Top 10 statistics for 2017

2017 Top Vendors

# Vendor CVE(s)
#1 Google 703
#2 Oracle 681
#3 Ibm 539
#4 Microsoft 505
#5 Apple 417
#6 Linux 373
#7 Cisco 339
#8 Imagemagick 322
#9 Adobe 257
#10 Gnu 143

2017 Top Products

# Product Vendor CVE(s)
#1 Android Google 616
#2 Linux kernel Linux 372
#3 Imagemagick Imagemagick 322
#4 Iphone os Apple 290
#5 Mac os x Apple 210
#6 Windows 10 Microsoft 203
#7 Windows server 2008 Microsoft 192
#8 Windows server 2016 Microsoft 191
#9 Windows server 2012 Microsoft 183
#10 Windows 7 Microsoft 179

2017 Top CWE

# CVEs ID CWE Name
#1 1825 119 Improper Restriction of Operations within the Bounds of a Memory Buffer
#2 1096 284 Improper Access Control
#3 999 79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
#4 950 200 Information Exposure
#5 899 264 Permissions, Privileges, and Access Controls
#6 662 20 Improper Input Validation
#7 321 125 Out-of-bounds Read
#8 308 399 Resource Management Errors
#9 252 89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
#10 236 476 NULL Pointer Dereference