CVE Releases the Critical List of Top 50 'Distinct' Vulnerability Products

By CIOReview | Monday, January 4, 2016

FREMONT, CA: IT in the past decade has faced immense criticism over software exploitation, and the trend has shown no hints of stopping with security flaws and glitches scoring high in 2015 as well. CVE (Common Vulnerabilities and Exposures) Details has released the latest chart of top 50 products by total number of ‘Distinct’ vulnerabilities in 2015. CVE is based upon a reference method to provide information- security vulnerabilities in public platform.

Leading from the front in the infamous list is Apple, by holding the top two spots. With a maximum of 384 vulnerabilities Apple’s Mac OS X has narrowly toppled iPhone OS, which registers 375 vulnerabilities. Not surprisingly, Adobe products have locked the four consecutive positions starting from three to six. Flash player, finishes this year run in the third spot with 314 vulnerabilities, followed by Adobe’s Air Sdk, Air Sdk & Compiler and AIR itself. The much talked about Java, instead has got a reason to smile this year by landing down the table, with JRE and JDK holding the 29th and 30th spot respectively.

Microsoft has always been synonymous with security constraints.  But tables have turned this year as Microsoft slips further down from its long held spot. Internet Explorer continues to rank as the most unsafe browser with 231 reported vulnerabilities, followed by Chrome and Firefox, which has fared badly to be featured in the 8th and 9th spot. However, in the overall tally Microsoft has claimed the top notch spot with the support cast of various Windows versions, registering the most number of vulnerability, where Adobe has fallen second in the list.

Other prominent product finding a place in the 2015 edition of top 50 list includes Safari, Android, Acrobat, Windows Server, E-Business Suite, Debian Linux, itunes to name a few.

Time and again there has been a security concern related with software or in operating systems resulting in the software to become unresponsive or crashing. These findings will however help the company’s professionals to focus more in their operation in preventing and curbing the effect of attacks, and also in encouraging the development of security strategies.

The rankings are based on the working method of the automated vulnerability discovery tools, which updates vulnerabilities according to the number of impact caused as well as depth of severity.