As of August 2024, internet users worldwide discovered around ****** new common IT security vulnerabilities and exposures (CVEs). The highest reported annual figure was recorded in 2023, over ******. Global ransomware threats In the past couple of years, ransomware has become more prominent, becoming the most frequently reported type of cyberattack worldwide in 2023. Additionally, ** percent of organizations worldwide reported experiencing one to three ransomware infections. Among researched markets, France and South Africa were impacted the most. Costly and efficient ransomware families, such as StopCrypt and LockBit, ranked first by detections globally. Additionally, the 2017 WannaCry attack still holds the record as the most impactful ransomware event, causing an estimated **** billion U.S. dollars in damages. Manufacturing and ransomware Manufacturing remains one of the most targeted industries for cyberattacks. In 2023, it was the most vulnerable sector globally to ransomware, experiencing approximately *** incidents worldwide. These attacks were especially prevalent in industrial organizations in North America. Additionally, malware and network or application anomalies were among the most common types of cyber incidents affecting manufacturing organizations.

Business Context: We are in a time where businesses are more digitally advanced than ever, and as technology improves, organizations’ security postures must be enhanced as well. Failure to do so could result in a costly data breach, as we’ve seen happen with many businesses. The cybercrime landscape has evolved, and threat actors are going after any type of organization, so in order to protect your business’s data, money and reputation, it is critical that you invest in an advanced security system. Cyber security can be described as the collective methods, technologies, and processes to help protect the confidentiality, integrity, and availability of computer systems, networks and data, against cyber-attacks or unauthorized access. a. Information Security vs. Cyber Security vs. Network Security: Information security (also known as InfoSec) ensures that both physical and digital data is protected from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction. Information security differs from cyber security in that InfoSec aims to keep data in any form secure, whereas cyber security protects only digital data. Cyber security, a subset of information security, is the practice of defending your organization’s networks, computers and data from unauthorized digital access, attack or damage by implementing various processes, technologies and practices. With the countless sophisticated threat actors targeting all types of organizations, it is critical that your IT infrastructure is secured at all times to prevent a full-scale attack on your network and risk exposing your company’ data and reputation. Network security, a subset of cyber security, aims to protect any data that is being sent through devices in your network to ensure that the information is not changed or intercepted. The role of network security is to protect the organization’s IT infrastructure from all types of cyber threats including: Viruses, worms and Trojan horses a. Zero-day attacks b. Hacker attacks c. Denial of service attacks d. Spyware and adware Your network security team implements the hardware and software necessary to guard your security architecture. With the proper network security in place, your system can detect emerging threats before they infiltrate your network and compromise your data. There are many components to a network security system that work together to improve your security posture. The most common network security components include: a. Firewalls b. Anti-virus software c. Intrusion detection and prevention systems (IDS/IPS) d. Virtual private networks (VPN) Network Intrusions vs. Computer intrusions vs. Cyber Attacks 1. Computer Intrusions: Computer intrusions occur when someone tries to gain access to any part of your computer system. Computer intruders or hackers typically use automated computer programs when they try to compromise a computer’s security. There are several ways an intruder can try to gain access to your computer. They can Access your a. Computer to view, change, or delete information on your computer, b. Crash or slow down your computer c. Access your private data by examining the files on your system d. Use your computer to access other computers on the Internet. 2. Network Intrusions: A network intrusion refers to any unauthorized activity on a digital network. Network intrusions often involve stealing valuable network resources and almost always jeopardize the security of networks and/or their data. In order to proactively detect and respond to network intrusions, organizations and their cyber security teams need to have a thorough understanding of how network intrusions work and implement network intrusion, detection, and response systems that are designed with attack techniques and cover-up methods in mind. Network Intrusion Attack Techniques: Given the amount of normal activity constantly taking place on digital networks, it can be very difficult to pinpoint anomalies that could indicate a network intrusion has occurred. Below are some of the most common network intrusion attack techniques that organizations should continually look for: Living Off the Land: Attackers increasingly use existing tools and processes and stolen credentials when compromising networks. These tools like operating system utilities, business productivity software and scripting languages are clearly not malware and have very legitimate usage as well. In fact, in most cases, the vast majority of the usage is business justified, allowing an attacker to blend in. Multi-Routing: If a network allows for asymmetric routing, attackers will often leverage multiple routes to access the targeted device or network. This allows them to avoid being detected by having a large portion of suspicious packets bypass certain network segments and any relevant network intrusion systems. Buffer Overwrit...

