KEV 2013

38 CISA Known Exploited Vulnerabilities from 2013

CVE-2013-0422

Oracle Java Runtime Environment (JRE) — Oracle JRE Remote Code Execution Vulnerability

CVSS 9.8

CVE-2013-2465

Oracle Java SE — Oracle Java SE Unspecified Vulnerability

CVSS 9.8

CVE-2013-2729

Adobe Reader and Acrobat — Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability

CVSS 9.8

CVE-2013-2251

Apache Struts — Apache Struts Improper Input Validation Vulnerability

CVSS 9.8

CVE-2013-4810

Hewlett Packard (HP) ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management — HP Multiple Products Remote Code Execution Vulnerability

CVSS 9.8

CVE-2013-0625

Adobe ColdFusion — Adobe ColdFusion Authentication Bypass Vulnerability

CVSS 9.8

CVE-2013-0632

Adobe ColdFusion — Adobe ColdFusion Authentication Bypass Vulnerability

CVSS 9.8

CVE-2013-3346

Adobe Reader and Acrobat — Adobe Reader and Acrobat Memory Corruption Vulnerability

CVSS 9.8

CVE-2013-3918

Microsoft Windows — Microsoft Windows Out-of-Bounds Write Vulnerability

CVSS 8.8

CVE-2013-3893

Microsoft Internet Explorer — Microsoft Internet Explorer Resource Management Errors Vulnerability

CVSS 8.8

CVE-2013-0643

Adobe Flash Player — Adobe Flash Player Incorrect Default Permissions Vulnerability

CVSS 8.8

CVE-2013-0648

Adobe Flash Player — Adobe Flash Player Code Execution Vulnerability

CVSS 8.8

CVE-2013-3163

Microsoft Internet Explorer — Microsoft Internet Explorer Memory Corruption Vulnerability

CVSS 8.8

CVE-2013-6282

Linux Kernel — Linux Kernel Improper Input Validation Vulnerability

CVSS 8.8

CVE-2013-1690

Mozilla Firefox and Thunderbird — Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability

CVSS 8.8

CVE-2013-2551

Microsoft Internet Explorer — Microsoft Internet Explorer Use-After-Free Vulnerability

CVSS 8.8

CVE-2013-1347

Microsoft Internet Explorer — Microsoft Internet Explorer Remote Code Execution Vulnerability

CVSS 8.8

CVE-2013-3897

Microsoft Internet Explorer — Microsoft Internet Explorer Use-After-Free Vulnerability

CVSS 8.8

CVE-2013-2094

Linux Kernel — perf_swevent_enabled Out-of-Bounds Write via Unchecked attr.config for Local Privilege Escalation

CVSS 8.4

CVE-2013-2597

Code Aurora ACDB Audio Driver — Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability

CVSS 8.4

CVE-2013-2596

Linux Kernel — Linux Kernel Integer Overflow Vulnerability

CVSS 7.8

CVE-2013-1331

Microsoft Office — Microsoft Office Buffer Overflow Vulnerability

CVSS 7.8

CVE-2013-0074

Microsoft Silverlight — Microsoft Silverlight Double Dereference Vulnerability

CVSS 7.8

CVE-2013-3660

Microsoft Win32k — Microsoft Win32k Privilege Escalation Vulnerability

CVSS 7.8

CVE-2013-0640

Adobe Reader and Acrobat — Adobe Reader and Acrobat Memory Corruption Vulnerability

CVSS 7.8

CVE-2013-0641

Adobe Reader — Adobe Reader Buffer Overflow Vulnerability

CVSS 7.8

CVE-2013-5065

Microsoft Windows — Microsoft Windows Kernel Privilege Escalation Vulnerability

CVSS 7.8

CVE-2013-3906

Microsoft Graphics Component — Microsoft Graphics Component Memory Corruption Vulnerability

CVSS 7.8

CVE-2013-0629

Adobe ColdFusion — Adobe ColdFusion Directory Traversal Vulnerability

CVSS 7.5

CVE-2013-0631

Adobe ColdFusion — Adobe ColdFusion Information Disclosure Vulnerability

CVSS 7.5

CVE-2013-3993

IBM InfoSphere BigInsights — IBM InfoSphere BigInsights Invalid Input Vulnerability

CVSS 6.5

CVE-2013-7331

Microsoft Internet Explorer — Microsoft Internet Explorer Information Disclosure Vulnerability

CVSS 6.5

CVE-2013-1675

Mozilla Firefox — Mozilla Firefox Information Disclosure Vulnerability

CVSS 6.5

CVE-2013-3896

Microsoft Silverlight — Microsoft Silverlight Information Disclosure Vulnerability

CVSS 5.5

CVE-2013-3900

Microsoft WinVerifyTrust function — Microsoft WinVerifyTrust function Remote Code Execution

CVSS 5.5

CVE-2013-5223

D-Link DSL-2760U — D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability

CVSS 5.4

CVE-2013-0431

Oracle Java Runtime Environment (JRE) — Oracle JRE Sandbox Bypass Vulnerability

CVSS 5.3

CVE-2013-2423

Oracle Java Runtime Environment (JRE) — Oracle JRE Unspecified Vulnerability

CVSS 3.7
Gavin Hollinger & AI assembled this air-gap friendly HTML