Search

See Resources

Top 10 Vulnerabilities

The Top 10 External and Top 10 Internal Vulnerabilities are dynamic lists of the most prevalent and critical security vulnerabilities in the real world. Based on the Laws of Vulnerabilities, this information is computed anonymously from over 2 billion IP audits per year. The Top 10 External Vulnerabilities are the most prevalent and critical vulnerabilities which have been identified on Internet facing systems. The Top 10 Internal Vulnerabilities show this information for systems and networks inside the firewall.

The two Top 10 lists exclude vulnerabilities that do not have patches, even if workarounds are available, because these lists are tools to help prioritize remediation.

Top 10 Internal Vulnerabilities Published July 2015

  1. Oracle Java SE Critical Patch Update - January 2015

    Qualys ID:
    123168
    Vendor Reference:
    Oracle Java SE CPU January 2015
    CVE Reference:
  2. EOL/Obsolete Software: Microsoft XML Parser and Microsoft XML Core Services (MSXML) 4.0 Detected

    Qualys ID:
    105576
    Vendor Reference:
    Microsoft MSXML 4 EOL
  3. EOL/Obsolete Software: SNMP Protocol Version Detected

    Qualys ID:
    105459
    Vendor Reference:
    No Vendor Reference
  4. Microsoft Internet Explorer Cumulative Security Update (MS15-032)

    Qualys ID:
    100229
    Vendor Reference:
    MS15-032
    CVE Reference:
  5. Microsoft Windows HTTP.sys Remote Code Execution Vulnerability (MS15-034)

    Qualys ID:
    91041
    Vendor Reference:
    MS15-034
    CVE Reference:
  6. Microsoft Graphics Component Remote Code Execution Vulnerability (MS15-035)

    Qualys ID:
    91038
    Vendor Reference:
    MS15-035
    CVE Reference:
  7. EOL/Obsolete Software: Oracle Java SE/JRE/JDK 6/1.6 Detected

    Qualys ID:
    105490
    Vendor Reference:
    Oracle Java SE Support Roadmap
  8. Adobe Flash Player Multiple Remote Code Execution Vulnerabilities (APSB15-06)

    Qualys ID:
    123524
    Vendor Reference:
    APSB15-06
    CVE Reference:
  9. Microsoft Windows Shell Remote Code Execution Vulnerabilities (MS15-020)

    Qualys ID:
    91029
    Vendor Reference:
    MS15-020
    CVE Reference:
  10. Microsoft Windows Journal Remote Code Execution Vulnerability (MS15-045)

    Qualys ID:
    91054
    Vendor Reference:
    MS15-045
    CVE Reference:

Top 10 External Vulnerabilities Published July 2015

  1. Cisco IOS Malformed IPV4 Packet Denial of Service Vulnerability

    Qualys ID:
    43051
    Vendor Reference:
    No Vendor Reference
    CVE Reference:
  2. Microsoft Windows HTTP.sys Remote Code Execution Vulnerability (MS15-034)

    Qualys ID:
    91041
    Vendor Reference:
    MS15-034
    CVE Reference:
  3. EOL/Obsolete Software: PHP 5.3.x Detected

    Qualys ID:
    105578
    Vendor Reference:
    PHP 5.3.29
  4. EOL/Obsolete Software: IBM HTTP Server 6.1 Detected

    Qualys ID:
    105524
    Vendor Reference:
    End of Life for IBM HTTP Server 6.1
  5. EOL/Obsolete Software: SNMP Protocol Version Detected

    Qualys ID:
    105459
    Vendor Reference:
    No Vendor Reference
  6. EOL/Obsolete Operating System: Cisco IOS 12.3 Detected

    Qualys ID:
    105505
    Vendor Reference:
    Cisco IOS 12.3 Lifecycle
  7. EOL/Obsolete Software: Apache Tomcat 5.5.x Detected

    Qualys ID:
    105470
    Vendor Reference:
    EOL: Tomcat 5.5
  8. EOL/Obsolete Operating System: Microsoft Windows XP Detected

    Qualys ID:
    105543
    Vendor Reference:
    Windows XP End of Life
  9. EOL/Obsolete Software: Apache HTTP Server 1.3.X Detected

    Qualys ID:
    105442
    Vendor Reference:
    Announcement1.3
  10. Microsoft Windows Remote Desktop Protocol Remote Code Execution Vulnerability (MS12-020)

    Qualys ID:
    90783
    Vendor Reference:
    MS12-020
    CVE Reference:

Archive of Top 10 Vulnerabilities

Email or call us at +1 800 745 4355 or try our Global Contacts
Subscription Packages
Qualys Solutions
Qualys Community
Company
Free Trial & Tools
Popular Topics