CVEfixes is a comprehensive vulnerability dataset that is automatically collected and curated from Common Vulnerabilities and Exposures (CVE) records in the public U.S. National Vulnerability Database (NVD). The goal is to support data-driven security research based on source code and source code metrics related to fixes for CVEs in the NVD by providing detailed information at different interlinked levels of abstraction, such as the commit-, file-, and method level, as well as the repository- and CVE level.

At the initial release, the dataset covers all published CVEs up to 9 June 2021. All open-source projects that were reported in CVE records in the NVD in this time frame and had publicly available git repositories were fetched and considered for the construction of this vulnerability dataset. The dataset is organized as a relational database and covers 5495 vulnerability fixing commits in 1754 open source projects for a total of 5365 CVEs in 180 different Common Weakness Enumeration (CWE) types. The dataset includes the source code before and after fixing of 18249 files, and 50322 functions.

This repository includes the SQL dump of the dataset, as well as the JSON for the CVEs and XML of the CWEs at the time of collection. The complete process has been documented in the paper "CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software", which is published in the Proceedings of the 17th International Conference on Predictive Models and Data Analytics in Software Engineering (PROMISE '21). You will find a copy of the paper in the Doc folder.

Citation and Zenodo links

Please cite this work by referring to the published paper:

• Guru Bhandari, Amara Naseer, and Leon Moonen. 2021. CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software. In Proceedings of the 17th International Conference on Predictive Models and Data Analytics in Software Engineering (PROMISE '21). ACM, 10 pages. https://doi.org/10.1145/3475960.3475985

@inproceedings{bhandari2021:cvefixes,
  title = {{CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software}},
  booktitle = {{Proceedings of the 17th International Conference on Predictive Models and Data Analytics in Software Engineering (PROMISE '21)}},
  author = {Bhandari, Guru and Naseer, Amara and Moonen, Leon},
  year = {2021},
  pages = {10},
  publisher = {{ACM}},
  doi = {10.1145/3475960.3475985},
  copyright = {Open Access},
  isbn = {978-1-4503-8680-7},
  language = {en}
}

The dataset has been released on Zenodo with DOI:10.5281/zenodo.4476563. The GitHub repository containing the code to automatically collect the dataset can be found at https://github.com/secureIT-project/CVEfixes, released with DOI:10.5281/zenodo.5111494.

Introduction

Endpoint Security Statistics: In today’s digital landscape, endpoint security has become a vital component of organizational cybersecurity. As businesses adopt hybrid work arrangements and expand their digital networks, protecting a growing range of connected devices has become increasingly essential. Laptops, smartphones, tablets, and IoT devices have become frequent targets for advanced cyberattacks, including ransomware, phishing, and zero-day exploits.

The increasing complexity of these threats has compelled organizations to enhance their endpoint security measures by adopting advanced technologies, such as AI-driven threat detection, behavioural monitoring, and continuous real-time surveillance. These sophisticated solutions aim to reduce exposure to risks, safeguard critical data, and ensure seamless business operations in the face of constantly evolving cyber threats.

raw_C.csv Raw (it may includes comments) source code in C. Attributes: cwe_id name: method name repo_name: repository name repo_url: repository url old_path file_change_id: used as a key in SQLite method_change_id: used as a key in SQLite code: source code before_change: indicates whether the code is vulnerable (1) or not (0)

In our work, we have designed and implemented a novel workflow with several heuristic methods to combine state-of-the-art methods related to CVE fix commits gathering. As a consequence of our improvements, we have been able to gather the largest programming language-independent real-world dataset of CVE vulnerabilities with the associated fix commits. Our dataset containing 29,203 unique CVEs coming from 7,238 unique GitHub projects is, to the best of our knowledge, by far the biggest CVE vulnerability dataset with fix commits available today. These CVEs are associated with 35,276 unique commits as sql and 39,931 patch commit files that fixed those vulnerabilities(some patch files can't be saved as sql due to several techincal reasons) Our larger dataset thus substantially improves over the current real-world vulnerability datasets and enables further progress in research on vulnerability detection and software security. We used NVD(nvd.nist.gov) and Github Secuirty advisory Database as the main sources of our pipeline.

