 Redhat 927 38 112 38 182 177 106 201 4 69 6.10 0 4 12 4 20 19 11 22 0 7
13 Apache 573 5 31 14 160 197 55 78 33 6.10 0 1 5 2 28 34 10 14 0 6
14 Novell 546 1 10 24 7 97 132 42 109 124 7.00 0 2 4 1 18 24 8 20 0 23
15 PHP 400 21 6 56 124 57 105 31 6.70 0 0 5 2 14 31 14 26 0 8
16 Symantec 374 3 16 9 70 70 38 93 3 72 7.00 0 1 4 2 19 19 10 25 1 19
17 GNU 349 1 8 34 23 54 86 41 75 27 6.20 0 2 10 7 15 25 12 21 0 8
18 Freebsd 318 7 41 9 53 57 24 102 25 6.30 0 2 13 3 17 18 8 32 0 8
19 Joomla 308 1 2 46 42 39 168 10 7.20 0 0 0 1 15 14 13 55 0 3
20 Debian 307 7 42 12 41 50 39 85 1 30 6.40 0 2 14 4 13 16 13 28 0 10
21 Wireshark 290 24 32 66 125 7 14 3 19 5.70 0 0 8 11 23 43 2 5 1 7
22 Drupal 283 13 51 83 51 38 40 2 5 5.70 0 0 5 18 29 18 13 14 1 2
23 Mysql 259 3 20 25 114 34 24 25 3 11 5.60 0 1 8 10 44 13 9 10 1 4
24 Moodle 256 5 15 112 63 37 17 7 5.80 0 0 2 6 44 25 14 7 0 3
25 SGI 252 2 25 4 20 54 11 96 40 7.00 0 1 10 2 8 21 4 38 0 16
26 Wordpress 233 10 6 85 47 31 42 1 11 6.20 0 0 4 3 36 20 13 18 0 5
27 Opera 232 5 70 83 21 8 45 6.60 0 0 2 0 30 36 9 3 0 19
28 Suse 222 2 30 23 38 13 85 31 6.80 0 1 14 0 10 17 6 38 0 14
29 Openbsd 222 3 18 6 29 61 12 62 1 30 6.70 0 1 8 3 13 27 5 28 0 14
30 SAP 216 1 3 42 73 16 51 30 6.90 0 0 0 1 19 34 7 24 0 14
31 Vmware 207 3 10 6 34 30 34 47 5 38 7.00 0 1 5 3 16 14 16 23 2 18
32 Realnetworks 203 1 5 10 31 6 28 122 8.60 0 0 2 0 5 15 3 14 0 60
33 EMC 201 1 10 7 36 32 24 38 12 41 7.10 0 0 5 3 18 16 12 19 6 20
34 CA 197 1 7 33 32 8 49 1 66 7.60 0 1 4 0 17 16 4 25 1 34
35 Ffmpeg 179 1 2 23 10 46 19 78 8.00 0 1 1 0 13 6 26 11 0 44
36 Typo3 174 3 13 54 26 13 59 1 5 6.40 0 0 2 7 31 15 7 34 1 3
37 BEA 172 2 14 2 30 61 18 38 7 6.20 0 1 8 1 17 35 10 22 0 4
38 Gentoo 164 5 22 2 9 33 17 45 31 6.80 0 3 13 1 5 20 10 27 0 19
39 Mcafee 161 2 13 7 44 24 19 37 3 12 6.30 0 1 8 4 27 15 12 23 2 7
40 Canonical 155 8 8 3 55 28 30 16 1 6 5.80 0 5 5 2 35 18 19 10 1 4
41 Netbsd 154 4 28 3 27 23 10 43 16 6.20 0 3 18 2 18 15 6 28 0 10
42 Phpmyadmin 143 7 20 46 30 16 20 1 3 5.70 0 0 5 14 32 21 11 14 1 2
43 KDE 141 1 10 26 29 18 47 10 6.70 0 1 7 0 18 21 13 33 0 7
44 Mandrakesoft 140 13 23 1 9 25 3 54 1 11 6.20 0 9 16 1 6 18 2 39 1 8
45 Citrix 135 4 8 1 19 34 16 26 27 6.90 0 3 6 1 14 25 12 19 0 20
46 Siemens 130 1 1 3 27 25 13 33 8 19 7.10 0 1 1 2 21 19 10 25 6 15
47 SCO 127 3 10 3 20 21 3 53 14 6.80 0 2 8 2 16 17 2 42 0 11
48 Gnome 124 3 13 7 21 21 24 26 9 6.20 0 2 10 6 17 17 19 21 0 7
49 XEN 124 13 10 5 42 24 17 11 2 5.30 0 10 8 4 34 19 14 9 2 0
50 Openstack 120 3 16 14 43 30 7 6 1 5.10 0 3 13 12 36 25 6 5 0 1

Vendor(s) with highest weighted average (8.90): Adobe  

Weighted average = SUM((Cvss Range (e.g: 2 for range 1-2 )) * (Number of vulnerabilities in that range)) / (Total number of vulnerabilities)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.