Search

See Resources

Top 10 Vulnerabilities

The Top 10 External and Top 10 Internal Vulnerabilities are dynamic lists of the most prevalent and critical security vulnerabilities in the real world. Based on the Laws of Vulnerabilities, this information is computed anonymously from over 2 billion IP audits per year. The Top 10 External Vulnerabilities are the most prevalent and critical vulnerabilities which have been identified on Internet facing systems. The Top 10 Internal Vulnerabilities show this information for systems and networks inside the firewall.

The two Top 10 lists exclude vulnerabilities that do not have patches, even if workarounds are available, because these lists are tools to help prioritize remediation.

Top 10 Internal Vulnerabilities Published November 2011

  1. Microsoft Internet Explorer Cumulative Security Update (MS11-057)

    Qualys ID:
    100105
    Vendor Reference:
    MS11-057
    CVE Reference:
  2. Oracle Java SE Critical Patch Update - June 2011

    Qualys ID:
    119319
    Vendor Reference:
    Oracle JAVA CPU JUN2011
    CVE Reference:
  3. Microsoft Windows Fax Cover Page Editor Remote Code Execution Vulnerability (MS11-024)

    Qualys ID:
    90675
    Vendor Reference:
    MS11-024
    CVE Reference:
  4. Microsoft Windows SMB Client Remote Code Execution (MS11-043)

    Qualys ID:
    90707
    Vendor Reference:
    MS11-043
    CVE Reference:
  5. Microsoft OLE Automation Remote Code Execution Vulnerability (MS11-038)

    Qualys ID:
    90709
    Vendor Reference:
    MS11-038
    CVE Reference:
  6. Microsoft Windows Kernel Mode Drivers Elevation of Privilege (MS11-054)

    Qualys ID:
    90718
    Vendor Reference:
    MS11-054
    CVE Reference:
  7. Microsoft Windows Client/Server Run-time Subsystem Elevation of Privilege Vulnerability (MS11-063)

    Qualys ID:
    90721
    Vendor Reference:
    MS11-063
    CVE Reference:
  8. Microsoft Windows Kernel Elevation of Privilege Vulnerabilities (MS11-011)

    Qualys ID:
    90659
    Vendor Reference:
    MS11-011
    CVE Reference:
  9. Microsoft Distributed File System Remote Code Execution Vulnerability (MS11-042)

    Qualys ID:
    90706
    Vendor Reference:
    MS11-042
    CVE Reference:
  10. Microsoft MHTML Information Disclosure Vulnerability (MS11-037)

    Qualys ID:
    90713
    Vendor Reference:
    MS11-037
    CVE Reference:

Top 10 External Vulnerabilities Published November 2011

  1. SSL Server Allows Anonymous Authentication Vulnerability

    Qualys ID:
    38142
    Vendor Reference:
    No Vendor Reference
  2. EOL/Obsolete Operating System: Microsoft Windows 2000 Detected

    Qualys ID:
    105359
    Vendor Reference:
    Windows 2000 End of Life
  3. PHP "spl_object_storage_attach" Use-After-Free Vulnerability

    Qualys ID:
    12378
    Vendor Reference:
    PHP 5.2.14, PHP 5.3.3
    CVE Reference:
  4. SSH Protocol Version 1 Supported

    Qualys ID:
    38304
    Vendor Reference:
    No Vendor Reference
    CVE Reference:
  5. Internet Information Services (IIS) Could Allow Elevation of Privilege (MS09-020)

    Qualys ID:
    86837
    Vendor Reference:
    MS09-020
    CVE Reference:
  6. Cisco IOS Telnet Service Remote Denial of Service Vulnerability

    Qualys ID:
    38308
    Vendor Reference:
    cisco-sa-20040827-telnet
    CVE Reference:
  7. Microsoft SMB Remote Code Execution Vulnerability (MS09-001)

    Qualys ID:
    90477
    Vendor Reference:
    MS09-001
    CVE Reference:
  8. Microsoft Windows Server Service Could Allow Remote Code Execution (MS08-067) and Shadow Brokers (ECLIPSEDWING)

    Qualys ID:
    90464
    Vendor Reference:
    MS08-067
    CVE Reference:
  9. Red Hat JBoss Application Server Web Console and JMX Management Console Authentication Bypass Vulnerability

    Qualys ID:
    86882
    Vendor Reference:
    Bug 585899
    CVE Reference:
  10. Remote User List Disclosure Using NetBIOS

    Qualys ID:
    45003
    Vendor Reference:
    No Vendor Reference
    CVE Reference:

Archive of Top 10 Vulnerabilities

Email or call us at +1 800 745 4355 or try our Global Contacts
Subscription Packages
Qualys Solutions
Qualys Community
Company
Free Trial & Tools
Popular Topics