111.5K CVEs classified as high severity
A Unix account with a name other than "root" has UID 0, i.e. root privileges.
NFS exports system-critical data to the world, e.g. / or a password file.
A router's routing tables can be obtained from arbitrary hosts.
Windows NT automatically logs in an administrator upon rebooting.
A superfluous NFS server is running, but it is not importing or exporting any file systems.
An SSH server allows authentication through the .rhosts file.
A password for accessing a WWW URL is guessable.
A trust relationship exists between two Unix hosts.
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.
A DNS server allows inverse queries.
A system is operating in "promiscuous" mode which allows it to perform packet sniffing.
A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc.
A router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of.
The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable command...
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate.
An NIS domain name is easily guessable.
A NETBIOS/SMB share password is the default, null, or missing.
A NETBIOS/SMB share password is guessable.
An SNMP community name is the default (e.g. public), null, or missing.
An SNMP community name is guessable.
An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.
A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.