We release to the community a 16GB PostgreSQL database that contains information on CVEs up to 2024-09-26, CWEs of each CVE, files and methods changed by each commit, and repository metadata. Additionally, patch files related to the fix commits are available as a separate package. Furthermore, we make our dataset collection tool also available to the community.

cvedataset-patches.zip file contains fix patches, and postgrescvedumper.sql.zip contains a postgtesql dump of fixes, together with several other fields such as CVEs, CWEs, repository meta-data, commit data, file changes, method changed, etc.

MoreFixes data-storage strategy is based on CVEFixes to store CVE commits fixes from open-source repositories, and uses a modified version of Porspector(part of ProjectKB from SAP) as a module to detect commit fixes of a CVE. Our full methodology is presented in the paper, with the title of "MoreFixes: A Large-Scale Dataset of CVE Fix Commits Mined through Enhanced Repository Discovery", which will be published in the Promise conference (2024).

For more information about usage and sample queries, visit the Github repository: https://github.com/JafarAkhondali/Morefixes

If you are using this dataset, please be aware that the repositories that we mined contain different licenses and you are responsible to handle any licesnsing issues. This is also the similar case with CVEFixes.

This product uses the NVD API but is not endorsed or certified by the NVD.

This research was partially supported by the Dutch Research Council (NWO) under the project NWA.1215.18.008 Cyber Security by Integrated Design (C-SIDe).

To restore the dataset, you can use the docker-compose file available at the gitub repository. Dataset default credentials after restoring dump:

POSTGRES_USER=postgrescvedumper POSTGRES_DB=postgrescvedumper POSTGRES_PASSWORD=a42a18537d74c3b7e584c769152c3d

Please use this for citation:

 title={MoreFixes: A large-scale dataset of CVE fix commits mined through enhanced repository discovery},
 author={Akhoundali, Jafar and Nouri, Sajad Rahim and Rietveld, Kristian and Gadyatskaya, Olga},
 booktitle={Proceedings of the 20th International Conference on Predictive Models and Data Analytics in Software Engineering},
 pages={42--51},
 year={2024}
}

This data package contains supplemental material data for the under review TSE submission: A Socio-technical Perspective on Software Vulnerabilities: A Causal Analysis. The restricted access requirement will be lifted upon approval of the manuscript.

The comprehensive explanation of this dataset can be found at: https://sailuh.github.io/causal_commit_flow_docs

The following briefly describes the contents of the folders. The analysis presented in the manuscript requires the following:

Git Log

Mailing List

Software Vulnerabilities (NVD Feed)

This data is provided to a mining software repository tool, Kaiaulu. The data specifications and configuration parameters are defined in the OpenSSL project configuration file (.yml), also included in this package.

An R notebook in Kaiaulu, taking the dataset above + project configuration file, can then perform the first analysis step:

https://github.com/sailuh/kaiaulu/blob/master/vignettes/issue_social_smell_showcase.Rmd

The file 1_openssl_social_smells_timeline.csv is generated as an output of this R Notebook, and included in the causal_model folder of this package. The following files in this folder numbered 2 through 16, describe transformation steps using Excel, Python scripts, and Tetrad (also an open source tool). These are described conceptually in the manuscript, but in more detail in the comprehensive explanation of this dataset linked at the start.

This dataset combines vulnerability data from three key sources:

NVD (National Vulnerability Database): Contains a comprehensive list of publicly known vulnerabilities, including CVE IDs, descriptions, CVSS scores (both v2 and v3), and publication dates. Data includes detailed information on attack vectors, complexity, privileges required, and impact scores.

CISA (Cybersecurity and Infrastructure Security Agency): Includes a curated list of actively exploited vulnerabilities, highlighting those requiring immediate attention. This provides crucial context for prioritizing remediation efforts.

Cyentia EPSS: Provides a numerical score (EPSS) reflecting the likelihood of a vulnerability being actively exploited in the wild.

