We at Kaspersky continuously monitor the evolving cyberthreat landscape to ensure we respond promptly to emerging threats, equipping our products with detection logic and technology. Software vulnerabilities that threat actors can exploit or are already actively exploiting are a critical component of that landscape. In this report, we present a series of insightful statistical and analytical snapshots relating to the trends in the emergence of new vulnerabilities and exploits, as well as the most prevalent vulnerabilities being used by attackers. Additionally, we take a close look at several noteworthy vulnerabilities discovered in Q1 2024.
Statistics on registered vulnerabilities
To facilitate the management of vulnerabilities, vendors can register these and assign CVE identifiers. All identifiers and related public information are published on https://cve.mitre.org (at the time of writing, the site is in the process of migrating to a new domain, https://www.cve.org/). Although vendors often fail to register vulnerabilities, and the CVE list cannot be considered exhaustive, it does allow us to track certain trends. We analyzed data on registered software vulnerabilities and compared their quantities over the past five years.
The number of newly registered CVEs, 2019 — 2024. The decline in 2024 is due to data being available for Q1 only (download)
As the chart illustrates, the number of new vulnerabilities has been steadily increasing year over year. This can be attributed to several factors.
Firstly, the growing popularity of bug bounty platforms and vulnerability discovery competitions have provided a major impetus to research in the field. As a ..
Support the originator by clicking the read the rest link below.
