2024
Vulnerability Stats
It's May 18 and 15,790 vulnerabilities have been published in 2024.
This marks an increase of 45% compared to this time last year.
The vulnerability statistics page is updated daily and is designed to be easily screenshotable and shareable.
2024
Vulnerability Breakdown
- CRITICAL
- 1,141
- HIGH
- 3,690
- MEDIUM
- 5,087
- LOW
- 483
Plus 5,388 vulnerabilities yet to be given a severity rating.
2024 Vulnerability Severity By Month
114
New vulnerabilities every day in 2024
Each day your organisation needs to check and patch 114 vulnerability.
Across 1000's of devices!
Vulnerabilities Trending in 2024
Top 10 Trending Vulnerabilities for 2024
Malicious Code Discovered in xz Upstream Tarbal...
Palo Alto Networks PAN-OS Command Injection Vul...
Remote Code Execution Vulnerability Affects Mic...
Apple Fixes Memory Handling Issue in iOS 17.5, ...
Newly Discovered Vulnerability Allows Attackers...
Arbitrary File Read Vulnerability in Jenkins CL...
Remote Authentication Bypass Vulnerability Affe...
Fortinet FortiOS Vulnerabilities Allow Unauthor...
Additional Permissions Checks Implemented to Pr...
Authentication Bypass in JetBrains TeamCity All...
Pareto Principle
The 80/20 Rule
The Pareto principle states that for many outcomes, roughly 80% of consequences come from 20% of causes.
In the world of Vulnerability Management, only a small amount of CVEs introduce the majority of risk.
Tracking CVEs that generate vibrant conversation gives us a tool to reliability identify the most important vulnerabilities.
2015 - 2024 Vulnerability Severity By Year
More Vulnerabilities
Means more Exploits
Which means more Ransomware
Exploits are HOT π₯
So far 2024 has given us allot to think about.
20 Days
Average exploit development time in 2024
The time taken for a vulnerability being published to it being exploited.
308 Exploits
Vulnerabilities Exploited
308 of the 15,790 vulnerabilities published in 2024 have been exploited.
72 Zerodays
Zeroday
A vulnerability which is exploited before Mitre or NVD published its existance.
Only a Small Number of Vulnerabilities are Exploited
Vulnerability Arrivals π
Vulnerabilities are not published in a predictable way. Every day is a vulnerable day π€¨
Vulnerability Published Matrix for 2024
Vulnerability Published Matrix for 2023
Vendor Breakdown
Wonder if your vendors are doing a good job? π€
Vulnerability Weighted Impact by Vendors
Impact is the sum of the CVSSv3 base score for all vulnerabilities by vendor.
Microsoft
413 Vulnerabilities
31 Exploited πΎ
IBM
227 Vulnerabilities
1 Exploited πΎ
Linux
178 Vulnerabilities
2 Exploited πΎ
Adobe
176 Vulnerabilities
3 Exploited πΎ
D-Link
170 Vulnerabilities
2 Exploited πΎ
Oracle
125 Vulnerabilities
2 Exploited πΎ
Siemens
124 Vulnerabilities
Intel
120 Vulnerabilities
Red Hat
111 Vulnerabilities
6 Exploited πΎ
Dell
108 Vulnerabilities