Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities in 2018

Go to year: 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 All Time Leaders

	Vendor Name	Number of Vulnerabilities
1	Debian	823
2	Oracle	690
3	Microsoft	664
4	Google	632
5	Redhat	544
6	IBM	531
7	Canonical	436
8	Cisco	378
9	Adobe	369
10	Mozilla	356
11	Qualcomm	355
12	Foxitsoftware	239
13	HP	217
14	Apple	184
15	Huawei	182
16	Linux	167
17	Jenkins	150
18	Apache	131
19	SAP	105
20	Wireshark	72
21	Imagemagick	70
22	F5	68
23	GNU	64
24	Tp-link	59
25	Trendmicro	58
26	Samsung	54
27	Atlassian	53
28	Intel	46
29	D-link	45
30	Schneider-electric	44
31	Artifex	41
32	Zohocorp	38
33	Foscam	38
34	Juniper	37
35	Quest	36
36	Libming	36
37	Moxa	35
38	Siemens	35
39	Hdfgroup	35
40	Advantech	34
41	Cmsmadesimple	34
42	Pivotal Software	34
43	Gitlab	32
44	Exiv2	32
45	Philips	32
46	Fedoraproject	31
47	Mcafee	30
48	Ffmpeg	29
49	Haxx	29
50	Netiq	28

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.