MITRE has released their top 25 list of Common Vulnerability Exposures (CVE’s). The winners were culled from roughly 27,000 CVE’s in the National Vulnerability Database and represent the most common and dangerous weaknesses from the last two years (2019-2020). The list provides descriptions and research links for each of the weaknesses with examples of how they might be abused. Excerpt:
… Top 25 Most Dangerous Software Weaknesses (CWE Top 25) is a demonstrative list of the most common and impactful issues experienced over the previous two calendar years.
These weaknesses are dangerous because they are often easy to find, exploit, and can allow adversaries to completely take over a system, steal data, or prevent an application from working. The CWE Top 25 is a valuable community resource that can help developers, testers, and users — as well as project managers, security researchers, and educators — provide insight into the most severe and current security weaknesses.