📊 Vendor Security Scorecards

How do software vendors compare on security? Scores based on CVE count, severity distribution, and historical data.

⚠️ Note: More CVEs doesn't always mean less secure - popular software gets more scrutiny. Use these scores as one data point, not the final word.

Sort by:
#1

Scshr

B
67/100
Total CVEs 6
Avg CVSS 8.3
2 Crit 4 High 0 Med 0 Low
View All CVEs →
#2

Google

B
63/100
Total CVEs 9
Avg CVSS 7.3
1 Crit 9 High 6 Med 0 Low
View All CVEs →
#3

Mediatek

D
33/100
Total CVEs 12
Avg CVSS 7.6
1 Crit 30 High 0 Med 0 Low
View All CVEs →

📐 Methodology

Security scores are calculated based on:

  • Critical CVEs: Weighted 10x
  • High CVEs: Weighted 5x
  • Medium CVEs: Weighted 2x
  • Low CVEs: Weighted 1x

Scores are normalized by total CVE count so larger vendors aren't unfairly penalized. A vendor with 1000 CVEs and 10 critical isn't necessarily worse than one with 10 CVEs and 2 critical.

Grades: A (80-100), B (60-79), C (40-59), D (20-39), F (0-19)