| Year | CVEs |
|---|---|
| 2019 | 835 |
| 2018 | 672 |
| 2017 | 698 |
| 2016 | 491 |
| 2015 | 568 |
| 2014 | 374 |
| 2013 | 345 |
| 2012 | 172 |
| 2011 | 253 |
| 2010 | 317 |
| Month-Year | CVEs |
|---|---|
| 12-2019 | 29 |
| 11-2019 | 70 |
| 10-2019 | 56 |
| 09-2019 | 81 |
| 08-2019 | 88 |
| 07-2019 | 78 |
| 06-2019 | 88 |
| 05-2019 | 80 |
| 04-2019 | 136 |
| 03-2019 | 77 |
| 02-2019 | 0 |
| 01-2019 | 52 |
| CVSS Range | CVEs |
|---|---|
| CVSS < 3 | 85 |
| 3 < CVSS <= 5 | 261 |
| 5 < CVSS <= 7.5 | 202 |
| CVSS > 7.5 | 287 |
| Vector | CVEs |
|---|---|
| NETWORK | 560 |
| LOCAL | 250 |
| ADJACENT_NETWORK | 25 |
| Complexity | CVEs |
|---|---|
| LOW | 367 |
| MEDIUM | 343 |
| HIGH | 125 |
| Authentication | CVEs |
|---|---|
| NONE | 722 |
| SINGLE_INSTANCE | 98 |
| SINGLE | 15 |
| MULTIPLE_INSTANCES | 0 |
| Confidentiality | CVEs |
|---|---|
| COMPLETE | 385 |
| PARTIAL | 316 |
| NONE | 134 |
| Integrity | CVEs |
|---|---|
| COMPLETE | 386 |
| NONE | 238 |
| PARTIAL | 211 |
| Availability | CVEs |
|---|---|
| COMPLETE | 420 |
| NONE | 275 |
| PARTIAL | 140 |
| # | CVEs | CWE ID | CWE Name |
|---|---|---|---|
| #1 | 245 | 119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
| #2 | 140 | 200 | Information Exposure |
| #3 | 117 | 264 | Permissions, Privileges, and Access Controls |
| #4 | 85 | 20 | Improper Input Validation |
| #5 | 33 | 79 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| #6 | 29 | 269 | Improper Privilege Management |
| #7 | 22 | 254 | Security Features |
| #8 | 16 | 19 | Data Handling |
| #9 | 9 | 611 | Improper Restriction of XML External Entity Reference ('XXE') |
| #10 | 6 | 284 | Improper Access Control |
