CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Mozilla : Vulnerability Statistics

Vulnerability Feeds & Widgets

Vulnerability Trends Over Time

Year # of Vulnerabilities DoS Code Execution Overflow Memory Corruption Sql Injection XSS Directory Traversal Http Response Splitting Bypass something Gain Information Gain Privileges CSRF File Inclusion # of exploits
2000 2 1 2
2001 10 2 1 1 1 2 2
2002 30 3 6 3 2 3 1 2 1
2003 13 2 2 2 2
2004 59 7 8 6 3 2 1 1 2 1
2005 93 13 27 8 1 3 7 2 1
2006 122 42 56 17 13 1 14 8 3 4 1
2007 88 17 24 6 8 17 3 13 8 1 1
2008 100 34 34 11 11 12 5 20 9 1 2
2009 143 67 60 10 37 2 11 11 8 6 11
2010 122 41 62 23 27 12 1 9 14 2 9
2011 116 48 60 17 32 8 1 2 13 15 5 2
2012 203 90 124 46 78 25 14 16 4 5
2013 160 71 96 37 48 14 13 11 10 3
2014 82 38 41 13 19 4 2 15 8 2 2
Total 1343 476 603 199 274 9 128 12 3 127 98 32 21 23
% Of All 35.4 44.9 14.8 20.4 0.7 9.5 0.9 0.2 9.5 7.3 2.4 1.6 0.0

Warning : Vulnerabilities with publish dates before 1999 are not included in this table and chart. (Because there are not many of them and they make the page look bad; and they may not be actually published in those years.)

Vulnerabilities By Year
2
10
30
13
59
93
122
88
100
143
122
116
203
160
82
  2000 2
2001 10
2002 30
2003 13
2004 59
2005 93
2006 122
2007 88
2008 100
2009 143
2010 122
2011 116
2012 203
2013 160
2014 82
Vulnerabilities By Type
476
603
9
128
127
32
199
98
12
274
21
3
  Denial of Service 476
Execute Code 603
Sql Injection 9
XSS 128
Bypass Something 127
Gain Privilege 32
Overflow 199
Gain Information 98
Directory Traversal 12
Memory Corruption 274
CSRF 21
Http Response Splitting 3

Click on legend names to show/hide lines for vulnerability types
If you can't see MS Office style charts above then it's time to upgrade your browser!
P.S: Charts may not be displayed properly especially if there are only a few data points. Consider donating for a better but non-free chart library which would allow a lot more options and flexibility.

This page lists vulnerability statistics for all products of Mozilla. Vulnerability statistics provide a quick overview for security vulnerabilities related to software products of this vendor. You can view products of this vendor or security vulnerabilities related to products of Mozilla.

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.