CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CVSS Score Distribution For Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities

Vendor Name Number of Total Vulnerabilities # Of Vulnerabilities Weighted Average % Of Total
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+ 0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+
1 Microsoft 6179 2 102 334 78 872 765 351 1535 27 2113 7.50 0 2 5 1 14 12 6 25 0 34
2 Oracle 5512 2 105 232 428 1586 1487 621 459 24 568 6.10 0 2 4 8 29 27 11 8 0 10
3 IBM 4299 2 64 257 696 1182 737 429 523 29 380 5.90 0 1 6 16 27 17 10 12 1 9
4 Apple 4274 1 53 262 43 723 523 1061 676 15 917 7.00 0 1 6 1 17 12 25 16 0 21
5 Google 3990 9 74 17 824 453 526 1025 29 1033 7.40 0 0 2 0 21 11 13 26 1 26
6 Cisco 3700 1 4 55 83 732 838 521 1042 42 382 6.90 0 0 1 2 20 23 14 28 1 10
7 Adobe 2860 18 3 319 221 138 143 1 2017 8.80 0 0 1 0 11 8 5 5 0 71
8 Debian 2389 25 97 60 608 462 456 547 6 128 6.40 0 1 4 3 25 19 19 23 0 5
9 Redhat 2326 50 183 102 551 432 347 471 8 182 6.20 0 2 8 4 24 19 15 20 0 8
10 Linux 2195 1 91 326 49 675 137 178 607 6 125 5.90 0 4 15 2 31 6 8 28 0 6
11 Mozilla 2079 9 79 12 400 423 246 354 1 555 7.20 0 0 4 1 19 20 12 17 0 27
12 HP 1659 1 10 61 39 284 243 142 398 24 457 7.40 0 1 4 2 17 15 9 24 1 28
13 SUN 1628 3 26 105 45 311 283 119 421 4 311 6.80 0 2 6 3 19 17 7 26 0 19
14 Canonical 1482 28 82 36 390 287 256 305 4 94 6.30 0 2 6 2 26 19 17 21 0 6
15 Opensuse 1113 18 53 52 240 252 188 193 3 114 6.40 0 2 5 5 22 23 17 17 0 10
16 Apache 1099 7 38 29 284 364 127 190 2 58 6.20 0 1 3 3 26 33 12 17 0 5
17 GNU 680 1 11 42 28 168 158 118 122 32 6.10 0 2 6 4 25 23 17 18 0 5
18 Novell 666 1 7 27 9 152 145 46 126 153 6.90 0 1 4 1 23 22 7 19 0 23
19 PHP 600 1 21 6 68 181 77 204 1 41 6.80 0 0 4 1 11 30 13 34 0 7
20 Wireshark 560 24 32 185 244 7 46 3 19 5.80 0 0 4 6 33 44 1 8 1 3
21 Fedoraproject 526 8 24 20 111 147 67 123 1 25 6.30 0 2 5 4 21 28 13 23 0 5
22 Huawei 507 2 41 13 120 104 65 104 10 48 6.40 0 0 8 3 24 21 13 21 2 9
23 Symantec 493 4 22 19 96 91 56 108 11 86 6.90 0 1 4 4 19 18 11 22 2 17
24 SAP 490 3 9 14 114 157 54 94 1 44 6.50 0 1 2 3 23 32 11 19 0 9
25 Imagemagick 489 2 270 35 84 90 8 6.00 0 0 0 0 55 7 17 18 0 2
26 Suse 469 4 45 8 86 79 70 107 70 6.70 0 1 10 2 18 17 15 23 0 15
27 Qualcomm 441 8 3 23 67 15 102 5 218 8.40 0 0 2 1 5 15 3 23 1 49
28 EMC 427 2 24 23 90 64 51 81 14 78 6.80 0 0 6 5 21 15 12 19 3 18
29 Freebsd 383 8 53 9 62 72 28 123 28 6.30 0 2 14 2 16 19 7 32 0 7
30 Joomla 369 2 4 65 54 49 185 10 7.00 0 0 1 1 18 15 13 50 0 3
31 Moodle 362 5 27 169 83 52 19 7 5.70 0 0 1 7 47 23 14 5 0 2
32 Foxitsoftware 354 2 1 64 16 250 7 14 6.70 0 0 1 0 18 5 71 2 0 4
33 Wordpress 334 11 16 127 76 45 47 1 11 6.00 0 0 3 5 38 23 13 14 0 3
34 Vmware 329 4 18 15 57 52 62 69 6 46 6.70 0 1 5 5 17 16 19 21 2 14
35 Drupal 323 13 50 98 66 45 43 3 5 5.80 0 0 4 15 30 20 14 13 1 2
36 Ffmpeg 308 1 2 58 18 81 69 79 7.50 0 0 1 0 19 6 26 22 0 26
37 Mcafee 289 3 19 25 85 45 43 49 4 16 6.00 0 1 7 9 29 16 15 17 1 6
38 Siemens 287 7 10 10 57 58 40 58 9 38 6.70 0 2 3 3 20 20 14 20 3 13
39 Juniper 283 1 11 14 65 63 23 77 3 26 6.60 0 0 4 5 23 22 8 27 1 9
40 XEN 281 21 33 7 100 30 38 42 2 8 5.50 0 7 12 2 36 11 14 15 1 3
41 Openbsd 269 8 20 6 43 69 15 76 2 30 6.50 0 3 7 2 16 26 6 28 1 11
42 SGI 254 2 25 4 20 56 11 96 40 7.00 0 1 10 2 8 22 4 38 0 16
43 Qemu 254 23 89 5 49 15 12 51 1 9 5.00 0 9 35 2 19 6 5 20 0 4
44 Jenkins 254 1 14 24 103 55 41 11 5 5.60 0 0 6 9 41 22 16 4 0 2
45 Phpmyadmin 250 8 30 80 70 30 26 2 4 5.80 0 0 3 12 32 28 12 10 1 2
46 Mysql 243 3 20 23 107 34 21 22 2 11 5.50 0 1 8 9 44 14 9 9 1 5
47 Opera 242 4 74 87 22 8 47 6.60 0 0 2 0 31 36 9 3 0 19
48 CA 238 1 8 3 45 40 15 56 1 69 7.40 0 0 3 1 19 17 6 24 0 29
49 Citrix 222 4 11 3 44 54 22 44 40 6.80 0 2 5 1 20 24 10 20 0 18
50 Realnetworks 213 1 5 13 32 6 29 127 8.50 0 0 2 0 6 15 3 14 0 60

Vendor(s) with highest weighted average (8.80): Adobe  

Weighted average = SUM((Cvss Range (e.g: 2 for range 1-2 )) * (Number of vulnerabilities in that range)) / (Total number of vulnerabilities)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.