Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities in 2018

Go to year: 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 All Time Leaders

	Vendor Name	Number of Vulnerabilities
1	Debian	596
2	Oracle	589
3	Microsoft	496
4	Google	427
5	IBM	397
6	Redhat	371
7	Mozilla	326
8	Cisco	297
9	Canonical	289
10	Qualcomm	284
11	Adobe	235
12	HP	211
13	Foxitsoftware	188
14	Apple	184
15	Huawei	171
16	Jenkins	146
17	Linux	139
18	Apache	111
19	SAP	83
20	Wireshark	66
21	Trendmicro	52
22	F5	49
23	Imagemagick	48
24	Atlassian	46
25	GNU	46
26	Tp-link	41
27	Schneider-electric	39
28	Quest	36
29	Intel	36
30	Juniper	34
31	Libming	34
32	D-link	32
33	Cmsmadesimple	32
34	Siemens	32
35	Gitlab	29
36	Ffmpeg	28
37	Pivotal Software	28
38	Fedoraproject	28
39	Moxa	27
40	Haxx	27
41	Netiq	27
42	Mcafee	26
43	Insteon	25
44	Opensuse	25
45	Zohocorp	25
46	Open-emr	25
47	Exiv2	24
48	Hdfgroup	23
49	Advantech	23
50	Dell	22

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.