Search

See Resources

Top 10 Vulnerabilities

The Top 10 External and Top 10 Internal Vulnerabilities are dynamic lists of the most prevalent and critical security vulnerabilities in the real world. Based on the Laws of Vulnerabilities, this information is computed anonymously from over 2 billion IP audits per year. The Top 10 External Vulnerabilities are the most prevalent and critical vulnerabilities which have been identified on Internet facing systems. The Top 10 Internal Vulnerabilities show this information for systems and networks inside the firewall.

The two Top 10 lists exclude vulnerabilities that do not have patches, even if workarounds are available, because these lists are tools to help prioritize remediation.

Top 10 Internal Vulnerabilities Published February 2015

  1. Microsoft Internet Explorer Cumulative Security Update (MS15-009)

    Qualys ID:
    100220
    Vendor Reference:
    MS15-009
    CVE Reference:
  2. Oracle Java SE Critical Patch Update - July 2014

    Qualys ID:
    122362
    Vendor Reference:
    Oracle Java SE CPU July 2014
    CVE Reference:
  3. Adobe Flash Player and AIR Multiple Vulnerabilities (APSB14-24)

    Qualys ID:
    122827
    Vendor Reference:
    APSB14-024
    CVE Reference:
  4. Microsoft .Net Framework Elevation of Privilege Vulnerability (MS14-072)

    Qualys ID:
    90997
    Vendor Reference:
    MS14-072
    CVE Reference:
  5. Microsoft Windows Network Location Awareness Service Security Bypass Vulnerability (MS15-005)

    Qualys ID:
    91007
    Vendor Reference:
    MS15-005
    CVE Reference:
  6. Adobe Reader and Acrobat Multiple Vulnerabilities (APSB14-20)

    Qualys ID:
    122663
    Vendor Reference:
    APSB14-20
    CVE Reference:
  7. Microsoft Windows Application Compatibility Cache Elevation of Privilege Vulnerability (MS15-001)

    Qualys ID:
    91005
    Vendor Reference:
    MS15-001
    CVE Reference:
  8. Microsoft Windows Components Directory Traversal Information Disclosure Vulnerability (MS15-004)

    Qualys ID:
    91012
    Vendor Reference:
    MS15-004
    CVE Reference:
  9. Microsoft Windows Kerberos Elevation of Privilege Vulnerability (MS14-068) and Shadow Brokers (ESKIMOROLL)

    Qualys ID:
    90998
    Vendor Reference:
    MS14-068
    CVE Reference:
  10. Microsoft Word and Office Web Apps Remote Code Execution Vulnerability (MS14-081)

    Qualys ID:
    110244
    Vendor Reference:
    MS14-081
    CVE Reference:

Top 10 External Vulnerabilities Published February 2015

  1. OpenSSL Multiple Remote Security Vulnerabilities

    Qualys ID:
    38602
    Vendor Reference:
    OpenSSL Security Advisory [05 Jun 2014]
    CVE Reference:
  2. Cisco IOS Malformed IPV4 Packet Denial of Service Vulnerability

    Qualys ID:
    43051
    Vendor Reference:
    No Vendor Reference
    CVE Reference:
  3. Apache HTTP Server Multiple Cross-Site Scripting Vulnerabilities

    Qualys ID:
    12260
    Vendor Reference:
    RHSA-2008:0004, RHSA-2008:0005, RHSA-2008:0006, RHSA-2008:0007, RHSA-2008:0008
    CVE Reference:
  4. SSL Server Allows Anonymous Authentication Vulnerability

    Qualys ID:
    38142
    Vendor Reference:
    No Vendor Reference
  5. OpenSSH Signal Handling Vulnerability

    Qualys ID:
    38560
    Vendor Reference:
    No Vendor Reference
    CVE Reference:
  6. Microsoft ASP.NET Denial of Service Vulnerability (KB2659883 and MS11-100)

    Qualys ID:
    90764
    Vendor Reference:
    KB2659883, MS11-100
    CVE Reference:
  7. SSH Protocol Version 1 Supported

    Qualys ID:
    38304
    Vendor Reference:
    No Vendor Reference
    CVE Reference:
  8. Internet Information Services (IIS) Could Allow Elevation of Privilege (MS09-020)

    Qualys ID:
    86837
    Vendor Reference:
    MS09-020
    CVE Reference:
  9. SSL Server Allows Cleartext Communication Vulnerability

    Qualys ID:
    38143
    Vendor Reference:
    No Vendor Reference
  10. OpenSSL Memory Leak Vulnerability (Heartbleed Bug)

    Qualys ID:
    42430
    Vendor Reference:
    OpenSSL vulnerabilities
    CVE Reference:

Archive of Top 10 Vulnerabilities

Email or call us at +1 800 745 4355 or try our Global Contacts
Subscription Packages
Qualys Solutions
Qualys Community
Company
Free Trial & Tools
Popular Topics