CVEs from 2012
Total
5,235
critical
critical 963
high
high 747
medium
medium 2,885
low
low 530
% Critical
18.4%
% with KEV
0.4%
% with exploit
0.5%
Top vendors
Top products
- chrome 7,005
- safari 6,451
- itunes 4,416
- firefox 4,272
- seamonkey 3,619
- opera_browser 3,599
- mysql 2,827
- thunderbird 2,165
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2012-3748 | medium | — | 6.1 | 14y ago | Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Jav… | |
| CVE-2012-1854 | unknown | — | 1.5 | 2mo ago | Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution. | |
| CVE-2012-4792 | unknown | — | 1.5 | 2y ago | Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote attacker to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not p… | |
| CVE-2012-0767 | unknown | — | 1.5 | 4y ago | Adobe Flash Player contains a XSS vulnerability that allows remote attackers to inject web script or HTML. | |
| CVE-2012-0754 | unknown | — | 1.5 | 4y ago | Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS). | |
| CVE-2012-0151 | unknown | — | 1.5 | 4y ago | The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remo… | |
| CVE-2012-5054 | unknown | — | 1.5 | 4y ago | Adobe Flash Player contains an integer overflow vulnerability that allows remote attackers to execute code via malformed arguments. | |
| CVE-2012-4969 | unknown | — | 1.5 | 4y ago | Microsoft Internet Explorer contains a use-after-free vulnerability that allows remote attackers to execute code via a crafted web site. | |
| CVE-2012-1889 | unknown | — | 1.5 | 4y ago | Microsoft XML Core Services contains a memory corruption vulnerability which could allow for remote code execution. | |
| CVE-2012-1710 | unknown | — | 1.5 | 4y ago | Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote attackers to affect confidentiality, integrity, and availability via Unknown ve… | |
| CVE-2012-0391 | unknown | — | 1.5 | 4y ago | The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution. | |
| CVE-2012-2539 | unknown | — | 1.5 | 4y ago | Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data. | |
| CVE-2012-2034 | unknown | — | 1.5 | 4y ago | Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-service (DoS). | |
| CVE-2012-0518 | unknown | — | 1.5 | 4y ago | Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors | |
| CVE-2012-5076 | unknown | — | 1.5 | 4y ago | The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet coul… | |
| CVE-2012-1823 | unknown | — | 1.5 | 4y ago | sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code. | |
| CVE-2012-1723 | unknown | — | 1.5 | 4y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related … | |
| CVE-2012-4681 | unknown | — | 1.5 | 4y ago | The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution. | |
| CVE-2012-1535 | unknown | — | 1.5 | 4y ago | Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content. | |
| CVE-2012-1856 | unknown | — | 1.5 | 4y ago | The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers syst… | |
| CVE-2012-0507 | unknown | — | 1.5 | 4y ago | An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code. | |
| CVE-2012-3152 | unknown | — | 1.5 | 5y ago | Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems. | |
| CVE-2012-0158 | unknown | — | 1.5 | 5y ago | Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the context of the curren… | |
| CVE-2012-1096 | unknown | — | 1.0 | — |