The dataset is designed for advanced vulnerability analysis. The integrated nature of these data sources enables security professionals and researchers to build models for vulnerability prediction and risk assessment, facilitate more effective security planning, and potentially correlate vulnerability characteristics with exploit activity. The dataset is provided as a CSV file, with appropriate data types assigned to each column for optimal processing in analytical tools like Pandas.

Data is updated automatically every day.

Online appendix of the paper entitled: "The Secret Life of Software Vulnerabilities: A Large-Scale Empirical Study". It contains all scripts and data required to replicate the four research questions of the study.

Abstract: Software vulnerabilities are weaknesses in source code that can be potentially exploited to cause loss or harm. While researchers have been devising a number of methods to deal with vulnerabilities, there is still a noticeable lack of knowledge on their software engineering life cycle, for example how vulnerabilities are introduced and removed by developers. This information can be exploited to design more effective methods for vulnerability prevention and detection, as well as to understand the granularity that these methods should aim at. To investigate the life cycle of software vulnerabilities, we focus on how, when, and under which circumstances vulnerabilities are introduced in software projects, as well as whether, after how long, and how they are removed. We consider 4,097 vulnerabilities with public patches from the National Vulnerability Database—pertaining to 1,163 open-source software projects on GITHUB—and define a six-step process that involves both automated parts (e.g., using the SZZ algorithm to find the vulnerability-inducing commits) and manual analyses (e.g., how vulnerabilities were fixed). The investigated vulnerabilities can be classified in 148 categories, take on average 4.19 commits before being introduced, and remain unfixed for a median of 1,506.50 commits and 691.50 days. Most of them are introduced by developers with high workload, often when doing maintenance activities, and removed with mostly with the addition of new source code aiming at implementing further checks on inputs. We conclude by distilling practical implications on when and how vulnerability detectors should work to better assist developers in early detecting these issues.

Data breaches cost companies considerably less had they deployed security automation. In 2024, a data breach cost an organization that extensively used security automation 3.84 million U.S. dollars on average, compared to 5.72 million U.S. dollars on average for an organization with no such deployment.

Introduction

Cyber Security Statistics: Cybersecurity has become a top priority for organizations worldwide, driven by the escalating volume and complexity of cyber threats. As businesses increasingly adopt digital technologies, the risk of cyberattacks, such as data breaches, ransomware, and phishing, has risen, creating significant challenges for data privacy and security.

The increasing frequency of high-profile cyber incidents has exposed vulnerabilities in various sectors, prompting governments and organizations to enhance their cybersecurity measures. In response, emerging technologies such as artificial intelligence and machine learning are being integrated to enhance threat detection and response capabilities.

The following statistics offer a comprehensive overview of the cybersecurity landscape, shedding light on the trends, risks, and developments that are shaping this critical field.

Cybernative.ai Code Vulnerability and Security Dataset

  Dataset Description

The Cybernative.ai Code Vulnerability and Security Dataset is a dataset of synthetic Data Programming by Demonstration (DPO) pairs, focusing on the intricate relationship between secure and insecure code across a variety of programming languages. This dataset is meticulously crafted to serve as a pivotal resource for researchers, cybersecurity professionals, and AI developers who are keen on… See the full description on the dataset page: https://huggingface.co/datasets/CyberNative/Code_Vulnerability_Security_DPO.

The data contains the node ids and cascade structures from our paper 'Actionable signals for software vulnerability awareness revealed in multiple social platforms'. The data comes from three sources: Twitter, Reddit, and Github. It specifically deals with software vulnerabilities and contains data that mention CVE IDs.

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.

This dataset is for software vulnerability detection and includes source code in eight programming languages (C, C++, Java, JavaScript, Go, PHP, Ruby, Python). All data is collected from GitHub. data{programming language}_vul.json: a set of vulnerable code samples in a certain programming language. data{programming language}_patch.json: a set of patching code samples in a certain programming language. Each source code sample includes the following 16 properties: index: index of code. If is_vulnerable==False, this index indicates that this code is a patch of the indexing vulnerable code. code: raw source code (may include comments). is_vulnerable: the code is vulnerable (True) or a patch (False). programming_language: programming language of the code. method_name: name of the method. file_name: name of the file where the source code is extracted. repo_url: url of the project repository. repo_owner: owner of the repository. committer: developer who pushed the commit. committer_date: date when the commit was pushed. commit_msg: the commit message. cwe_id: If is_vulnerable==True, the CWE id; otherwise None. cwe_name: If is_vulnerable==True, the name of corresponding CWE; otherwise None. cwe_description: If is_vulnerable==True, the description of corresponding CWE; otherwise None. cwe_url: If is_vulnerable==True, the url to obtain more details of corresponding CWE; otherwise None. cve_id: If is_vulnerable==True, the CVE id; otherwise None.

