2024
Vulnerability Stats
It's December 21 and 39,455 vulnerabilities have been published in 2024.
This marks an increase of 40% compared to this time last year.
The vulnerability statistics page is updated daily and is designed to be easily screenshotable and shareable.
2024
Vulnerability Breakdown
- CRITICAL
- 3,135
- HIGH
- 10,286
- MEDIUM
- 14,412
- LOW
- 972
Plus 10,641 vulnerabilities yet to be given a severity rating.
2024 Vulnerability Severity By Month
111
New vulnerabilities every day in 2024
Each day your organisation needs to check and patch 111 vulnerability.
Across 1000's of devices!
Vulnerabilities Trending in 2024
Top 10 Trending Vulnerabilities for 2024
Malicious Code Discovered in xz Upstream Tarbal...
Palo Alto Networks PAN-OS Command Injection Vul...
Signal Handler Race Condition in OpenSSH's Server
Windows TCP/IP Remote Code Execution Vulnerability
Check Point Security Gateways Vulnerability All...
MSHTML Platform Spoofing Vulnerability
Remote Code Execution Vulnerability Affects Mic...
VMware ESXi Authentication Bypass Vulnerability
Apple Fixes Memory Handling Issue in iOS 17.5, ...
Newly Discovered Vulnerability Allows Attackers...
Pareto Principle
The 80/20 Rule
The Pareto principle states that for many outcomes, roughly 80% of consequences come from 20% of causes.
In the world of Vulnerability Management, only a small amount of CVEs introduce the majority of risk.
Tracking CVEs that generate vibrant conversation gives us a tool to reliability identify the most important vulnerabilities.
2015 - 2024 Vulnerability Severity By Year
More Vulnerabilities
Means more Exploits
Which means more Ransomware
Exploits are HOT ๐ฅ
So far 2024 has given us allot to think about.
41 Days
Average exploit development time in 2024
The time taken for a vulnerability being published to it being exploited.
1,298 Exploits
Vulnerabilities Exploited
1,298 of the 39,455 vulnerabilities published in 2024 have been exploited.
164 Zerodays
Zeroday
A vulnerability which is exploited before Mitre or NVD published its existance.
Only a Small Number of Vulnerabilities are Exploited
Vulnerability Arrivals ๐
Vulnerabilities are not published in a predictable way. Every day is a vulnerable day ๐คจ
Vulnerability Published Matrix for 2024
Vulnerability Published Matrix for 2023
Vendor Breakdown
Wonder if your vendors are doing a good job? ๐ค
Vulnerability Weighted Impact by Vendors
Impact is the sum of the CVSSv3 base score for all vulnerabilities by vendor.
Linux
1991 Vulnerabilities
6 Exploited ๐พ
Microsoft
1107 Vulnerabilities
87 Exploited ๐พ
Adobe
734 Vulnerabilities
4 Exploited ๐พ
Apple
577 Vulnerabilities
23 Exploited ๐พ
Google
508 Vulnerabilities
24 Exploited ๐พ
IBM
466 Vulnerabilities
4 Exploited ๐พ
Oracle
350 Vulnerabilities
4 Exploited ๐พ
Cisco
326 Vulnerabilities
255 Exploited ๐พ
D-Link
305 Vulnerabilities
6 Exploited ๐พ
Siemens
292 Vulnerabilities