Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities in 2018

Go to year: 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 All Time Leaders

	Vendor Name	Number of Vulnerabilities
1	Oracle	492
2	Debian	443
3	Microsoft	393
4	Google	381
5	Mozilla	313
6	IBM	279
7	Qualcomm	268
8	Redhat	236
9	Cisco	222
10	Canonical	206
11	Apple	183
12	HP	177
13	Huawei	160
14	Jenkins	105
15	Foxitsoftware	102
16	Linux	85
17	Adobe	83
18	Apache	82
19	SAP	61
20	Wireshark	55
21	Trendmicro	49
22	Imagemagick	42
23	GNU	37
24	Quest	36
25	Atlassian	36
26	F5	33
27	Cmsmadesimple	32
28	Libming	31
29	Tp-link	31
30	D-link	31
31	Moxa	26
32	Opensuse	23
33	Juniper	23
34	Netiq	23
35	Fedoraproject	23
36	Advantech	23
37	Exiv2	22
38	Mcafee	22
39	Pivotal Software	22
40	Jiangmin	21
41	Blender	21
42	Windows Optimization Master Project	21
43	Schneider-electric	21
44	Philips	20
45	Rockwellautomation	20
46	Ffmpeg	20
47	Intel	20
48	Gitlab	19
49	Artifex	19
50	Netgain-systems	18

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.