1、2025 Flexera 1 FLEXERA 2024 Annual Software Vulnerability and Threat Intelligence Report Jeroen Braak Based on data from Secunia Research 2025 Flexera 2 Reuse We encourage the reuse of data,charts and text published in this report under the terms of this Creative Commons Attribution 4.0 Internationa

2、l License.You are free to share and make commercial use of this work as long as you attribute the Flexera 2024 Software Vulnerability and Threat Intelligence Report as stipulated in the terms of the license.2025 Flexera 3 Contents Reuse.2 Introduction.5 The anatomy of a security advisory.6 2024 summ

3、ary.7 Advisories breakdown.10 Compared to previous years.10 Filling the gaps vulnerability ratings and product context.12 Advisory criticality and attack vector.13 Advisories and impact(Consequence of exploited).14 Rejection advisories.15 Addressing awareness with vulnerability insights.17 Prevelanc

4、e.18 Asset sensitivity.17 Criticality.17 Threat intelligence.17 How do we know more insights/data is needed?.18 Take away 1.18 Take away 2.18 Vendor view.19 Top 25 vendors with most advisories.19 Top vendors with highest average threat score.20 Top vendors with zero-days.20 Product view.21 Products

5、with the most zero-days advisories reported*.21 Top 20 operating systems with most advisories.21 Browser-related advisories.22 Advisories per browser.22 Zero-day vulnerabilities.22 Browser attack vector.22 Networking-related advisories.23 Number of advisories per networking-related vendor.23 Average

6、 threat and CVSS score per networking-related vendor.23 Threat intelligence.24 2025 Flexera 4 SAIDs containing at least one CVE.24 Patching.25 Vendor patched vulnerabilities.26 SVM patch statistics.26 Updated patches per month in SVM.26 This years top 25 vendorpPatches(by vendor).27 Learn more.28 20