CVEs from 2013

5,732 normalized CVEs published or assigned in this year.

Total

5,732

critical

critical 917

high

high 949

medium

medium 3,166

low

low 557

% Critical

16.0%

% with KEV

0.7%

% with exploit

0.9%

Top vendors

google 11,935
adobe 5,775
mozilla 5,495
ibm 5,231
ffmpeg 3,379
oracle 3,057
apple 2,597
cisco 2,092

Top products

chrome 11,665
ffmpeg 3,379
seamonkey 2,231
acrobat_reader 1,911
acrobat 1,909
itunes 1,678
firefox 1,634
moodle 1,560

Top packages

Packagist/moodle/moodle 55
PyPI/plone 47
RubyGems/actionpack 27
Packagist/typo3/cms-core 23
Packagist/typo3/cms 19
Maven/org.jenkins-ci.main:jenkins-core 18
RubyGems/activerecord 17
RubyGems/rack 17

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2013-6282	unknown	—	2.5	4y ago	The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the conten…
CVE-2013-2094	unknown	—	1.5	4y ago	The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open …
CVE-2013-2596	unknown	—	1.5	4y ago	Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to crea…
CVE-2013-2251	unknown	—	1.5	4y ago	Code injection in Apache Struts