2024
Vulnerability Stats

40,187 vulnerabilities were published in 2024.

This marks an increase of 39% compared to 2023.

Vulnerabilities published in 2024: 40,187
Avg. new vulnerabilities each day!: 110
Increase in vulnerabilities YoY: 39%

The vulnerability statistics page is updated daily and is designed to be easily screenshotable and shareable.

2024
Vulnerability Breakdown

CRITICAL: 3,161
HIGH: 10,449
MEDIUM: 14,724
LOW: 990

Plus 10,855 vulnerabilities yet to be given a severity rating.

2024 Vulnerability Severity By Month

110

New vulnerabilities every day in 2024

Each day your organisation needs to check and patch 110 vulnerability.

Across 1000's of devices!

Vulnerabilities Trending in 2024

Top 10 Trending Vulnerabilities for 2024

Malicious Code Discovered in xz Upstream Tarbal...

CVE-2024-3094

Red HatXz👾10CRITICAL

Palo Alto Networks PAN-OS Command Injection Vul...

CVE-2024-3400

Palo Alto NetworksPan-os👾🟣10CRITICAL

Signal Handler Race Condition in OpenSSH's Server

CVE-2024-6387

Red HatRed Hat Enterprise Lin...👾8.1HIGH

Windows TCP/IP Remote Code Execution Vulnerability

CVE-2024-38063

MicrosoftWindows 10 Version 1809👾9.8CRITICAL

Check Point Security Gateways Vulnerability All...

CVE-2024-24919

CheckpointCheck Point Quantum Ga...👾🟣8.6HIGH

MSHTML Platform Spoofing Vulnerability

CVE-2024-38112

MicrosoftWindows 10 Version 22h2👾7.5HIGH

Remote Code Execution Vulnerability Affects Mic...

CVE-2024-21413

MicrosoftMicrosoft Office 2019👾9.8CRITICAL

VMware ESXi Authentication Bypass Vulnerability

CVE-2024-37085

VMwareVmware Esxi👾7.2HIGH

Apple Fixes Memory Handling Issue in iOS 17.5, ...

CVE-2024-27804

AppleiOS And iPad OS👾5.5MEDIUM

Newly Discovered Vulnerability Allows Attackers...

CVE-2024-21412

MicrosoftWindows 11 Version 21h2👾8.1HIGH

Pareto Principle
The 80/20 Rule

The Pareto principle states that for many outcomes, roughly 80% of consequences come from 20% of causes.

In the world of Vulnerability Management, only a small amount of CVEs introduce the majority of risk.

Tracking CVEs that generate vibrant conversation gives us a tool to reliability identify the most important vulnerabilities.

2015 - 2024 Vulnerability Severity By Year

2015

2016

-1%

2017

127%

2018

13%

2019

2020

2021

10%

2022

24%

2023

15%

2024

More Vulnerabilities

Means more Exploits

Which means more Ransomware

Exploits are HOT 🔥

So far 2024 has given us allot to think about.

42 Days

Average exploit development time in 2024

The time taken for a vulnerability being published to it being exploited.

3,945 Exploited

Vulnerabilities Exploited

3,945 of the 40,187 vulnerabilities published in 2024 have been exploited.

2,882 Zerodays

Zeroday

A vulnerability which is exploited before Mitre or NVD published its existance.

Only a Small Number of Vulnerabilities are Exploited

Vulnerability Arrivals 📆

Vulnerabilities are not published in a predictable way. Every day is a vulnerable day 🤨

Vulnerability Published Matrix for 2024

Vulnerability Published Matrix for 2023

Vendor Breakdown

Wonder if your vendors are doing a good job? 🤔

Vulnerability Weighted Impact by Vendors

Impact is the sum of the CVSSv3 base score for all vulnerabilities by vendor.

Linux

2184 Vulnerabilities

6 Exploited 👾

Microsoft

1107 Vulnerabilities

88 Exploited 👾

Adobe

735 Vulnerabilities

5 Exploited 👾

Apple

578 Vulnerabilities

23 Exploited 👾

Google

538 Vulnerabilities

29 Exploited 👾

IBM

480 Vulnerabilities

4 Exploited 👾

Oracle

352 Vulnerabilities

5 Exploited 👾

Cisco

326 Vulnerabilities

101 Exploited 👾

D-Link

308 Vulnerabilities

74 Exploited 👾

Siemens

292 Vulnerabilities

2024Vulnerability Stats

2024 Vulnerability Breakdown