2024
Vulnerability Stats

JSON XML

It's May 18 and 15,790 vulnerabilities have been published in 2024.

This marks an increase of 45% compared to this time last year.

Vulnerabilities published in 2024: 15,790
Avg. new vulnerabilities each day!: 114
Increase in vulnerabilities YoY: 45%

The vulnerability statistics page is updated daily and is designed to be easily screenshotable and shareable.

2024
Vulnerability Breakdown

CRITICAL: 1,141
HIGH: 3,690
MEDIUM: 5,087
LOW: 483

Plus 5,388 vulnerabilities yet to be given a severity rating.

2024 Vulnerability Severity By Month

114

New vulnerabilities every day in 2024

Each day your organisation needs to check and patch 114 vulnerability.

Across 1000's of devices!

Vulnerabilities Trending in 2024

Top 10 Trending Vulnerabilities for 2024

Malicious Code Discovered in xz Upstream Tarbal...

CVE-2024-3094

Red HatXz👾10CRITICAL

Palo Alto Networks PAN-OS Command Injection Vul...

CVE-2024-3400

Palo Alto NetworksPan-os👾🟣10CRITICAL

Remote Code Execution Vulnerability Affects Mic...

CVE-2024-21413

MicrosoftMicrosoft Office 2019👾9.8CRITICAL

Apple Fixes Memory Handling Issue in iOS 17.5, ...

CVE-2024-27804

AppleiOS And iPad OS👾

Newly Discovered Vulnerability Allows Attackers...

CVE-2024-21412

MicrosoftWindows 11 Version 21h2👾8.1HIGH

Arbitrary File Read Vulnerability in Jenkins CL...

CVE-2024-23897

JenkinsJenkins👾🟣9.8CRITICAL

Remote Authentication Bypass Vulnerability Affe...

CVE-2023-46805

IvantiICS👾🟣8.2HIGH

Fortinet FortiOS Vulnerabilities Allow Unauthor...

CVE-2024-21762

FortinetFortiProxy👾9.8CRITICAL

Additional Permissions Checks Implemented to Pr...

CVE-2024-23204

AppleIos And iPad OS👾7.5HIGH

Authentication Bypass in JetBrains TeamCity All...

CVE-2024-27198

JetbrainsTeamcity👾🟣9.8CRITICAL

Pareto Principle
The 80/20 Rule

The Pareto principle states that for many outcomes, roughly 80% of consequences come from 20% of causes.

In the world of Vulnerability Management, only a small amount of CVEs introduce the majority of risk.

Tracking CVEs that generate vibrant conversation gives us a tool to reliability identify the most important vulnerabilities.

2015 - 2024 Vulnerability Severity By Year

2015

2016

-1%

2017

127%

2018

13%

2019

2020

2021

10%

2022

24%

2023

15%

2024

More Vulnerabilities

Means more Exploits

Which means more Ransomware

Exploits are HOT 🔥

So far 2024 has given us allot to think about.

20 Days

Average exploit development time in 2024

The time taken for a vulnerability being published to it being exploited.

308 Exploits

Vulnerabilities Exploited

308 of the 15,790 vulnerabilities published in 2024 have been exploited.

72 Zerodays

Zeroday

A vulnerability which is exploited before Mitre or NVD published its existance.

Only a Small Number of Vulnerabilities are Exploited

Vulnerability Arrivals 📆

Vulnerabilities are not published in a predictable way. Every day is a vulnerable day 🤨

Vulnerability Published Matrix for 2024

Vulnerability Published Matrix for 2023

Vendor Breakdown

Wonder if your vendors are doing a good job? 🤔

Vulnerability Weighted Impact by Vendors

Impact is the sum of the CVSSv3 base score for all vulnerabilities by vendor.

Microsoft

413 Vulnerabilities

31 Exploited 👾

IBM

227 Vulnerabilities

1 Exploited 👾

Linux

178 Vulnerabilities

2 Exploited 👾

Adobe

176 Vulnerabilities

3 Exploited 👾

D-Link

170 Vulnerabilities

2 Exploited 👾

Oracle

125 Vulnerabilities

2 Exploited 👾

Siemens

124 Vulnerabilities

Intel

120 Vulnerabilities

Red Hat

111 Vulnerabilities

6 Exploited 👾

Dell

108 Vulnerabilities

2024Vulnerability Stats

2024 Vulnerability Breakdown

2024 Vulnerability Severity By Month

Vulnerabilities Trending in 2024

Top 10 Trending Vulnerabilities for 2024

Malicious Code Discovered in xz Upstream Tarbal...

Palo Alto Networks PAN-OS Command Injection Vul...

Remote Code Execution Vulnerability Affects Mic...

Apple Fixes Memory Handling Issue in iOS 17.5, ...

Newly Discovered Vulnerability Allows Attackers...

Arbitrary File Read Vulnerability in Jenkins CL...

Remote Authentication Bypass Vulnerability Affe...

Fortinet FortiOS Vulnerabilities Allow Unauthor...

Additional Permissions Checks Implemented to Pr...

Authentication Bypass in JetBrains TeamCity All...

Pareto PrincipleThe 80/20 Rule

2015 - 2024 Vulnerability Severity By Year

Exploits are HOT 🔥

Vulnerability Arrivals 📆

Vulnerability Published Matrix for 2024

Vulnerability Published Matrix for 2023

Vendor Breakdown

Vulnerability Weighted Impact by Vendors

2024
Vulnerability Stats

2024
Vulnerability Breakdown

Pareto Principle
The 80/20 Rule