CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft : Vulnerability Statistics

Vulnerability Feeds & Widgets

Vulnerability Trends Over Time

Year # of Vulnerabilities DoS Code Execution Overflow Memory Corruption Sql Injection XSS Directory Traversal Http Response Splitting Bypass something Gain Information Gain Privileges CSRF File Inclusion # of exploits
1999 172 42 26 18 7 7 7
2000 143 42 21 16 2 8 2 6
2001 172 67 38 24 3 1 5 4 12
2002 242 57 67 54 3 15 1 25 8 12
2003 104 28 47 40 1 1 7 3 10 4 4
2004 148 36 58 34 1 3 6 21 4 4 1
2005 162 46 66 37 10 8 9 8 7
2006 260 81 141 79 44 6 1 11 11 8 4
2007 202 54 93 52 30 13 2 1 10 8 13
2008 198 40 122 44 40 13 2 12 9 11 14
2009 181 37 98 47 41 3 1 7 9 18 10
2010 248 52 144 61 50 14 6 8 44 1 22
2011 203 42 71 36 33 12 1 4 9 80 4
2012 133 15 63 21 19 13 10 6 32
2013 307 123 174 120 110 10 2 14 18 75 6
2014 346 243 260 196 226 10 20 18 24 14
2015 514 209 296 156 227 31 1 63 59 90 1 1
2016 479 120 223 178 166 15 48 79 103
2017 496 55 154 109 65 19 32 162 24 1
2018 583 32 211 13 98 53 1 53 52 8 2
2019 759 49 265 8 79 47 2 31 82 5 3 1
2020 1220 46 290 175 56 76 33 127 75 1
2021 693 44 249 6 5 1 6 1 45 38
Total 7965 1560 3177 1524 1301 5 379 24 2 484 732 662 9 1 76
% Of All 19.6 39.9 19.1 16.3 0.1 4.8 0.3 0.0 6.1 9.2 8.3 0.1 0.0

Warning : Vulnerabilities with publish dates before 1999 are not included in this table and chart. (Because there are not many of them and they make the page look bad; and they may not be actually published in those years.)

Vulnerabilities By Year
172
143
172
242
104
148
162
260
202
198
181
248
203
133
307
346
514
479
496
583
759
1220
693
  1999 172
2000 143
2001 172
2002 242
2003 104
2004 148
2005 162
2006 260
2007 202
2008 198
2009 181
2010 248
2011 203
2012 133
2013 307
2014 346
2015 514
2016 479
2017 496
2018 583
2019 759
2020 1220
2021 693
Vulnerabilities By Type
1560
3177
1524
484
732
662
379
24
5
1301
2
9
1
  Denial of Service 1560
Execute Code 3177
Overflow 1524
Bypass Something 484
Gain Information 732
Gain Privilege 662
XSS 379
Directory Traversal 24
Sql Injection 5
Memory Corruption 1301
Http Response Splitting 2
CSRF 9
File Inclusion 1

Click on legend names to show/hide lines for vulnerability types
If you can't see MS Office style charts above then it's time to upgrade your browser!
P.S: Charts may not be displayed properly especially if there are only a few data points.

This page lists vulnerability statistics for all products of Microsoft. Vulnerability statistics provide a quick overview for security vulnerabilities related to software products of this vendor. You can view products of this vendor or security vulnerabilities related to products of Microsoft.

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.