Top 25 Most Dangerous Vulnerabilities Of 2020

[✨ Megiddo]

Topping the list was a cross-site scripting vulnerability.

The Common Weakness Enumeration (CWE) has published the latest list of the most vulnerable 2020 vulnerabilities. 2020 CWE Top 25 Most Dangerous Software Weaknesses - A demo list of the most common and critical vulnerabilities that can lead to serious software problems.

Their exploitation often allows attackers to completely take control of the execution of software, steal data, or interfere with the operation of software.

The published list details each of the 25 types of problems, provides examples of vulnerabilities and recommendations for developers to prevent the emergence of such vulnerabilities. Below is an updated list of the most dangerous vulnerabilities:

1. CWE-79 - Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Score 45.69;
2. CWE-787 - Out-of-bounds Write. Score 46.17 points;
3. CWE-20 - Improper Input Validation. Score 43.61 points;
4. CWE-125 - Out-of-bounds Read. Score 26.53 points;
5. CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer. Score 75.56 points;
6. CWE-89 - Improper Neutralization of Special Elements used in an SQL Command (SQL Injection). Score 24.54 points;
7. CWE-200 - Information Exposure. Score 32.12 points;
8. CWE-416 - Use After Free. Score 17.94 points;
9. CWE-352 - Cross-Site Request Forgery (CSRF). Score 15.54 points;
10. CWE-78 - Incorrect neutralization of special elements used in system commands (OS Command Injection). Score 16.44 points.

__________________