Top 10 statistics for 2018

2018 Top Vendors

# Vendor CVE(s)
#1 Google 197
#2 Microsoft 192
#3 Hp 174
#4 Debian 167
#5 Oracle 165
#6 Ibm 162
#7 Huawei 132
#8 Cisco 107
#9 Jenkins 54
#10 Linux 52

2018 Top CWE

# CVEs ID CWE Name
#1 520 79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
#2 460 20 Improper Input Validation
#3 369 119 Improper Restriction of Operations within the Bounds of a Memory Buffer
#4 350 200 Information Exposure
#5 248 264 Permissions, Privileges, and Access Controls
#6 220 284 Improper Access Control
#7 170 89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
#8 110 399 Resource Management Errors
#9 105 352 Cross-Site Request Forgery (CSRF)
#10 99 125 Out-of-bounds Read