CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CVSS Score Distribution For Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities

Vendor Name Number of Total Vulnerabilities # Of Vulnerabilities Weighted Average % Of Total
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+ 0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+
1 Microsoft 3813 2 8 148 20 438 661 192 852 22 1470 7.80 0 0 4 1 11 17 5 22 1 39
2 Oracle 2663 2 49 131 221 783 537 253 245 9 433 6.30 0 2 5 8 29 20 10 9 0 16
3 Apple 2576 1 50 157 28 384 352 558 443 9 594 7.10 0 2 6 1 15 14 22 17 0 23
4 IBM 2397 2 38 106 226 622 432 231 398 18 324 6.30 0 2 4 9 26 18 10 17 1 14
5 Cisco 2095 1 2 28 22 334 464 253 718 27 246 7.10 0 0 1 1 16 22 12 34 1 12
6 SUN 1617 3 26 106 36 311 280 119 422 3 311 6.90 0 2 7 2 19 17 7 26 0 19
7 Mozilla 1431 4 68 6 263 272 132 187 1 498 7.40 0 0 5 0 18 19 9 13 0 35
8 Linux 1301 1 79 212 37 435 114 126 265 3 29 5.50 0 6 16 3 33 9 10 20 0 2
9 Google 1240 3 7 2 132 247 134 505 1 209 7.50 0 0 1 0 11 20 11 41 0 17
10 HP 1198 1 9 47 20 225 157 91 299 19 330 7.40 0 1 4 2 19 13 8 25 2 28
11 Adobe 1170 18 2 106 74 39 66 1 864 9.00 0 0 2 0 9 6 3 6 0 74
12 Redhat 968 38 116 43 191 183 115 206 4 72 6.10 0 4 12 4 20 19 12 21 0 7
13 Apache 599 5 31 14 165 213 58 81 32 6.10 0 1 5 2 28 36 10 14 0 5
14 Novell 593 1 11 26 7 104 150 47 120 127 6.90 0 2 4 1 18 25 8 20 0 21
15 PHP 419 21 6 57 128 58 118 31 6.70 0 0 5 1 14 31 14 28 0 7
16 Symantec 385 3 16 10 71 71 41 96 3 74 7.00 0 1 4 3 18 18 11 25 1 19
17 GNU 374 1 9 35 24 55 94 42 84 30 6.20 0 2 9 6 15 25 11 22 0 8
18 Debian 356 7 46 13 55 55 51 95 2 32 6.40 0 2 13 4 15 15 14 27 1 9
19 Freebsd 326 7 42 9 54 60 24 105 25 6.30 0 2 13 3 17 18 7 32 0 8
20 Joomla 307 1 2 45 42 39 168 10 7.20 0 0 0 1 15 14 13 55 0 3
21 Wireshark 302 24 32 66 137 7 14 3 19 5.70 0 0 8 11 22 45 2 5 1 6
22 Drupal 282 13 50 83 51 38 40 2 5 5.70 0 0 5 18 29 18 13 14 1 2
23 Mysql 260 3 20 25 115 34 24 25 3 11 5.60 0 1 8 10 44 13 9 10 1 4
24 Moodle 256 5 15 112 63 37 17 7 5.80 0 0 2 6 44 25 14 7 0 3
25 SGI 252 2 25 4 20 54 11 96 40 7.00 0 1 10 2 8 21 4 38 0 16
26 Wordpress 242 10 6 90 48 34 42 1 11 6.10 0 0 4 2 37 20 14 17 0 5
27 SAP 236 1 3 44 83 19 54 32 6.90 0 0 0 1 19 35 8 23 0 14
28 Opera 233 4 72 83 21 8 45 6.60 0 0 2 0 31 36 9 3 0 19
29 EMC 231 1 12 9 44 39 27 43 12 44 7.00 0 0 5 4 19 17 12 19 5 19
30 Suse 226 2 30 23 38 14 87 32 6.90 0 1 13 0 10 17 6 38 0 14
31 Openbsd 225 3 18 6 30 62 12 63 1 30 6.70 0 1 8 3 13 28 5 28 0 13
32 Vmware 215 3 10 8 38 30 35 47 5 39 6.90 0 1 5 4 18 14 16 22 2 18
33 Canonical 205 8 9 5 65 35 37 36 2 8 6.10 0 4 4 2 32 17 18 18 1 4
34 Realnetworks 205 1 5 10 31 6 29 123 8.60 0 0 2 0 5 15 3 14 0 60
35 CA 202 1 7 1 34 32 10 49 1 67 7.60 0 0 3 0 17 16 5 24 0 33
36 Ffmpeg 189 1 2 23 11 47 27 78 8.00 0 1 1 0 12 6 25 14 0 41
37 Typo3 178 4 13 55 26 14 60 1 5 6.40 0 0 2 7 31 15 8 34 1 3
38 Mcafee 176 2 13 10 50 26 23 37 3 12 6.20 0 1 7 6 28 15 13 21 2 7
39 BEA 172 2 14 2 30 61 18 38 7 6.20 0 1 8 1 17 35 10 22 0 4
40 Gentoo 166 5 22 2 9 33 18 45 32 6.80 0 3 13 1 5 20 11 27 0 19
41 Siemens 157 3 6 3 31 29 19 36 8 22 6.90 0 2 4 2 20 18 12 23 5 14
42 Netbsd 155 4 28 3 27 24 10 43 16 6.20 0 3 18 2 17 15 6 28 0 10
43 Phpmyadmin 152 7 23 49 32 17 20 1 3 5.70 0 0 5 15 32 21 11 13 1 2
44 KDE 146 1 10 29 30 18 48 10 6.60 0 1 7 0 20 21 12 33 0 7
45 Citrix 141 4 8 1 21 36 17 27 27 6.80 0 3 6 1 15 26 12 19 0 19
46 Mandrakesoft 140 13 23 1 9 25 3 54 1 11 6.20 0 9 16 1 6 18 2 39 1 8
47 XEN 140 14 14 5 50 24 17 14 2 5.20 0 10 10 4 36 17 12 10 1 0
48 Openstack 130 3 16 14 49 33 8 6 1 5.10 0 2 12 11 38 25 6 5 0 1
49 Gnome 128 3 13 7 21 21 25 29 9 6.30 0 2 10 5 16 16 20 23 0 7
50 SCO 127 3 10 3 20 21 3 53 14 6.80 0 2 8 2 16 17 2 42 0 11

Vendor(s) with highest weighted average (9.00): Adobe  

Weighted average = SUM((Cvss Range (e.g: 2 for range 1-2 )) * (Number of vulnerabilities in that range)) / (Total number of vulnerabilities)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.