CVEs from 2012

5,235 normalized CVEs published or assigned in this year.

Total

5,235

critical

critical 963

high

high 747

medium

medium 2,885

low

low 530

% Critical

18.4%

% with KEV

0.4%

% with exploit

0.5%

Top vendors

apple 11,954
mozilla 11,832
google 7,285
adobe 6,218
oracle 3,703
opera 3,601
ibm 2,977
ffmpeg 1,890

Top products

chrome 7,005
safari 6,451
itunes 4,416
firefox 4,272
seamonkey 3,619
opera_browser 3,599
mysql 2,827
thunderbird 2,165

Top packages

PyPI/plone 61
Packagist/typo3/cms 46
Packagist/moodle/moodle 30
RubyGems/actionpack 27
RubyGems/puppet 24
Maven/org.jenkins-ci.main:jenkins-core 16
Maven/org.apache.tomcat:tomcat 15
RubyGems/activerecord 15

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2012-1157	unknown	—	—	4y ago	Moodle default permissions too permissive
CVE-2012-1156	unknown	—	—	4y ago	Moodle backs up private files
CVE-2012-0051	unknown	—	—	4y ago	Tahoe-LAFS fails to ensure integrity
CVE-2012-2945	unknown	—	—	4y ago	Hadoop symlink vulnerability
CVE-2012-5577	unknown	—	—	6y ago	Python keyring lib before 0.10 created keyring files with world-readable permissions.
CVE-2012-5578	unknown	—	—	6y ago	Python keyring has insecure permissions on new databases allowing world-readable files to be created
CVE-2012-5085	unknown	—	—	14y ago	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows…
CVE-2012-0547	unknown	—	—	14y ago	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT …
CVE-2012-6685	unknown	—	—	14y ago	Nokogiri before 1.5.4 is vulnerable to XXE attacks
CVE-2012-6135	unknown	—	—	15y ago	RubyGems passenger gem allows remote attackers to delete files