Search
On this page ▾

KEV 2009

13 CISA Known Exploited Vulnerabilities from 2009

Critical 1

March 2022

CVE-2009-1151

phpMyAdmin phpMyAdmin — phpMyAdmin Remote Code Execution Vulnerability

CVSS 9.8

High 10

April 2026

CVE-2009-0238

Microsoft Excel — Remote Code Execution via Invalid Object Access (17-Year-Old Zero-Day)

CVSS 8.8

January 2026

CVE-2009-0556

Microsoft Office — Microsoft Office PowerPoint Code Injection Vulnerability

CVSS 8.8

June 2022

CVE-2009-3953

Adobe Acrobat and Reader — Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability

CVSS 8.8
CVE-2009-0557

Microsoft Office — Microsoft Office Object Record Corruption Vulnerability

CVSS 7.8
CVE-2009-0563

Microsoft Office — Microsoft Office Buffer Overflow Vulnerability

CVSS 7.8
CVE-2009-1862

Adobe Acrobat and Reader, Flash Player — Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability

CVSS 7.8
CVE-2009-4324

Adobe Acrobat and Reader — Adobe Acrobat and Reader Use-After-Free Vulnerability

CVSS 7.8

March 2022

CVE-2009-0927

Adobe Reader and Acrobat — Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability

CVSS 8.8
CVE-2009-1123

Microsoft Windows — Microsoft Windows Improper Input Validation Vulnerability

CVSS 7.8
CVE-2009-3129

Microsoft Excel — Microsoft Excel Featheader Record Memory Corruption Vulnerability

CVSS 7.8

Medium 2

March 2022

CVE-2009-3960

Adobe BlazeDS — Adobe BlazeDS Information Disclosure Vulnerability

CVSS 6.5
CVE-2009-2055

Cisco IOS XR — Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability

CVSS 5.9
Gavin Hollinger & AI assembled this air-gap friendly HTML