CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CVSS Score Distribution For Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities

Vendor Name Number of Total Vulnerabilities # Of Vulnerabilities Weighted Average % Of Total
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+ 0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9+
1 Microsoft 6814 2 103 388 111 1016 805 389 1730 30 2240 7.50 0 2 6 2 15 12 6 25 0 33
2 Oracle 6115 2 115 272 463 1798 1670 681 518 25 571 6.00 0 2 4 8 29 27 11 8 0 9
3 IBM 4679 2 65 295 784 1263 829 460 563 30 388 5.80 0 1 6 17 27 18 10 12 1 8
4 Google 4572 23 119 18 1057 514 651 1084 31 1075 7.20 0 1 3 0 23 11 14 24 1 24
5 Apple 4512 1 53 277 44 781 544 1128 700 15 969 7.00 0 1 6 1 17 12 25 16 0 21
6 Cisco 4167 1 5 69 111 816 933 569 1169 44 450 6.90 0 0 2 3 20 22 14 28 1 11
7 Adobe 3314 18 3 409 328 176 180 1 2199 8.70 0 0 1 0 12 10 5 5 0 66
8 Debian 3197 31 130 76 883 618 620 684 7 148 6.30 0 1 4 2 28 19 19 21 0 5
9 Redhat 2805 54 212 117 693 525 437 542 9 216 6.20 0 2 8 4 25 19 16 19 0 8
10 Linux 2370 1 93 346 54 738 145 186 665 7 135 5.90 0 4 15 2 31 6 8 28 0 6
11 Mozilla 2199 9 79 12 438 453 262 388 1 557 7.20 0 0 4 1 20 21 12 18 0 25
12 Canonical 2025 30 108 58 610 387 334 393 4 101 6.20 0 1 5 3 30 19 16 19 0 5
13 HP 1794 1 11 63 43 288 250 148 406 26 558 7.50 0 1 4 2 16 14 8 23 1 31
14 SUN 1628 3 26 105 45 311 283 119 421 4 311 6.80 0 2 6 3 19 17 7 26 0 19
15 Opensuse 1315 19 66 56 291 296 253 209 3 122 6.40 0 1 5 4 22 23 19 16 0 9
16 Apache 1218 7 40 31 320 399 138 217 2 64 6.20 0 1 3 3 26 33 11 18 0 5
17 Fedoraproject 757 8 38 25 185 204 118 150 1 28 6.20 0 1 5 3 24 27 16 20 0 4
18 GNU 738 1 12 45 29 196 167 126 128 34 6.10 0 2 6 4 27 23 17 17 0 5
19 Novell 665 1 7 27 9 152 145 46 126 152 6.90 0 1 4 1 23 22 7 19 0 23
20 PHP 626 1 21 6 68 190 88 210 1 41 6.80 0 0 3 1 11 30 14 34 0 7
21 Qualcomm 602 19 3 72 70 19 164 10 245 8.00 0 0 3 0 12 12 3 27 2 41
22 Wireshark 576 24 32 184 261 7 46 3 19 5.80 0 0 4 6 32 45 1 8 1 3
23 SAP 565 3 13 26 141 171 67 98 1 45 6.40 0 1 2 5 25 30 12 17 0 8
24 Imagemagick 546 2 1 297 45 106 87 8 6.00 0 0 0 0 54 8 19 16 0 1
25 Huawei 536 3 46 14 127 106 67 113 10 50 6.40 0 1 9 3 24 20 13 21 2 9
26 Jenkins 519 1 34 47 257 76 81 17 6 5.40 0 0 7 9 50 15 16 3 0 1
27 Foxitsoftware 513 2 1 83 27 378 8 14 6.70 0 0 0 0 16 5 74 2 0 3
28 Symantec 511 4 24 21 105 92 59 109 11 86 6.80 0 1 5 4 21 18 12 21 2 17
29 Suse 490 4 49 8 89 82 74 111 73 6.70 0 1 10 2 18 17 15 23 0 15
30 EMC 434 2 25 23 92 68 51 81 14 78 6.80 0 0 6 5 21 16 12 19 3 18
31 Freebsd 405 8 53 9 64 75 31 133 1 31 6.40 0 2 13 2 16 19 8 33 0 8
32 Joomla 382 2 6 71 56 50 187 10 7.00 0 0 1 2 19 15 13 49 0 3
33 Moodle 378 5 27 177 87 55 20 7 5.70 0 0 1 7 47 23 15 5 0 2
34 Cpanel 369 6 46 53 126 47 45 18 4 24 5.40 0 2 12 14 34 13 12 5 1 7
35 Siemens 357 7 13 11 71 80 49 76 9 41 6.60 0 2 4 3 20 22 14 21 3 11
36 Vmware 349 4 19 16 60 59 64 73 6 48 6.70 0 1 5 5 17 17 18 21 2 14
37 Wordpress 342 11 14 132 79 47 47 1 11 6.00 0 0 3 4 39 23 14 14 0 3
38 Juniper 334 1 15 17 73 84 27 87 3 27 6.50 0 0 4 5 22 25 8 26 1 8
39 Drupal 333 13 52 102 68 45 45 3 5 5.80 0 0 4 16 31 20 14 14 1 2
40 Mcafee 332 4 22 27 105 53 49 51 4 17 6.00 0 1 7 8 32 16 15 15 1 5
41 Ffmpeg 316 1 2 61 18 85 70 79 7.50 0 0 1 0 19 6 27 22 0 25
42 XEN 296 21 33 7 110 30 40 45 2 8 5.50 0 7 11 2 37 10 14 15 1 3
43 Netapp 285 6 14 11 109 67 39 29 10 5.80 0 2 5 4 38 24 14 10 0 4
44 F5 282 1 12 12 90 84 28 38 3 14 6.10 0 0 4 4 32 30 10 13 1 5
45 Qemu 276 23 96 5 53 23 12 52 1 11 5.00 0 8 35 2 19 8 4 19 0 4
46 Openbsd 274 8 21 6 45 71 15 76 2 30 6.50 0 3 8 2 16 26 5 28 1 11
47 SGI 254 2 25 4 20 56 11 96 40 7.00 0 1 10 2 8 22 4 38 0 16
48 Phpmyadmin 252 8 30 81 71 29 27 2 4 5.80 0 0 3 12 32 28 12 11 1 2
49 Intel 247 1 51 10 86 24 9 57 2 7 5.60 0 0 21 4 35 10 4 23 1 3
50 Opera 244 4 75 87 23 8 47 6.60 0 0 2 0 31 36 9 3 0 19

Vendor(s) with highest weighted average (8.70): Adobe  

Weighted average = SUM((Cvss Range (e.g: 2 for range 1-2 )) * (Number of vulnerabilities in that range)) / (Total number of vulnerabilities)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.