CVEs from 2012
Total
5,194
critical
critical 962
high
high 747
medium
medium 2,886
low
low 530
% Critical
18.5%
% with KEV
0.4%
% with exploit
16.8%
Top vendors
Top products
- chrome 7,005
- safari 6,451
- itunes 4,416
- firefox 4,272
- seamonkey 3,619
- opera_browser 3,599
- mysql 2,827
- thunderbird 2,165
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-4792 | unknown | — | 2.5 | 2y ago | Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote attacker to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not p… | |||
| CVE-2012-0754 | unknown | — | 2.5 | 4y ago | Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS). | |||
| CVE-2012-1889 | unknown | — | 2.5 | 4y ago | Microsoft XML Core Services contains a memory corruption vulnerability which could allow for remote code execution. | |||
| CVE-2012-4969 | unknown | — | 2.5 | 4y ago | Microsoft Internet Explorer contains a use-after-free vulnerability that allows remote attackers to execute code via a crafted web site. | |||
| CVE-2012-0391 | unknown | — | 2.5 | 4y ago | The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution. | |||
| CVE-2012-5076 | unknown | — | 2.5 | 4y ago | The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet coul… | |||
| CVE-2012-1823 | unknown | — | 2.5 | 4y ago | sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code. | |||
| CVE-2012-1723 | unknown | — | 2.5 | 4y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related … | |||
| CVE-2012-4681 | unknown | — | 2.5 | 4y ago | The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution. | |||
| CVE-2012-0507 | unknown | — | 2.5 | 4y ago | An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code. | |||
| CVE-2012-1535 | unknown | — | 2.5 | 4y ago | Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content. | |||
| CVE-2012-3152 | unknown | — | 2.5 | 5y ago | Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems. | |||
| CVE-2012-0158 | unknown | — | 2.5 | 5y ago | Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the context of the curren… | |||
| CVE-2012-10024 | unknown | — | 1.0 | 10mo ago | XBMC version 11.0 contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to properly sanitize URI input, allowing authentic… | |||
| CVE-2012-10026 | unknown | — | 1.0 | 10mo ago | The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary file upload vulnerability in upload.php. The endpoint fails to properly validate and restrict uploaded f… | |||
| CVE-2012-1592 | unknown | — | 1.0 | 4y ago | Unrestricted Upload of File with Dangerous Type in Apache Struts2 |