CVEs from 2016

8,525 normalized CVEs published or assigned in this year.

Total

8,525

critical

critical 1,164

high

high 3,521

medium

medium 3,172

low

low 249

% Critical

13.7%

% with KEV

0.7%

% with exploit

0.9%

Top vendors

ibm 8,189
phpmyadmin 3,382
adobe 2,178
oracle 2,153
f5 2,099
cisco 1,937
php 1,749
apache 1,560

Top products

phpmyadmin 3,382
php 1,748
squid 1,549
samba 1,093
drupal 868
firefox 757
moodle 700
openssl 664

Top packages

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2016-3088	unknown	—	2.5	4y ago	Improper Input Validation in Apache ActiveMQ
CVE-2016-4437	unknown	—	1.5	4y ago	Improper Access Control in Apache Shiro
CVE-2016-8735	unknown	—	1.5	4y ago	Apache Tomcat Improper Access Control vulnerability