Rating of 20 Most Exploited Ugly

Qualys has published a list of the top 20 exploited vulnerabilities, which are commonly used for attacks and the spread of malicious or extortion software. Out of the 20 vulnerabilities, 15 affect Microsoft products.

The list includes the following vulnerabilities:

1. CVE-2017-11882: This vulnerability affects Microsoft Office, causing memory damage and allowing the execution of code when opening a specially crafted document. This vulnerability has been exploited in 467 cases of harmful software, 53 attackers, and 14 extortion programs.
2. CVE-2017-0199: This vulnerability affects Microsoft WordPad, allowing the execution of code when opening a specially designed file. It has been involved in 93 cases of harmful software, 53 attackers, and 5 extortion programs.
3. CVE-2012-0158: This vulnerability affects Windows Common Controls and allows the execution of code when opening a specially designed web page. It has been involved in 63 cases of harmful software, 45 attackers, and 2 extortion programs.
4. CVE-2017-8570: This vulnerability affects Microsoft Office and allows the execution of code when opening a specially crafted document. It has been involved in 52 cases of harmful software and 11 attackers.
5. CVE-2020-1472: This vulnerability, known as Zerologon, affects the implementation of the Microsoft Netlogon Remote Protocol protocol and affects both Windows and Samba. It allows an administrator to obtain the rights of a domain controller. It has been involved in 18 cases of harmful software, 16 attackers, and 11 extortion programs.
6. CVE-2017-0144, CVE-2017-0145, CVE-2017-0143: These vulnerabilities, collectively known as Wannacry, affect Windows and allow the execution of code through a request for the protocol Smbv1. They have been involved in 12 cases of harmful software, 10 attackers, and 12 extortion programs.
7. CVE-2012-1723: This vulnerability affects the Baitcode of Java and allows the execution of code when opening a page with a specially designed Java applet. It has been involved in 91 cases of harmful software, 18 attackers, and 41 extortion programs.
8. CVE-2021-34473, CVE-2021-34523, CVE-2021-31207: These vulnerabilities, collectively known