CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CVSS Score Distribution For Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities

Vendor Name Number of Total Vulnerabilities # Of Vulnerabilities Weighted Average % Of Total
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+ 0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+
1 Microsoft 5681 2 94 293 52 765 733 313 1372 26 2031 7.60 0 2 5 1 13 13 6 24 0 36
2 Oracle 5098 2 100 221 405 1456 1292 593 442 21 566 6.10 0 2 4 8 29 25 12 9 0 11
3 Apple 4215 1 53 254 43 707 519 1046 669 15 908 7.00 0 1 6 1 17 12 25 16 0 22
4 IBM 3882 2 59 226 567 1063 661 401 502 28 373 6.00 0 2 6 15 27 17 10 13 1 10
5 Google 3498 5 53 14 626 429 430 923 25 993 7.60 0 0 2 0 18 12 12 26 1 28
6 Cisco 3410 1 4 47 70 672 783 475 974 40 344 6.90 0 0 1 2 20 23 14 29 1 10
7 Adobe 2533 18 3 219 163 88 130 1 1911 9.00 0 0 1 0 9 6 3 5 0 75
8 Linux 2092 1 91 312 45 628 139 166 578 5 127 5.90 0 4 15 2 30 7 8 28 0 6
9 Redhat 1724 46 165 86 364 333 216 346 6 162 6.20 0 3 10 5 21 19 13 20 0 9
10 Mozilla 1723 5 72 8 336 300 212 245 1 544 7.30 0 0 4 0 20 17 12 14 0 32
11 SUN 1630 3 26 105 45 312 283 119 422 4 311 6.80 0 2 6 3 19 17 7 26 0 19
12 HP 1612 1 10 58 35 280 234 136 383 24 451 7.40 0 1 4 2 17 15 8 24 1 28
13 Novell 1540 1 24 63 57 338 346 203 289 2 217 6.60 0 2 4 4 22 22 13 19 0 14
14 Debian 1518 17 82 50 343 319 265 339 5 98 6.40 0 1 5 3 23 21 17 22 0 6
15 Apache 1019 6 38 27 260 333 117 182 2 54 6.20 0 1 4 3 26 33 11 18 0 5
16 Canonical 963 23 53 29 252 205 145 183 3 70 6.20 0 2 6 3 26 21 15 19 0 7
17 GNU 636 1 10 42 27 136 153 115 119 33 6.20 0 2 7 4 21 24 18 19 0 5
18 PHP 588 21 6 66 172 78 203 1 41 6.90 0 0 4 1 11 29 13 35 0 7
19 Wireshark 522 24 32 174 221 7 42 3 19 5.70 0 0 5 6 33 42 1 8 1 4
20 Fedoraproject 507 8 23 19 106 138 67 120 1 25 6.30 0 2 5 4 21 27 13 24 0 5
21 Symantec 474 4 22 18 91 87 50 106 11 85 6.90 0 1 5 4 19 18 11 22 2 18
22 Huawei 453 2 37 11 101 87 62 97 10 46 6.50 0 0 8 2 22 19 14 21 2 10
23 Suse 451 4 46 7 80 75 65 105 69 6.70 0 1 10 2 18 17 14 23 0 15
24 Imagemagick 448 2 240 35 78 84 9 6.10 0 0 0 0 54 8 17 19 0 2
25 SAP 422 2 7 11 91 132 43 91 1 44 6.60 0 0 2 3 22 31 10 22 0 10
26 EMC 411 2 21 23 85 61 50 79 14 76 6.90 0 0 5 6 21 15 12 19 3 18
27 Freebsd 364 8 51 9 57 67 28 116 28 6.30 0 2 14 2 16 18 8 32 0 8
28 Moodle 352 5 27 165 80 49 19 7 5.70 0 0 1 8 47 23 14 5 0 2
29 Joomla 350 1 2 58 51 44 184 10 7.10 0 0 0 1 17 15 13 53 0 3
30 Wordpress 325 11 14 126 75 41 46 1 11 6.00 0 0 3 4 39 23 13 14 0 3
31 Drupal 323 13 50 97 67 46 42 3 5 5.80 0 0 4 15 30 21 14 13 1 2
32 Qualcomm 323 1 1 6 62 8 30 2 213 8.80 0 0 0 0 2 19 2 9 1 66
33 Vmware 317 4 18 14 53 47 62 68 6 45 6.80 0 1 6 4 17 15 20 21 2 14
34 Ffmpeg 289 1 2 46 15 79 67 79 7.60 0 0 1 0 16 5 27 23 0 27
35 Mcafee 264 3 18 22 74 44 38 47 4 14 6.10 0 1 7 8 28 17 14 18 2 5
36 Openbsd 262 4 20 6 42 67 15 76 2 30 6.60 0 2 8 2 16 26 6 29 1 11
37 XEN 262 20 32 7 93 31 32 39 2 6 5.50 0 8 12 3 35 12 12 15 1 2
38 Mysql 261 3 21 25 115 34 24 25 3 11 5.60 0 1 8 10 44 13 9 10 1 4
39 Juniper 260 1 11 11 58 60 21 72 2 24 6.60 0 0 4 4 22 23 8 28 1 9
40 SGI 254 2 25 4 20 56 11 96 40 7.00 0 1 10 2 8 22 4 38 0 16
41 Siemens 246 7 8 8 47 54 36 49 8 29 6.60 0 3 3 3 19 22 15 20 3 12
42 Opera 243 4 74 87 22 8 48 6.60 0 0 2 0 30 36 9 3 0 20
43 Phpmyadmin 242 8 30 76 70 27 25 2 4 5.70 0 0 3 12 31 29 11 10 1 2
44 Qemu 230 23 82 4 47 10 11 47 1 5 4.80 0 10 36 2 20 4 5 20 0 2
45 CA 225 1 8 3 42 36 14 51 1 69 7.40 0 0 4 1 19 16 6 23 0 31
46 Realnetworks 207 1 5 12 31 6 29 123 8.50 0 0 2 0 6 15 3 14 0 59
47 Citrix 202 4 11 2 42 50 20 38 35 6.70 0 2 5 1 21 25 10 19 0 17
48 Typo3 193 4 20 60 27 16 60 1 5 6.20 0 0 2 10 31 14 8 31 1 3
49 Openssl 188 3 9 44 86 11 25 10 6.10 0 2 5 0 23 46 6 13 0 5
50 Openstack 182 4 18 22 62 46 17 12 1 5.30 0 2 10 12 34 25 9 7 0 1

Vendor(s) with highest weighted average (9.00): Adobe  

Weighted average = SUM((Cvss Range (e.g: 2 for range 1-2 )) * (Number of vulnerabilities in that range)) / (Total number of vulnerabilities)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.