Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Top 30 serious security holes are being exploited by hackers the most
This report shows that cybercriminals can quickly turn a publicly reported vulnerability into a weapon to their advantage.
This report also includes a list of the top 30 critical security holes that are being exploited by hackers the most. These 30 vulnerabilities appear in a variety of software including teleworking, virtual private networks (VPNs), and cloud-based technologies. These are products of many big names such as Microsoft, VMware, Pulse Secure, Fortinet, Accelion, Citrix, F5 Big IP, Atlassian and Drupal.
Here are the most exploited critical security holes in 2020:
- CVE-2019-19781 (CVSS score: 9.8): Citrix Application Delivery Controller (ADC) and Gateway Directory Transport Vulnerability
- CVE-2019-11510 (CVSS score: 10.0): Pulse Connect Secure arbitrary file reading vulnerability
- CVE-2018-13379 (CVSS score: 9.8): Fortine FortiOS pipeline vulnerability leads to system file leak
- CVE-2020-5902 (CVSS score: 9.8): F5 BIG-IP Remote Code Execution Vulnerability
- CVE-2020-15505 (CVSS score: 9.8): MobileIron Core & Connector Remote Code Execution Vulnerability
- CVE-2020-0688 (CVSS score: 8.8): Microsoft Exchange memory corruption vulnerability
- CVE-2019-3396 (CVSS score: 9.8) - Atlassian Confluence Server remote code execution vulnerability
- CVE-2017-11882 (CVSS score: 7.8) - Microsoft Office memory corruption vulnerability
- CVE-2019-11580 (CVSS score: 9.8) - Atlassian Crowd and Crowd Data Center remote code execution vulnerability
- CVE-2018-7600 (CVSS score: 9.8) - Drupal Remote Code Execution Vulnerability
- CVE-2019-18935 (CVSS score: 9.8) - Telerik .NET decryption vulnerability leads to remote code execution
- CVE-2019-0604 (CVSS score: 9.8) - Microsoft SharePoint Remote Code Execution Vulnerability
- CVE-2020-0787 (CVSS score: 7.8) - Windows Platform Intelligent Transport Service (BITS) privilege escalation vulnerability
- CVE-2020-1472 (CVSS score: 10.0) - Windows Netlogon Privilege Escalation Vulnerability
List of the most actively exploited security vulnerabilities so far in 2021:
- Microsoft Exchange Server: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 (also known as "ProxyLogon")
- Pulse Secure: CVE-2021-22893, CVE-2021-22894, CVE-2021-22899 and CVE-2021-22900
- Accelion: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, and CVE-2021-27104
- VMware: CVE-2021-21985
- Fortinet: CVE-2018-13379, CVE-2020-12812 and CVE-2019-5591
According to experts, cybercriminals are increasingly exploiting software vulnerabilities to attack large groups of objects, including both private and institutional, around the world. However, users and organizations can mitigate the damage of these reported vulnerabilities by updating patches early and implementing a centralized patch management system.
4.5 ★ | 2 Vote
Micah SotoYou should read it
- 10 security holes exploited by hackers in 2018
- Detect 2 serious security holes in the Zoom application
- Internet Explorer has vulnerabilities, unused users are still hacked
- Microsoft has a group of 'elite' hackers that specialize in attacking Windows to keep the operating system safe
- The security flaw threatens more than 2 billion Google Chrome users
- White-hat hackers, from their passion to the job to earn money, and little-known things
- There are vulnerabilities that allow hackers to bypass the fingerprint security mechanism of Lenovo computers
- AMD patched a series of security holes in the graphics driver for Windows 10
May be interested
- What is PetitPotam Attack? How to overcome PetitPotam attack
petitpotam is a new attack method with the ability to take control of a domain controller and then take over the entire windows domain. - XLoader malware attacks Mac users, collects login information, takes screenshotssecurity researchers at check point research (cpr) have just warned about the extremely dangerous xlloader malware that is attacking both windows and mac users.
- Defender for Identity detects PrintNightmare vulnerability, reducing risk for Print Spoolermicrosoft helped defender for identity detect the printnightmare exploit to help the security operations team detect hacker attacks.
- HelloKitty Ransomware Using Linux Variant Attacks VMware ESXi Serverthe hellokitty ransomware uses a linux variant that targets vmware's esxi virtual machine platform for maximum damage.
- Beware of BIOPASS malware hidden in Chinese online gambling sitescybersecurity researchers are warning of a new malware - biopass rat - attacking online gambling companies in china.
- Warning of dangerous vulnerabilities on WinRAR, users should uninstall or upgrade to a new versionrarlab, the developer of winrar, has just released an urgent update to patch a dangerous vulnerability in their software.
Attack the network
10 security holes exploited by hackers in 2018- The US shares the top 20 vulnerabilities most exploited by Chinese hackers since 2020 until now
- Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackers
- Google Chrome again urgently updates to patch serious security holes
- Detect 2 serious security holes in the Zoom application
10 security holes exploited by hackers in 2018
The US shares the top 20 vulnerabilities most exploited by Chinese hackers since 2020 until now
Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackers
Google Chrome again urgently updates to patch serious security holes
Detect 2 serious security holes in the Zoom application