Top 10 statistics for 2018

2018 Top Vendors

# Vendor CVE(s)
#1 Oracle 165
#2 Google 76
#3 Microsoft 60
#4 Ibm 56
#5 Debian 36
#6 Jenkins 35
#7 Cisco 28
#8 Tp-link 25
#9 Atlassian 19
#10 Netgain-systems 18

2018 Top CWE

# CVEs ID CWE Name
#1 206 79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
#2 139 284 Improper Access Control
#3 110 20 Improper Input Validation
#4 105 119 Improper Restriction of Operations within the Bounds of a Memory Buffer
#5 66 264 Permissions, Privileges, and Access Controls
#6 51 89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
#7 39 399 Resource Management Errors
#8 37 77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
#9 34 352 Cross-Site Request Forgery (CSRF)