The “Dirty Dozen” list is compiled by security vendor Bit9 based on information available in the National Institute of Standards and Technology’s public National Vulnerability Database. The No.1 spot is Google Chrome, with 76 reported vulnerabilities, the No. 2 spot is held by Apple’s Safari browser at 60 reported vulnerabilities. The rest of the list is Adobe Acrobat, Adobe Flash Player, Sun JDK and RealNetworks RealPlayer. A variety of vulnerability types — including buffer-overflow and cross-site scripting vulnerabilities — impacted these applications, Bit9 says.”]
Source: https://www.csoonline.com/article/2126103/google-chrome-tops–dirty-dozen–vulnerable-apps-list.html