CVEs from 2013
Total
5,732
critical
critical 917
high
high 949
medium
medium 3,166
low
low 557
% Critical
16.0%
% with KEV
0.7%
% with exploit
0.9%
Top vendors
Top products
- chrome 11,665
- ffmpeg 3,379
- seamonkey 2,231
- acrobat_reader 1,911
- acrobat 1,909
- itunes 1,678
- firefox 1,634
- moodle 1,560
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2013-4710 | critical | — | 9.3 | 12y ago | Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote attackers to execute arbitrary me… | |
| CVE-2013-4787 | critical | — | 9.3 | 13y ago | Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that… | |
| CVE-2013-6282 | unknown | — | 2.5 | 4y ago | The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the conten… | |
| CVE-2013-2094 | unknown | — | 1.5 | 4y ago | The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open … | |
| CVE-2013-2596 | unknown | — | 1.5 | 4y ago | Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to crea… | |
| CVE-2013-2251 | unknown | — | 1.5 | 4y ago | Code injection in Apache Struts |