Top 10 statistics for 2017

2017 Top Vendors

# Vendor CVE(s)
#1 Oracle 866
#2 Google 852
#3 Ibm 613
#4 Microsoft 611
#5 Apple 495
#6 Linux 407
#7 Cisco 404
#8 Imagemagick 341
#9 Adobe 258
#10 Apache 188

2017 Top Products

# Product Vendor CVE(s)
#1 Android Google 692
#2 Linux kernel Linux 406
#3 Iphone os Apple 344
#4 Imagemagick Imagemagick 341
#5 Windows 10 Microsoft 255
#6 Windows server 2016 Microsoft 239
#7 Mac os x Apple 236
#8 Windows server 2008 Microsoft 231
#9 Windows server 2012 Microsoft 223
#10 Windows 7 Microsoft 217

2017 Top CWE

# CVEs ID CWE Name
#1 2179 119 Improper Restriction of Operations within the Bounds of a Memory Buffer
#2 1300 284 Improper Access Control
#3 1238 79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
#4 1161 200 Information Exposure
#5 1029 264 Permissions, Privileges, and Access Controls
#6 801 20 Improper Input Validation
#7 353 125 Out-of-bounds Read
#8 350 89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
#9 345 399 Resource Management Errors
#10 286 476 NULL Pointer Dereference