Search

See Resources

Top 10 Vulnerabilities

The Top 10 External and Top 10 Internal Vulnerabilities are dynamic lists of the most prevalent and critical security vulnerabilities in the real world. Based on the Laws of Vulnerabilities, this information is computed anonymously from over 2 billion IP audits per year. The Top 10 External Vulnerabilities are the most prevalent and critical vulnerabilities which have been identified on Internet facing systems. The Top 10 Internal Vulnerabilities show this information for systems and networks inside the firewall.

The two Top 10 lists exclude vulnerabilities that do not have patches, even if workarounds are available, because these lists are tools to help prioritize remediation.

Top 10 Internal Vulnerabilities Published July 2014

  1. Oracle Java SE Critical Patch Update - June 2013

    Qualys ID:
    121279
    Vendor Reference:
    Oracle Java SE CPU June 2013
    CVE Reference:
  2. EOL/Obsolete Software: Oracle Java SE/JRE/JDK 6/1.6 Detected

    Qualys ID:
    105490
    Vendor Reference:
    Oracle Java SE Support Roadmap
  3. EOL/Obsolete Software: SNMP Protocol Version Detected

    Qualys ID:
    105459
    Vendor Reference:
    No Vendor Reference
  4. Microsoft Internet Explorer Multiple Remote Code Execution Vulnerabilities (MS14-012)

    Qualys ID:
    100180
    Vendor Reference:
    MS14-012
    CVE Reference:
  5. Adobe Shockwave Player Memory Corruption Vulnerabilities (APSB14-06)

    Qualys ID:
    121801
    Vendor Reference:
    APSB14-06
    CVE Reference:
  6. Microsoft Windows Kernel-Mode Drivers Elevation of Privilege Vulnerability (MS14-015)

    Qualys ID:
    90945
    Vendor Reference:
    MS14-015
    CVE Reference:
  7. Adobe Flash Player Cross-Scripting Vulnerability (APSB14-04)

    Qualys ID:
    121772
    Vendor Reference:
    APSB14-04
    CVE Reference:
  8. Microsoft Word and Office Web Apps Remote Code Execution Vulnerability (MS14-001)

    Qualys ID:
    110233
    Vendor Reference:
    MS14-001
    CVE Reference:
  9. Microsoft SQL Server Compact 3.5 Service Pack 2 Not Installed

    Qualys ID:
    105487
    Vendor Reference:
    Description of SQL Server Compact 3.5 Service Pack 2
  10. Microsoft VBScript Remote Code Execution Vulnerability (MS14-011)

    Qualys ID:
    90942
    Vendor Reference:
    MS14-011
    CVE Reference:

Top 10 External Vulnerabilities Published July 2014

  1. Cisco IOS Malformed IPV4 Packet Denial of Service Vulnerability

    Qualys ID:
    43051
    Vendor Reference:
    No Vendor Reference
    CVE Reference:
  2. Microsoft Windows Remote Desktop Protocol Remote Code Execution Vulnerability (MS12-020)

    Qualys ID:
    90783
    Vendor Reference:
    MS12-020
    CVE Reference:
  3. OpenSSL Memory Leak Vulnerability (Heartbleed Bug)

    Qualys ID:
    42430
    Vendor Reference:
    OpenSSL vulnerabilities
    CVE Reference:
  4. Microsoft Windows Server Service Could Allow Remote Code Execution (MS08-067) and Shadow Brokers (ECLIPSEDWING)

    Qualys ID:
    90464
    Vendor Reference:
    MS08-067
    CVE Reference:
  5. Microsoft SMB Remote Code Execution Vulnerability (MS09-001)

    Qualys ID:
    90477
    Vendor Reference:
    MS09-001
    CVE Reference:
  6. EOL/Obsolete Software: Microsoft Internet Information Services (IIS) 5.x Detected

    Qualys ID:
    105456
    Vendor Reference:
    No Vendor Reference
  7. EOL/Obsolete Operating System: Microsoft Windows 2000 Detected

    Qualys ID:
    105359
    Vendor Reference:
    Windows 2000 End of Life
  8. Vulnerability in Server Service Could Allow Remote Code Execution (MS06-040)

    Qualys ID:
    90336
    Vendor Reference:
    MS06-040
    CVE Reference:
  9. EOL/Obsolete Software: Apache HTTP Server 1.3.X Detected

    Qualys ID:
    105442
    Vendor Reference:
    Announcement1.3
  10. EOL/Obsolete Software: ISC BIND 9.1.x - 9.5.x Detected

    Qualys ID:
    105508
    Vendor Reference:
    BIND Software Status

Archive of Top 10 Vulnerabilities

Email or call us at +1 800 745 4355 or try our Global Contacts
Subscription Packages
Qualys Solutions
Qualys Community
Company
Free Trial & Tools
Popular Topics