Search
On this page ▾

KEV 2014

34 CISA Known Exploited Vulnerabilities from 2014

Critical 9

July 2025

CVE-2014-3931

Looking Glass Multi-Router Looking Glass (MRLG) — Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability

CVSS 9.8

September 2024

CVE-2014-0497

Adobe Flash Player — Adobe Flash Player Integer Underflow Vulnerablity

CVSS 9.8

September 2023

CVE-2014-8361

Realtek SDK — Realtek SDK Improper Input Validation Vulnerability

CVSS 9.8

May 2022

CVE-2014-0546

Adobe Reader and Acrobat — Adobe Reader and Acrobat Sandbox Bypass Vulnerability

CVSS 9.8

April 2022

CVE-2014-0780

InduSoft Web Studio — InduSoft Web Studio NTWebServer Directory Traversal Vulnerability

CVSS 9.8

March 2022

CVE-2014-6287

Rejetto HTTP File Server (HFS) — Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability

CVSS 9.8

January 2022

CVE-2014-1776

Microsoft Internet Explorer — Microsoft Internet Explorer Memory Corruption Vulnerability

CVSS 9.8
CVE-2014-6271

GNU Bash 'Shellshock' — Environment Variable Function Definition Parsing Allows Remote Code Execution via CGI, DHCP, and SSH

CVSS 9.8
CVE-2014-7169

GNU Bourne-Again Shell (Bash) — GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability

CVSS 9.8

High 23

October 2025

CVE-2014-6278

GNU GNU Bash — GNU Bash OS Command Injection Vulnerability

CVSS 8.8

September 2024

CVE-2014-0502

Adobe Flash Player — Adobe Flash Player Double Free Vulnerablity

CVSS 8.8

May 2024

CVE-2014-100005

D-Link DIR-600 Router — D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability

CVSS 8.8

May 2022

CVE-2014-2817

Microsoft Internet Explorer — Microsoft Internet Explorer Privilege Escalation Vulnerability

CVSS 8.8
CVE-2014-4123

Microsoft Internet Explorer — Microsoft Internet Explorer Privilege Escalation Vulnerability

CVSS 8.8
CVE-2014-4148

Microsoft Windows — Microsoft Windows Remote Code Execution Vulnerability

CVSS 8.8
CVE-2014-8439

Adobe Flash Player — Adobe Flash Player Dereferenced Pointer Vulnerability

CVSS 8.8
CVE-2014-0322

Microsoft Internet Explorer — Microsoft Internet Explorer Use-After-Free Vulnerability

CVSS 8.8
CVE-2014-3153

Linux Kernel — Linux Kernel Privilege Escalation Vulnerability

CVSS 7.8
CVE-2014-4077

Microsoft Input Method Editor (IME) Japanese — Microsoft IME Japanese Privilege Escalation Vulnerability

CVSS 7.8
CVE-2014-4113

Microsoft Win32k — Microsoft Win32k Privilege Escalation Vulnerability

CVSS 7.8
CVE-2014-0160

OpenSSL 'Heartbleed' — TLS Heartbeat Extension Bounds Check Missing Allows Server Memory Read Without Authentication

CVSS 7.5

April 2022

CVE-2014-9163

Adobe Flash Player — Adobe Flash Player Stack-Based Buffer Overflow Vulnerability

CVSS 7.8

March 2022

CVE-2014-6324

Microsoft Kerberos Key Distribution Center (KDC) — Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability

CVSS 8.8
CVE-2014-6332

Microsoft Windows — Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability

CVSS 8.8
CVE-2014-0496

Adobe Reader and Acrobat — Adobe Reader and Acrobat Use-After-Free Vulnerability

CVSS 8.8
CVE-2014-3120

Elastic Elasticsearch — Elasticsearch Remote Code Execution Vulnerability

CVSS 8.1
CVE-2014-4114

Microsoft Windows — Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability

CVSS 7.8
CVE-2014-0130

Rails Ruby on Rails — Ruby on Rails Directory Traversal Vulnerability

CVSS 7.5

February 2022

CVE-2014-6352

Microsoft Windows — Microsoft Windows Code Injection Vulnerability

CVSS 7.8
CVE-2014-1761

Microsoft Word — Microsoft Word Memory Corruption Vulnerability

CVSS 7.8
CVE-2014-4404

Apple OS X — Apple OS X Heap-Based Buffer Overflow Vulnerability

CVSS 7.8

November 2021

CVE-2014-1812

Microsoft Windows — Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability

CVSS 8.8

Medium 2

November 2024

CVE-2014-2120

Cisco Adaptive Security Appliance (ASA) — Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability

CVSS 6.1

May 2023

CVE-2014-0196

Linux Kernel — Linux Kernel Race Condition Vulnerability

CVSS 5.5
Gavin Hollinger & AI assembled this air-gap friendly HTML