Top 10 Vulnerabilities



The Top 10 External and Top 10 Internal Vulnerabilities are dynamic lists of the most prevalent and critical security vulnerabilities in the real world. Based on the Laws of Vulnerabilities, this information is computed anonymously from over 1 billion IP audits per year. The Top 10 External Vulnerabilities are the most prevalent and critical vulnerabilities which have been identified on Internet facing systems. The Top 10 Internal Vulnerabilities show this information for systems and networks inside the firewall.


The two Top 10 lists exclude vulnerabilities that do not have patches, even if workarounds are available, because these lists are tools to help prioritize remediation.



Top 10 Internal Vulnerabilities: August 2013


TitleQualysIDExt. Reference
Oracle Java SE Critical Patch Update - April 2013
121061 Oracle Java SE CPU April 2013
EOL/Obsolete Software: Oracle Java SE/JRE/JDK 6/1.6 Detected
N/A
105490 Oracle Java SE Support Roadmap
Microsoft Internet Explorer Multiple Remote Code Execution Vulnerabilities (MS13-047)
100150 MS13-047
Adobe Flash Player and AIR Multiple Code Execution Vulnerabilities (APSB13-09)
121008 APSB13-09
EOL/Obsolete Software SNMP Version Detected
N/A
105459 No Reference
Adobe Reader and Acrobat Remote Code Execution Vulnerability (APSA13-02 and APSB13-07)
120866 APSA13-02
EOL/Obsolete Software: Microsoft XML Core Services 4.0 Service Pack 2 Detected
N/A
105458 KB973685
Microsoft SQL Server Compact 3.5 Service Pack 2 Not Installed
N/A
105487 Microsoft Support LifeCycle
Microsoft GDI+ Remote Code Execution Vulnerability (MS13-054)
90895 MS13-054
Microsoft Windows Kernel-Mode Drivers Remote Code Execution (MS13-053)
90894 MS13-053


Top 10 External Vulnerabilities: August 2013


TitleQualysIDExt. Reference
Microsoft Windows Remote Desktop Protocol Remote Code Execution Vulnerability (MS12-020)
90783 MS12-020
EOL/Obsolete Operating System: Solaris 8 Detected
N/A
105462 Solaris 8 EOL
EOL/Obsolete Software: Microsoft Internet Information Services (IIS) 5.x Detected
N/A
105456 No Reference
EOL/Obsolete Operating System: Microsoft Windows 2000 Detected
N/A
105359 Windows 2000 End of Life
Blind SQL Injection
N/A
150012 No Reference
Apache Chunked-Encoding Memory Corruption Vulnerability
86352 No Reference
Microsoft SMB Remote Code Execution Vulnerability (MS09-001)
90477 MS09-001
Microsoft Windows Server Service Could Allow Remote Code Execution (MS08-067)
90464 MS08-067
EOL/Obsolete Software SNMP Version Detected
N/A
105459 No Reference
EOL/Obsolete Software: Apache HTTP Server 1.3.X Detected
N/A
105442 Announcement1.3


FreeScan Trial



Previous Top 10 Vulnerability Lists

Qualys Solutions
Qualys Community
Free Tools & Trials
Free Trial

Nothing to install or download!

1 (800) 745 4355