The website vulnerability scanner market is booming, projected to reach $5980 million by 2033 with a CAGR of 12.1%. Discover key trends, regional insights, and growth drivers shaping this dynamic sector. Explore cloud-based vs. on-premises solutions and understand the impact of increasing cyber threats.

According to a survey of global IT security professionals in 2025, malware was the most concerning cyber threat targeting organizations, with a relative value of **** on a five-point scale. Account takeover/credential abuse attacks ranked second, while phishing attacks followed.

The global Software Risk Analysis market is poised for substantial expansion, projected to reach approximately $15,500 million by 2025, with a compelling Compound Annual Growth Rate (CAGR) of around 18% through 2033. This robust growth is fueled by a confluence of escalating cybersecurity threats, stringent regulatory compliance demands, and the increasing complexity of software development lifecycles. Organizations are recognizing that proactive identification and mitigation of software vulnerabilities are no longer optional but essential for safeguarding sensitive data, maintaining customer trust, and ensuring business continuity. The market's expansion is further driven by the widespread adoption of DevOps and Agile methodologies, which necessitate continuous security integration throughout the development process. This shift has propelled the demand for advanced Static Code Analysis and Code Review tools, empowering developers to detect and resolve flaws early, thereby reducing the costly impact of security breaches. The market is characterized by a dynamic interplay of key drivers and restraints. Primary drivers include the surge in sophisticated cyberattacks targeting software supply chains and applications, coupled with evolving data privacy regulations such as GDPR and CCPA, which mandate robust security measures. The growing adoption of cloud-native architectures and microservices also presents new avenues for risk, necessitating specialized analysis tools. However, the market faces certain restraints, including the initial cost of implementing comprehensive software risk analysis solutions and the potential shortage of skilled cybersecurity professionals capable of effectively utilizing these advanced tools. Despite these challenges, the undeniable need for enhanced software security and compliance is expected to outweigh these limitations, propelling sustained market growth. The dominant segments include Static Analysis Tools and Vulnerability Scanning Tools, which form the bedrock of modern application security testing. Here is a unique report description on Software Risk Analysis, incorporating your specified elements:

This comprehensive market intelligence report delves into the dynamic world of Software Risk Analysis, providing an in-depth examination of market dynamics, trends, and future projections. The study covers the Historical Period (2019-2024) and extends to the Forecast Period (2025-2033), with 2025 serving as both the Base Year and Estimated Year. We project a robust market valuation, with the global Software Risk Analysis market expected to reach an estimated value of over $50,000 million by 2033, demonstrating a significant compound annual growth rate (CAGR). This report is designed for stakeholders seeking to understand the critical factors shaping software security investments and strategic decision-making.

During the third quarter of 2025, data breaches exposed more than ** million records worldwide. Since the first quarter of 2020, the highest number of data records were exposed in the third quarter of ****, more than **** billion data sets. Data breaches remain among the biggest concerns of company leaders worldwide. The most common causes of sensitive information loss were operating system vulnerabilities on endpoint devices. Which industries see the most data breaches? Meanwhile, certain conditions make some industry sectors more prone to data breaches than others. According to the latest observations, the public administration experienced the highest number of data breaches between 2021 and 2022. The industry saw *** reported data breach incidents with confirmed data loss. The second were financial institutions, with *** data breach cases, followed by healthcare providers. Data breach cost Data breach incidents have various consequences, the most common impact being financial losses and business disruptions. As of 2023, the average data breach cost across businesses worldwide was **** million U.S. dollars. Meanwhile, a leaked data record cost about *** U.S. dollars. The United States saw the highest average breach cost globally, at **** million U.S. dollars.